admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-02-20 18:00:37 +00:00
parent a91bbef122
commit 1f805d2af2
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
19 changed files with 1121 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2023/45xxx/CVE-2023-45318.json
View File

@ -76,11 +76,6 @@
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1843",
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1843"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1843",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1843"
}
]
},

10
2023/47xxx/CVE-2023-47635.json
View File

@ -83,6 +83,16 @@
"url": "https://github.com/decidim/decidim/blob/3187bdfd40ea1c57c2c12512b09a7fec0b2bed08/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates_controller.rb#L11",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/blob/3187bdfd40ea1c57c2c12512b09a7fec0b2bed08/decidim-templates/app/controllers/decidim/templates/admin/questionnaire_templates_controller.rb#L11"
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.27.5",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/releases/tag/v0.27.5"
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.28.0",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/releases/tag/v0.28.0"
}
]
},

124
2023/48xxx/CVE-2023-48220.json
View File

@ -1,17 +1,133 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-48220",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Decidim is a participatory democracy framework. Starting in version 0.4.rc3 and prior to version 2.0.9 of the `devise_invitable` gem, the invites feature allows users to accept the invitation for an unlimited amount of time through the password reset functionality. This issue creates vulnerable dependencies starting in version 0.0.1.alpha3 and prior to versions 0.26.9, 0.27.5, and 0.28.0 of the `decidim,` `decidim-admin`, and `decidim-system` gems. When using the password reset functionality, the `devise_invitable` gem always accepts the pending invitation if the user has been invited. The only check done is if the user has been invited but the code does not ensure that the pending invitation is still valid as defined by the `invite_for` expiry period. Decidim sets this configuration to `2.weeks` so this configuration should be respected. The bug is in the `devise_invitable` gem and should be fixed there and the dependency should be upgraded in Decidim once the fix becomes available. `devise_invitable` to version `2.0.9` and above fix this issue. Versions 0.26.9, 0.27.5, and 0.28.0 of the `decidim,` `decidim-admin`, and `decidim-system` gems contain this fix. As a workaround, invitations can be cancelled directly from the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-672: Operation on a Resource after Expiration or Release",
"cweId": "CWE-672"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "decidim",
"product": {
"product_data": [
{
"product_name": "decidim",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 0.0.1.alpha3, < 0.26.9"
},
{
"version_affected": "=",
"version_value": ">= 0.27.0, < 0.27.5"
},
{
"version_affected": "=",
"version_value": " >= 0.4.rc3, < 2.0.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/decidim/decidim/security/advisories/GHSA-w3q8-m492-4pwp",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/security/advisories/GHSA-w3q8-m492-4pwp"
},
{
"url": "https://github.com/decidim/decidim/commit/073e60e2e4224dd81815a784002ebba30f2ebb34",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/commit/073e60e2e4224dd81815a784002ebba30f2ebb34"
},
{
"url": "https://github.com/decidim/decidim/commit/b12800717a689c295a9ea680a38ca9f823d2c454",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/commit/b12800717a689c295a9ea680a38ca9f823d2c454"
},
{
"url": "https://github.com/scambra/devise_invitable/commit/94d859c7de0829bf63f679ae5dd3cab2b866a098",
"refsource": "MISC",
"name": "https://github.com/scambra/devise_invitable/commit/94d859c7de0829bf63f679ae5dd3cab2b866a098"
},
{
"url": "https://github.com/decidim/decidim/blob/d2d390578050772d1bdb6d731395f1afc39dcbfc/decidim-core/config/initializers/devise.rb#L134",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/blob/d2d390578050772d1bdb6d731395f1afc39dcbfc/decidim-core/config/initializers/devise.rb#L134"
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.26.9",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/releases/tag/v0.26.9"
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.27.5",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/releases/tag/v0.27.5"
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.28.0",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/releases/tag/v0.28.0"
},
{
"url": "https://github.com/scambra/devise_invitable/blob/41f58970ff76fb64382a9b9ea1bd530f7c3adab2/lib/devise_invitable/models.rb#L198",
"refsource": "MISC",
"name": "https://github.com/scambra/devise_invitable/blob/41f58970ff76fb64382a9b9ea1bd530f7c3adab2/lib/devise_invitable/models.rb#L198"
}
]
},
"source": {
"advisory": "GHSA-w3q8-m492-4pwp",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}

