"-Synchronized-Data."

2024/11xxx/CVE-2024-11023.json

@@ -1,18 +1,82 @@
 {
+    "data_version": "4.0",
     "data_type": "CVE",
     "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2024-11023",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "security@google.com",
+        "STATE": "PUBLIC"
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Firebase JavaScript SDK utilizes a \"FIREBASE_DEFAULTS\" cookie to store configuration data, including an \"_authTokenSyncURL\" field used for session synchronization.  If this cookie field is preset via an attacker by any other method, the attacker can manipulate the \"_authTokenSyncURL\" to point to their own server and it would allow am actor to capture user session data transmitted by the SDK. We recommend upgrading Firebase JS SDK at least to 10.9.0."
             }
         ]
-    }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
+                        "cweId": "CWE-79"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Firebase",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "JavaScript SDK",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "0",
+                                            "version_value": "10.9.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/firebase/firebase-js-sdk/pull/8056",
+                "refsource": "MISC",
+                "name": "https://github.com/firebase/firebase-js-sdk/pull/8056"
+            },
+            {
+                "url": "https://firebase.google.com/support/release-notes/js#version_1090_-_march_14_2024",
+                "refsource": "MISC",
+                "name": "https://firebase.google.com/support/release-notes/js#version_1090_-_march_14_2024"
+            }
+        ]
+    },
+    "generator": {
+        "engine": "Vulnogram 0.2.0"
+    },
+    "source": {
+        "discovery": "EXTERNAL"
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "El Mehdi Mrhassel"
+        }
+    ]
 }

2024/21xxx/CVE-2024-21534.json

@@ -11,7 +11,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node.\r\r**Note:**\r\rThere was an attempt to fix it in version [10.0.0](https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)."
+                "value": "All versions of the package jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node.\r\r**Note:**\r\rThere were several attempts to fix it in versions [10.0.0-10.1.0](https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)."
             }
         ]
     },
@@ -42,7 +42,7 @@
                                         {
                                             "version_affected": "<",
                                             "version_name": "0",
-                                            "version_value": "10.0.7"
+                                            "version_value": "*"
                                         }
                                     ]
                                 }
@@ -78,19 +78,14 @@
                 "name": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8185019"
             },
             {
-                "url": "https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3",
+                "url": "https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0",
                 "refsource": "MISC",
-                "name": "https://github.com/JSONPath-Plus/JSONPath/commit/6b2f1b4c234292c75912b790bf7e2d7339d4ccd3"
+                "name": "https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0"
             },
             {
                 "url": "https://github.com/JSONPath-Plus/JSONPath/issues/226",
                 "refsource": "MISC",
                 "name": "https://github.com/JSONPath-Plus/JSONPath/issues/226"
-            },
-            {
-                "url": "https://github.com/JSONPath-Plus/JSONPath/commit/b70aa713553caf838a63bac923195a5bc541fd72",
-                "refsource": "MISC",
-                "name": "https://github.com/JSONPath-Plus/JSONPath/commit/b70aa713553caf838a63bac923195a5bc541fd72"
             }
         ]
     },