admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-01-23 16:00:33 +00:00
parent 53f75bf5e3
commit 0a7bf53182
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
21 changed files with 785 additions and 569 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
2019/20xxx/CVE-2019-20923.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-11-30T14:00:00.000Z",
"ID": "CVE-2019-20923",
"STATE": "PUBLIC",
"TITLE": "Crash while handling internal Javascript exception types"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals. This issue affects MongoDB Server v4.0 versions prior to 4.0.7.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-749 Exposed Dangerous Method or Function",
"cweId": "CWE-749"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -25,64 +48,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.7."
"url": "https://jira.mongodb.org/browse/SERVER-39481",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-39481"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-749 Exposed Dangerous Method or Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mongodb.org/browse/SERVER-39481",
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-39481"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}

101
2019/20xxx/CVE-2019-20924.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-12-01T14:00:00.000Z",
"ID": "CVE-2019-20924",
"STATE": "PUBLIC",
"TITLE": " Invariant in IndexBoundsBuilder"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder. This issue affects MongoDB Server v4.2 versions prior to 4.2.2.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-394 Unexpected Status Code or Return Value",
"cweId": "CWE-394"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -25,64 +48,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder. This issue affects: MongoDB Inc. MongoDB Server v4.2 versions prior to 4.2.2."
"url": "https://jira.mongodb.org/browse/SERVER-44377",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-44377"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-394 Unexpected Status Code or Return Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mongodb.org/browse/SERVER-44377",
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-44377"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}

101
2019/20xxx/CVE-2019-20925.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-11-24T17:00:00.000Z",
"ID": "CVE-2019-20925",
"STATE": "PUBLIC",
"TITLE": "Denial of service via malformed network packet"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13; MongoDB Server v3.6 versions prior to 3.6.15 and MongoDB Server v3.4 versions prior to 3.4.24.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-839: Numeric Range Comparison Without Minimum Check",
"cweId": "CWE-839"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -40,64 +63,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects: MongoDB Inc. MongoDB Server v4.2 versions prior to 4.2.1; v4.0 versions prior to 4.0.13; v3.6 versions prior to 3.6.15; v3.4 versions prior to 3.4.24."
"url": "https://jira.mongodb.org/browse/SERVER-43751",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-43751"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-839: Numeric Range Comparison Without Minimum Check"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jira.mongodb.org/browse/SERVER-43751",
"name": "https://jira.mongodb.org/browse/SERVER-43751"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}

4
2020/7xxx/CVE-2020-7921.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action. This issue affects: MongoDB Inc. MongoDB Server 4.2 versions prior to 4.2.3; 4.0 versions prior to 4.0.15; 4.3 versions prior to 4.3.3; 3.6 versions prior to 3.6.18.\n\n"
"value": "\nImproper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action. This issue affects MongoDB Server v4.2 versions prior to 4.2.3; MongoDB Server v4.0 versions prior to 4.0.15; MongoDB Server v4.3 versions prior to 4.3.3and MongoDB Server v3.6 versions prior to 3.6.18.\n\n\n\n"
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "CWE-182",
"value": "CWE-182: Collapse of Data into Unsafe Value",
"cweId": "CWE-182"
}
]

103
2020/7xxx/CVE-2020-7922.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-04-09T00:00:00.000Z",
"ID": "CVE-2020-7922",
"STATE": "PUBLIC",
"TITLE": "Kubernetes Operator generates potentially insecure certificates"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X.509 authentication, and those who do not use the Operator to generate their X.509 certificates are unaffected. This issue affects MongoDB Enterprise Kubernetes Operator version 1.0, MongoDB Enterprise Kubernetes Operator version 1.1, MongoDB Enterprise Kubernetes Operator version 1.2 versions prior to 1.2.4, MongoDB Enterprise Kubernetes Operator version 1.3 versions prior to 1.3.1, 1.2, 1.4 versions prior to 1.4.4.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation",
"cweId": "CWE-295"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -18,12 +41,10 @@
"version_data": [
{
"version_affected": "=",
"version_name": "1.0",
"version_value": "1.0"
},
{
"version_affected": "=",
"version_name": "1.1",
"version_value": "1.1"
},
{
@ -45,64 +66,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X.509 authentication, and those who do not use the Operator to generate their X.509 certificates are unaffected. This issue affects: MongoDB Inc. MongoDB Enterprise Kubernetes Operator version 1.0, 1.1, 1.2 versions prior to 1.2.4, 1.3 versions prior to 1.3.1, 1.2, 1.4 versions prior to 1.4.4."
"url": "https://github.com/mongodb/mongodb-enterprise-kubernetes/releases/tag/1.2.5",
"refsource": "MISC",
"name": "https://github.com/mongodb/mongodb-enterprise-kubernetes/releases/tag/1.2.5"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mongodb/mongodb-enterprise-kubernetes/releases/tag/1.2.5",
"refsource": "CONFIRM",
"url": "https://github.com/mongodb/mongodb-enterprise-kubernetes/releases/tag/1.2.5"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}
}