101
2023/51xxx/CVE-2023-51447.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-51447",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Decidim is a participatory democracy framework. Starting in version 0.27.0 and prior to versions 0.27.5 and 0.28.0, the dynamic file upload feature is subject to potential cross-site scripting attacks in case the attacker manages to modify the file names of the records being uploaded to the server. This appears in sections where the user controls the file upload dialogs themselves and has the technical knowledge to change the file names through the dynamic upload endpoint. Therefore I believe it would require the attacker to control the whole session of the particular user but in any case, this needs to be fixed. Successful exploit of this vulnerability would require the user to have successfully uploaded a file blob to the server with a malicious file name and then have the possibility to direct the other user to the edit page of the record where the attachment is attached. The users are able to craft the direct upload requests themselves controlling the file name that gets stored to the database. The attacker is able to change the filename e.g. to `<svg onload=alert('XSS')>` if they know how to craft these requests themselves. And then enter the returned blob ID to the form inputs manually by modifying the edit page source. Versions 0.27.5 and 0.28.0 contain a patch for this issue. As a workaround, disable dynamic uploads for the instance, e.g. from proposals."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "decidim",
"product": {
"product_data": [
{
"product_name": "decidim",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 0.27.0, < 0.27.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/decidim/decidim/security/advisories/GHSA-9w99-78rj-hmxq",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/security/advisories/GHSA-9w99-78rj-hmxq"
},
{
"url": "https://github.com/decidim/decidim/pull/11612",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/pull/11612"
},
{
"url": "https://github.com/decidim/decidim/commit/aaf72787cf18beeeb6a771c1f7cbb7654b073423",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/commit/aaf72787cf18beeeb6a771c1f7cbb7654b073423"
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.27.5",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/releases/tag/v0.27.5"
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.28.0",
"refsource": "MISC",
"name": "https://github.com/decidim/decidim/releases/tag/v0.28.0"
},
{
"url": "https://github.com/rails/rails/blob/a967d355c6fee9ad9b8bd115d43bc8b0fc207e7e/activestorage/app/controllers/active_storage/direct_uploads_controller.rb#L14",
"refsource": "MISC",
"name": "https://github.com/rails/rails/blob/a967d355c6fee9ad9b8bd115d43bc8b0fc207e7e/activestorage/app/controllers/active_storage/direct_uploads_controller.rb#L14"
}
]
},
"source": {
"advisory": "GHSA-9w99-78rj-hmxq",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
}
]
}

5
2023/52xxx/CVE-2023-52251.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://github.com/BobTheShoplifter/CVE-2023-52251-POC",
"url": "https://github.com/BobTheShoplifter/CVE-2023-52251-POC"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/177214/Kafka-UI-0.7.1-Command-Injection.html",
"url": "http://packetstormsecurity.com/files/177214/Kafka-UI-0.7.1-Command-Injection.html"
}
]
}

92
2023/52xxx/CVE-2023-52433.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-52433",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_rbtree: skip sync GC for new elements in this transaction\n\nNew elements in this transaction might expired before such transaction\nends. Skip sync GC for such elements otherwise commit path might walk\nover an already released object. Once transaction is finished, async GC\nwill collect such expired element."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "f6c383b8c31a",
"version_value": "e3213ff99a35"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.5.4",
"lessThanOrEqual": "6.5.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e3213ff99a355cda811b41e8dbb3472d13167a3a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e3213ff99a355cda811b41e8dbb3472d13167a3a"
},
{
"url": "https://git.kernel.org/stable/c/2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4"
}
]
},
"generator": {
"engine": "bippy-294de6a28b09"
}
}

56
2024/0xxx/CVE-2024-0794.json
View File

@ -1,18 +1,66 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0794",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "hp-security-alert@hp.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HP Inc.",
"product": {
"product_data": [
{
"product_name": "Certain LaserJet Pro, HP Enterprise LaserJet, HP LaserJet Managed Printers",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "See HP Security Bulletin reference for affected versions."
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.hp.com/us-en/document/ish_10174031-10174074-16",
"refsource": "MISC",
"name": "https://support.hp.com/us-en/document/ish_10174031-10174074-16"
}
]
},
"generator": {
"engine": "cveClient/1.0.15"
}
}

18
2024/1xxx/CVE-2024-1677.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1677",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1678.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1678",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

