admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-05-02 22:01:25 +00:00
parent c665b441c5
commit 1682df1900
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
2 changed files with 94 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/36xxx/CVE-2020-36518.json
View File

@ -61,6 +61,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220502 [SECURITY] [DLA 2990-1] jackson-databind security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html"
}
]
}

95
2022/24xxx/CVE-2022-24897.json
View File

@ -1,18 +1,101 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24897",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Arbitrary filesystem write access from Velocity"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xwiki-commons",
"version": {
"version_data": [
{
"version_value": ">= 2.3, < 12.6.7"
},
{
"version_value": "12.7-rc-1, < 12.10.3"
}
]
}
}
]
},
"vendor_name": "xwiki"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. Starting with version 2.3 and prior to 12.6.7, 12.10.3, and 13.0, the velocity scripts are not properly sandboxed against using the Java File API to perform read or write operations on the filesystem. Writing an attacking script in Velocity requires the Script rights in XWiki so not all users can use it, and it also requires finding an XWiki API which returns a File. The problem has been patched in versions 12.6.7, 12.10.3, and 13.0. There is no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-cvx5-m8vg-vxgc",
"refsource": "CONFIRM",
"url": "https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-cvx5-m8vg-vxgc"
},
{
"name": "https://github.com/xwiki/xwiki-commons/pull/127",
"refsource": "MISC",
"url": "https://github.com/xwiki/xwiki-commons/pull/127"
},
{
"name": "https://github.com/xwiki/xwiki-commons/commit/215951cfb0f808d0bf5b1097c9e7d1e503449ab8",
"refsource": "MISC",
"url": "https://github.com/xwiki/xwiki-commons/commit/215951cfb0f808d0bf5b1097c9e7d1e503449ab8"
},
{
"name": "https://jira.xwiki.org/browse/XWIKI-5168",
"refsource": "MISC",
"url": "https://jira.xwiki.org/browse/XWIKI-5168"
}
]
},
"source": {
"advisory": "GHSA-cvx5-m8vg-vxgc",
"discovery": "UNKNOWN"
}
}