101
2020/7xxx/CVE-2020-7923.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-08-21T14:40:00.000Z",
"ID": "CVE-2020-7923",
"STATE": "PUBLIC",
"TITLE": "Specific GeoQuery can cause DoS against MongoDB Server"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc7; MongoDB Server v4.2 versions prior to 4.2.8 and MongoDB Server v4.0 versions prior to 4.0.19.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions",
"cweId": "CWE-755"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -35,67 +58,45 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.0-rc7; v4.2 versions prior to 4.2.8; v4.0 versions prior to 4.0.19."
"url": "https://jira.mongodb.org/browse/SERVER-47773",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-47773"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jira.mongodb.org/browse/SERVER-47773",
"name": "https://jira.mongodb.org/browse/SERVER-47773"
}
]
},
"source": {
"defect": [
"SECURITY-658"
],
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}

101
2020/7xxx/CVE-2020-7925.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-11-30T14:00:00.000Z",
"ID": "CVE-2020-7925",
"STATE": "PUBLIC",
"TITLE": "Denial of Service when processing malformed Role names"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially crafted request to cause a denial of service. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc12; MongoDB Server v4.2 versions prior to 4.2.9.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-475 Undefined Behavior for Input to API",
"cweId": "CWE-475"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -30,64 +53,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially crafted request to cause a denial of service. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.0-rc12; v4.2 versions prior to 4.2.9."
"url": "https://jira.mongodb.org/browse/SERVER-49142",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-49142"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-475 Undefined Behavior for Input to API"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mongodb.org/browse/SERVER-49142",
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-49142"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}

101
2020/7xxx/CVE-2020-7926.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-11-30T14:00:00.000Z",
"ID": "CVE-2020-7926",
"STATE": "PUBLIC",
"TITLE": "Specific query can cause a DoS against MongoDB Server"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may cause denial of service by issuing a specially crafted query which violates an invariant in the server selection subsystem. This issue affects MongoDB Server v4.4 versions prior to 4.4.1. Versions before 4.4 are not affected.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions",
"cweId": "CWE-755"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -25,64 +48,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may cause denial of service by issuing a specially crafted query which violates an invariant in the server selection subsystem. This issue affects: MongoDB Server version 4.4 prior to 4.4.1. Versions before 4.4 are not affected."
"url": "https://jira.mongodb.org/browse/SERVER-50170",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-50170"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mongodb.org/browse/SERVER-50170",
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-50170"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}

101
2020/7xxx/CVE-2020-7927.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-11-30T14:00:00.000Z",
"ID": "CVE-2020-7927",
"STATE": "PUBLIC",
"TITLE": "Potential privilege escalation in Ops Manager API"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Specially crafted API calls may allow an authenticated user who holds Organization Owner privilege to obtain an API key with Global Role privilege. This issue affects MongoDB Ops Manager v4.2 versions prior to and including 4.2.17, MongoDB Ops Manager v4.3 versions prior to and including 4.3.9 and MongoDB Ops Manager v4.4 versions prior to and including 4.4.2.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-648: Incorrect Use of Privileged APIs",
"cweId": "CWE-648"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -35,64 +58,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "Specially crafted API calls may allow an authenticated user who holds Organization Owner privilege to obtain an API key with Global Role privilege. This issue affects MongoDB Ops Manager v4.2 versions 4.2.0-4.2.17, v4.3 versions 4.3.0-4.3.9 and v4.4 versions 4.4.0-4.4.2."
"url": "https://www.mongodb.com/docs/ops-manager/current/release-notes/application/#onprem-server-4.4.3",
"refsource": "MISC",
"name": "https://www.mongodb.com/docs/ops-manager/current/release-notes/application/#onprem-server-4.4.3"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-648: Incorrect Use of Privileged APIs"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.opsmanager.mongodb.com/current/release-notes/application/#onprem-server-4-4-3",
"refsource": "CONFIRM",
"url": "https://docs.opsmanager.mongodb.com/current/release-notes/application/#onprem-server-4-4-3"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}

103
2020/7xxx/CVE-2020-7928.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2020-11-23T17:20:00.000Z",
"ID": "CVE-2020-7928",
"STATE": "PUBLIC",
"TITLE": "Improper neutralization of null byte leads to read overrun"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. This issue affects MongoDB Server v4.4 versions prior to 4.4.1; MongoDB Server v4.2 versions prior to 4.2.9; MongoDB Server v4.0 versions prior to 4.0.20 and MongoDB Server v3.6 versions prior to 3.6.20.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-158: Improper Neutralization of Null Byte or NUL Character",
"cweId": "CWE-158"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -40,64 +63,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.1; v4.2 versions prior to 4.2.9; v4.0 versions prior to 4.0.20; v3.6 versions prior to 3.6.20."
"url": "https://jira.mongodb.org/browse/SERVER-49404",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-49404"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-158: Improper Neutralization of Null Byte or NUL Character"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jira.mongodb.org/browse/SERVER-49404",
"name": "https://jira.mongodb.org/browse/SERVER-49404"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}
}
}