139
2024/21xxx/CVE-2024-21678.json
View File

@ -1,17 +1,148 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-21678",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@atlassian.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center.\r\n\r\nThis Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction.\r\nData Center\r\n\r\nAtlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n||Affected versions||Fixed versions||\r\n|from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2|\r\n|from 8.6.0 to 8.6.1|8.8.0 recommended|\r\n|from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS|\r\n|from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS|\r\n|from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS|\r\n|from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS|\r\n|from 8.1.0 to 8.1.4|8.8.0 recommended or 8.5.6 LTS|\r\n|from 8.0.0 to 8.0.4|8.8.0 recommended or 8.5.6 LTS|\r\n|from 7.20.0 to 7.20.3|8.8.0 recommended or 8.5.6 LTS|\r\n|from 7.19.0 to 7.19.17 LTS|8.8.0 recommended or 8.5.6 LTS or 7.19.18 LTS or 7.19.19 LTS|\r\n|from 7.18.0 to 7.18.3|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|\r\n|from 7.17.0 to 7.17.5|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|\r\n|Any earlier versions|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS|\r\nServer\r\n\r\nAtlassian recommends that Confluence Server customers upgrade to the latest 8.5.x LTS version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n\r\n\u00a0\r\n||Affected versions||Fixed versions||\r\n|from 8.5.0 to 8.5.4 LTS|8.5.5 LTS or 8.5.6 LTS recommended\u00a0|\r\n|from 8.4.0 to 8.4.5|8.5.6 LTS recommended|\r\n|from 8.3.0 to 8.3.4|8.5.6 LTS recommended|\r\n|from 8.2.0 to 8.2.3|8.5.6 LTS recommended|\r\n|from 8.1.0 to 8.1.4|8.5.6 LTS recommended|\r\n|from 8.0.0 to 8.0.4|8.5.6 LTS recommended|\r\n|from 7.20.0 to 7.20.3|8.5.6 LTS recommended|\r\n|from 7.19.0 to 7.19.17 LTS|8.5.6 LTS recommended or 7.19.18 LTS or 7.19.19 LTS|\r\n|from 7.18.0 to 7.18.3|8.5.6 LTS recommended or 7.19.19 LTS|\r\n|from 7.17.0 to 7.17.5|8.5.6 LTS recommended or 7.19.19 LTS|\r\n|Any earlier versions|8.5.6 LTS recommended or 7.19.19 LTS|\r\n\r\nSee the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]).\r\n\r\nThis vulnerability was reported via our Bug Bounty program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored XSS"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlassian",
"product": {
"product_data": [
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "< 2.7.0",
"status": "unaffected"
},
{
"version": ">= 2.7.0",
"status": "affected"
},
{
"version": ">= 7.13.0",
"status": "affected"
},
{
"version": ">= 7.19.0",
"status": "affected"
},
{
"version": ">= 7.20.0",
"status": "affected"
},
{
"version": ">= 8.0.0",
"status": "affected"
},
{
"version": ">= 8.1.0",
"status": "affected"
},
{
"version": ">= 8.2.0",
"status": "affected"
},
{
"version": ">= 8.3.0",
"status": "affected"
},
{
"version": ">= 8.4.0",
"status": "affected"
},
{
"version": ">= 8.5.0",
"status": "affected"
},
{
"version": ">= 8.6.0",
"status": "affected"
},
{
"version": ">= 8.7.1",
"status": "affected"
},
{
"version": ">= 7.19.18",
"status": "unaffected"
},
{
"version": ">= 8.5.5",
"status": "unaffected"
},
{
"version": ">= 8.7.2",
"status": "unaffected"
},
{
"version": ">= 8.8.0",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1354501606",
"refsource": "MISC",
"name": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1354501606"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-94513",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CONFSERVER-94513"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
"baseScore": 8.5,
"baseSeverity": "HIGH"
}
]
}

101
2024/21xxx/CVE-2024-21682.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-21682",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@atlassian.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 (all versions). \n\nAssets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or Server. It detects hardware and software that is connected to your local network and extracts detailed information about each asset. This data can then be imported into Assets in Jira Service Management to help you manage all of the devices and configuration items within your local network.\n\nThis Injection vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to modify the actions taken by a system call which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\n\nAtlassian recommends that Assets Discovery customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions\n\nSee the release notes (https://confluence.atlassian.com/assetapps/assets-discovery-3-2-1-cloud-6-2-1-data_center-1333987182.html). You can download the latest version of Assets Discovery from the Atlassian Marketplace (https://marketplace.atlassian.com/apps/1214668/assets-discovery?hosting=datacenter&tab=installation).\n\nThis vulnerability was reported via our Penetration Testing program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlassian",
"product": {
"product_data": [
{
"product_name": "Assets Discovery Data Center",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "< 6.0.0",
"status": "unaffected"
},
{
"version": ">= 6.0.0",
"status": "affected"
},
{
"version": ">= 6.1.0",
"status": "affected"
},
{
"version": ">= 6.2.0",
"status": "affected"
},
{
"version": ">= 6.2.1",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://confluence.atlassian.com/assetapps/assets-discovery-3-2-1-cloud-6-2-1-data_center-1333987182.html",
"refsource": "MISC",
"name": "https://confluence.atlassian.com/assetapps/assets-discovery-3-2-1-cloud-6-2-1-data_center-1333987182.html"
},
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1354501606",
"refsource": "MISC",
"name": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1354501606"
},
{
"url": "https://jira.atlassian.com/browse/JSDSERVER-15067",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JSDSERVER-15067"
},
{
"url": "https://marketplace.atlassian.com/apps/1214668/assets-discovery?hosting=datacenter&tab=installation",
"refsource": "MISC",
"name": "https://marketplace.atlassian.com/apps/1214668/assets-discovery?hosting=datacenter&tab=installation"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
]
}

