From 11c3178f0f113d8b46a7fc59cab93174b7a81bec Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 28 Mar 2025 15:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/39xxx/CVE-2024-39311.json | 58 ++++++++++++++-- 2024/48xxx/CVE-2024-48615.json | 61 +++++++++++++++-- 2025/29xxx/CVE-2025-29928.json | 85 ++++++++++++++++++++++-- 2025/2xxx/CVE-2025-2877.json | 79 ++++++++++++++++++++-- 2025/2xxx/CVE-2025-2901.json | 117 +++++++++++++++++++++++++++++++-- 2025/2xxx/CVE-2025-2930.json | 18 +++++ 2025/30xxx/CVE-2025-30211.json | 84 +++++++++++++++++++++-- 2025/30xxx/CVE-2025-30371.json | 70 ++++++++++++++++++-- 2025/30xxx/CVE-2025-30372.json | 58 ++++++++++++++-- 9 files changed, 596 insertions(+), 34 deletions(-) create mode 100644 2025/2xxx/CVE-2025-2930.json diff --git a/2024/39xxx/CVE-2024-39311.json b/2024/39xxx/CVE-2024-39311.json index 7b1788e687b..f1710aaefcb 100644 --- a/2024/39xxx/CVE-2024-39311.json +++ b/2024/39xxx/CVE-2024-39311.json @@ -1,18 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-39311", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Publify is a self hosted Web publishing platform on Rails. Prior to version 10.0.1 of Publify, corresponding to versions prior to 10.0.2 of the `publify_core` rubygem, publisher on a `publify` application is able to perform a cross-site scripting (XSS) attack on an administrator using the redirect functionality. The exploitation of this XSS vulnerability requires the administrator to click a malicious link. An attack could attempt to hide their payload by using HTML, or other encodings, as to not make it obvious to an administrator that this is a malicious link. A publisher may attempt to use this vulnerability to escalate their privileges and become an administrator. Version 10.0.1 of Publify and version 10.0.2 of the `publify_core` rubygem fix the issue." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "publify", + "product": { + "product_data": [ + { + "product_name": "publify", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 10.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q", + "refsource": "MISC", + "name": "https://github.com/publify/publify/security/advisories/GHSA-8fm5-gg2f-f66q" + } + ] + }, + "source": { + "advisory": "GHSA-8fm5-gg2f-f66q", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/48xxx/CVE-2024-48615.json b/2024/48xxx/CVE-2024-48615.json index e40aac3bb87..69c7bf11ee3 100644 --- a/2024/48xxx/CVE-2024-48615.json +++ b/2024/48xxx/CVE-2024-48615.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-48615", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-48615", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/libarchive/libarchive/releases/download/v3.7.6/libarchive-3.7.6.tar.gz", + "refsource": "MISC", + "name": "https://github.com/libarchive/libarchive/releases/download/v3.7.6/libarchive-3.7.6.tar.gz" + }, + { + "refsource": "MISC", + "name": "https://github.com/88Sanghy88/crash-test", + "url": "https://github.com/88Sanghy88/crash-test" } ] } diff --git a/2025/29xxx/CVE-2025-29928.json b/2025/29xxx/CVE-2025-29928.json index a3a8454341c..1a29a36b90c 100644 --- a/2025/29xxx/CVE-2025-29928.json +++ b/2025/29xxx/CVE-2025-29928.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-29928", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "authentik is an open-source identity provider. Prior to versions 2024.12.4 and 2025.2.3, when authentik was configured to use the database for session storage (which is a non-default setting), deleting sessions via the Web Interface or the API would not revoke the session and the session holder would continue to have access to authentik. authentik 2025.2.3 and 2024.12.4 fix this issue. Switching to the cache-based session storage until the authentik instance can be upgraded is recommended. This will however also delete all existing sessions and users will have to re-authenticate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-384: Session Fixation", + "cweId": "CWE-384" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "goauthentik", + "product": { + "product_data": [ + { + "product_name": "authentik", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 2024.12.4" + }, + { + "version_affected": "=", + "version_value": "< 2025.2.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/goauthentik/authentik/security/advisories/GHSA-p6p8-f853-9g2p", + "refsource": "MISC", + "name": "https://github.com/goauthentik/authentik/security/advisories/GHSA-p6p8-f853-9g2p" + }, + { + "url": "https://github.com/goauthentik/authentik/commit/71294b7deb6eb5726a782de83b957eaf25fc4cf6", + "refsource": "MISC", + "name": "https://github.com/goauthentik/authentik/commit/71294b7deb6eb5726a782de83b957eaf25fc4cf6" + } + ] + }, + "source": { + "advisory": "GHSA-p6p8-f853-9g2p", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2025/2xxx/CVE-2025-2877.json b/2025/2xxx/CVE-2025-2877.json index c33e45080e8..e8bbb36b3e1 100644 --- a/2025/2xxx/CVE-2025-2877.json +++ b/2025/2xxx/CVE-2025-2877.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2877", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to \"debug\", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any \"debug\" action in a rulebook and also affects Event Streams." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Debug Messages Revealing Unnecessary Information", + "cweId": "CWE-1295" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Ansible Automation Platform 2", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-2877", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2025-2877" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355540", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2355540" + } + ] + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2025/2xxx/CVE-2025-2901.json b/2025/2xxx/CVE-2025-2901.json index a2b748b8d5e..455e31090a9 100644 --- a/2025/2xxx/CVE-2025-2901.json +++ b/2025/2xxx/CVE-2025-2901.json @@ -1,17 +1,126 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2901", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scripts can execute in the context of users who view these pages, leading to potential data theft, session hijacking, or other malicious activities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat JBoss Enterprise Application Platform 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-2901", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2025-2901" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2355685" + } + ] + }, + "work_around": [ + { + "lang": "en", + "value": "Currently, no mitigation is available for this vulnerability." + } + ], + "credits": [ + { + "lang": "en", + "value": "Red Hat would like to thank \u0141ukasz Rupala for reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2025/2xxx/CVE-2025-2930.json b/2025/2xxx/CVE-2025-2930.json new file mode 100644 index 00000000000..74919f9cec6 --- /dev/null +++ b/2025/2xxx/CVE-2025-2930.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2930", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/30xxx/CVE-2025-30211.json b/2025/30xxx/CVE-2025-30211.json index 2c8a2beb0e0..5181ff5c7b2 100644 --- a/2025/30xxx/CVE-2025-30211.json +++ b/2025/30xxx/CVE-2025-30211.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-30211", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message. Big KEX init packet may lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data. Versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19 fix the issue. Some workarounds are available. One may set option `parallel_login` to `false` and/or reduce the `max_sessions` option." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-789: Memory Allocation with Excessive Size Value", + "cweId": "CWE-789" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "erlang", + "product": { + "product_data": [ + { + "product_name": "otp", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< OTP-27.3.1" + }, + { + "version_affected": "=", + "version_value": "< OTP-26.2.5.10" + }, + { + "version_affected": "=", + "version_value": "< OTP-25.3.2.19" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc", + "refsource": "MISC", + "name": "https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc" + } + ] + }, + "source": { + "advisory": "GHSA-vvr3-fjhh-cfwc", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2025/30xxx/CVE-2025-30371.json b/2025/30xxx/CVE-2025-30371.json index 98adfc79f0f..6f9695127a1 100644 --- a/2025/30xxx/CVE-2025-30371.json +++ b/2025/30xxx/CVE-2025-30371.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-30371", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Metabase is a business intelligence and embedded analytics tool. Versions prior to v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8 are vulnerable to circumvention of local link access protection in GeoJson endpoint. Self hosted Metabase instances that are using the GeoJson feature could be potentially impacted if their Metabase is colocated with other unsecured resources. This is fixed in v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8. Migrating to Metabase Cloud or redeploying Metabase in a dedicated subnet with strict outbound port controls is an available workaround." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "metabase", + "product": { + "product_data": [ + { + "product_name": "metabase", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.52.16.4" + }, + { + "version_affected": "=", + "version_value": "< 1.52.16.4" + }, + { + "version_affected": "=", + "version_value": "< 0.53.8" + }, + { + "version_affected": "=", + "version_value": "< 1.53.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/metabase/metabase/security/advisories/GHSA-8xf9-9jc8-qp98", + "refsource": "MISC", + "name": "https://github.com/metabase/metabase/security/advisories/GHSA-8xf9-9jc8-qp98" + } + ] + }, + "source": { + "advisory": "GHSA-8xf9-9jc8-qp98", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/30xxx/CVE-2025-30372.json b/2025/30xxx/CVE-2025-30372.json index 8a6b77a92af..b37020a6c3b 100644 --- a/2025/30xxx/CVE-2025-30372.json +++ b/2025/30xxx/CVE-2025-30372.json @@ -1,18 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-30372", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Emlog is an open source website building system. Emlog Pro versions pro-2.5.7 and pro-2.5.8 contain an SQL injection vulnerability. `search_controller.php` does not use addslashes after urldecode, allowing the preceeding addslashes to be bypassed by URL double encoding. This could result in potential leakage of sensitive information from the user database. Version pro-2.5.9 fixes the issue." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "emlog", + "product": { + "product_data": [ + { + "product_name": "emlog", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= pro-2.5.7, < pro-2.5.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/emlog/emlog/security/advisories/GHSA-w6xc-r6x5-m77c", + "refsource": "MISC", + "name": "https://github.com/emlog/emlog/security/advisories/GHSA-w6xc-r6x5-m77c" + } + ] + }, + "source": { + "advisory": "GHSA-w6xc-r6x5-m77c", + "discovery": "UNKNOWN" } } \ No newline at end of file