101
2020/7xxx/CVE-2020-7929.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2021-02-26T17:00:00.000Z",
"ID": "CVE-2020-7929",
"STATE": "PUBLIC",
"TITLE": "Specially crafted regex query can cause DoS"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue affects MongoDB Server v3.6 versions prior to 3.6.21 and MongoDB Server v4.0 versions prior to 4.0.20.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-185 Incorrect Regular Expression",
"cweId": "CWE-185"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -30,64 +53,42 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.21 and MongoDB Server v4.0 versions prior to 4.0.20."
"url": "https://jira.mongodb.org/browse/SERVER-51083",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-51083"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-185 Incorrect Regular Expression"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jira.mongodb.org/browse/SERVER-51083",
"name": "https://jira.mongodb.org/browse/SERVER-51083"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}

113
2021/20xxx/CVE-2021-20326.json
View File

@ -1,15 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"DATE_PUBLIC": "2021-04-30T16:00:00.000Z",
"ID": "CVE-2021-20326",
"STATE": "PUBLIC",
"TITLE": "Specially crafted query may result in a denial of service of mongod"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user authorized to performing a specific type of find query may trigger a denial of service. This issue affects MongoDB Server v4.4 versions prior to 4.4.4.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
@ -25,70 +48,48 @@
}
}
]
},
"vendor_name": "MongoDB Inc."
}
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Adrien Petel"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "A user authorized to performing a specific type of find query may trigger a denial of service. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.4."
"url": "https://jira.mongodb.org/browse/SERVER-53929",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-53929"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jira.mongodb.org/browse/SERVER-53929",
"name": "https://jira.mongodb.org/browse/SERVER-53929"
}
]
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Adrien Petel"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}

89
2023/49xxx/CVE-2023-49657.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49657",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stored cross-site scripting (XSS) vulnerability exists in Apache Superset before 3.0.3.\u00a0An authenticated attacker with create/update permissions on charts or dashboards could store a script or add a specific HTML snippet that would act as a stored XSS.\n\nFor 2.X versions, users should change their config to include:\n\nTALISMAN_CONFIG = {\n\u00a0 \u00a0 \"content_security_policy\": {\n\u00a0 \u00a0 \u00a0 \u00a0 \"base-uri\": [\"'self'\"],\n\u00a0 \u00a0 \u00a0 \u00a0 \"default-src\": [\"'self'\"],\n\u00a0 \u00a0 \u00a0 \u00a0 \"img-src\": [\"'self'\", \"blob:\", \"data:\"],\n\u00a0 \u00a0 \u00a0 \u00a0 \"worker-src\": [\"'self'\", \"blob:\"],\n\u00a0 \u00a0 \u00a0 \u00a0 \"connect-src\": [\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \"'self'\",\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \" https://api.mapbox.com\" https://api.mapbox.com\" ;,\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \" https://events.mapbox.com\" https://events.mapbox.com\" ;,\n\u00a0 \u00a0 \u00a0 \u00a0 ],\n\u00a0 \u00a0 \u00a0 \u00a0 \"object-src\": \"'none'\",\n\u00a0 \u00a0 \u00a0 \u00a0 \"style-src\": [\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \"'self'\",\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \"'unsafe-inline'\",\n\u00a0 \u00a0 \u00a0 \u00a0 ],\n\u00a0 \u00a0 \u00a0 \u00a0 \"script-src\": [\"'self'\", \"'strict-dynamic'\"],\n\u00a0 \u00a0 },\n\u00a0 \u00a0 \"content_security_policy_nonce_in\": [\"script-src\"],\n\u00a0 \u00a0 \"force_https\": False,\n\u00a0 \u00a0 \"session_cookie_secure\": False,\n}\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache Superset",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "3.0.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://lists.apache.org/thread/wjyvz8om9nwd396lh0bt156mtwjxpsvx",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/wjyvz8om9nwd396lh0bt156mtwjxpsvx"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Nick Barnes, Praetorian Security Inc."
},
{
"lang": "en",
"value": "Amit Laish \u2013 GE Vernova"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
]
}

18
2024/0xxx/CVE-2024-0826.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0826",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

8
2024/23xxx/CVE-2024-23854.json
View File

@ -1,17 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23854",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve-coordination@incibe.es",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** This CVE ID was unused by the CNA."
}
]
}

18
2024/23xxx/CVE-2024-23912.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23912",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/23xxx/CVE-2024-23913.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23913",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/23xxx/CVE-2024-23914.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23914",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/23xxx/CVE-2024-23915.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23915",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/23xxx/CVE-2024-23916.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23916",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/23xxx/CVE-2024-23917.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-23917",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}