diff --git a/2023/4xxx/CVE-2023-4727.json b/2023/4xxx/CVE-2023-4727.json index e2c5dca03d4..190ff5a4c7f 100644 --- a/2023/4xxx/CVE-2023-4727.json +++ b/2023/4xxx/CVE-2023-4727.json @@ -35,6 +35,27 @@ "vendor_name": "Red Hat", "product": { "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:11.3.0-2.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Certificate System 10", "version": { @@ -108,6 +129,11 @@ }, "references": { "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:4051", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:4051" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4727", "refsource": "MISC", diff --git a/2023/6xxx/CVE-2023-6717.json b/2023/6xxx/CVE-2023-6717.json index cea58f359b6..f3c03d49c34 100644 --- a/2023/6xxx/CVE-2023-6717.json +++ b/2023/6xxx/CVE-2023-6717.json @@ -110,6 +110,139 @@ ] } }, + { + "product_name": "RHOSS-1.33-RHEL-8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-3", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Migration Toolkit for Applications 6", "version": { @@ -136,19 +269,6 @@ ] } }, - { - "product_name": "OpenShift Serverless", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unknown" - } - } - ] - } - }, { "product_name": "Red Hat build of Quarkus", "version": { @@ -366,6 +486,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:2945" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:4057", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:4057" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-6717", "refsource": "MISC", diff --git a/2024/1xxx/CVE-2024-1249.json b/2024/1xxx/CVE-2024-1249.json index 51373a3a6cc..970556cb474 100644 --- a/2024/1xxx/CVE-2024-1249.json +++ b/2024/1xxx/CVE-2024-1249.json @@ -194,6 +194,139 @@ ] } }, + { + "product_name": "RHOSS-1.33-RHEL-8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-3", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1.33.0-5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "RHSSO 7.6.8", "version": { @@ -233,19 +366,6 @@ ] } }, - { - "product_name": "OpenShift Serverless", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - }, { "product_name": "Red Hat Data Grid 8", "version": { @@ -492,6 +612,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:2945" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:4057", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:4057" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-1249", "refsource": "MISC", diff --git a/2024/4xxx/CVE-2024-4899.json b/2024/4xxx/CVE-2024-4899.json index e54a220708f..53cb289c21a 100644 --- a/2024/4xxx/CVE-2024-4899.json +++ b/2024/4xxx/CVE-2024-4899.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-4899", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The SEOPress WordPress plugin before 7.8 does not sanitise and escape some of its Post settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "SEOPress ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/15346ae9-9a29-4968-a6a9-81d1116ac448/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/15346ae9-9a29-4968-a6a9-81d1116ac448/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Dmirtii Ignatyev" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4900.json b/2024/4xxx/CVE-2024-4900.json index f8bf6a238d7..4fa852581b3 100644 --- a/2024/4xxx/CVE-2024-4900.json +++ b/2024/4xxx/CVE-2024-4900.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-4900", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The SEOPress WordPress plugin before 7.8 does not validate and escape one of its Post settings, which could allow contributor and above role to perform Open redirect attacks against any user viewing a malicious post" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "SEOPress ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/a56ad272-e2ed-4064-9b5d-114a834dd8b3/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/a56ad272-e2ed-4064-9b5d-114a834dd8b3/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Dmitrii Ignatyev" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file