100
2024/22xxx/CVE-2024-22054.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22054",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A malformed discovery packet sent by a malicious actor with preexisting access to the network could interrupt the functionality of device management and discovery.\n\n \n\n \n\nAffected Products:\n\nUniFi Access Points\n\nUniFi Switches\n\nUniFi LTE Backup\n\nUniFi Express (Only Mesh Mode, Router mode is not affected)\n\n \n\nMitigation:\n\nUpdate UniFi Access Points to Version 6.6.65 or later.\n\nUpdate UniFi Switches to Version 6.6.61 or later.\n\nUpdate UniFi LTE Backup to Version 6.6.57 or later.\n\nUpdate UniFi Express to Version 3.2.5 or later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubiquiti Inc",
"product": {
"product_data": [
{
"product_name": "UniFi Access Points",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.6.65",
"version_value": "6.6.65"
}
]
}
},
{
"product_name": "UniFi Switches",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.6.61",
"version_value": "6.6.61"
}
]
}
},
{
"product_name": "UniFi LTE Backup",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.6.57",
"version_value": "6.6.57"
}
]
}
},
{
"product_name": "UniFi Express ",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.2.5",
"version_value": "3.2.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-037-037/9aeeccef-ca4a-4f10-9f66-1eb400b3d027",
"refsource": "MISC",
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-037-037/9aeeccef-ca4a-4f10-9f66-1eb400b3d027"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}

5
2024/22xxx/CVE-2024-22097.json
View File

@ -62,11 +62,6 @@
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1917",
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1917"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1917",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1917"
}
]
},

86
2024/22xxx/CVE-2024-22245.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22245",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in (EAP) could allow\u00a0a\u00a0malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal Names (SPNs)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "VMware",
"product": {
"product_data": [
{
"product_name": "VMware Enhanced Authentication Plug-in (EAP)",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "All"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0003.html",
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2024-0003.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

78
2024/22xxx/CVE-2024-22250.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22250",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a\u00a0malicious actor with unprivileged local access to a windows operating system can hijack a privileged EAP session when initiated by a privileged domain user on the same system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-384 Session Fixation",
"cweId": "CWE-384"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "VMware",
"product": {
"product_data": [
{
"product_name": "VMware Enhanced Authentication Plug-in (EAP)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0003.html",
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2024-0003.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

81
2024/24xxx/CVE-2024-24763.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-24763",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site scripting attacks. Version 3.10.0 contains a patch for this issue. No known workarounds are available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')",
"cweId": "CWE-601"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "jumpserver",
"product": {
"product_data": [
{
"product_name": "jumpserver",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 3.10.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-p2mq-cm25-g4m5",
"refsource": "MISC",
"name": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-p2mq-cm25-g4m5"
},
{
"url": "https://github.com/jumpserver/jumpserver/releases/tag/v3.10.0",
"refsource": "MISC",
"name": "https://github.com/jumpserver/jumpserver/releases/tag/v3.10.0"
}
]
},
"source": {
"advisory": "GHSA-p2mq-cm25-g4m5",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
]
}

66
2024/25xxx/CVE-2024-25260.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25260",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-25260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=31058",
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=31058"
},
{
"url": "https://github.com/schsiung/fuzzer_issues/issues/1",
"refsource": "MISC",
"name": "https://github.com/schsiung/fuzzer_issues/issues/1"
},
{
"url": "https://sourceware.org/elfutils/",
"refsource": "MISC",
"name": "https://sourceware.org/elfutils/"
}
]
}

86
2024/25xxx/CVE-2024-25630.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-25630",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who are using CRDs to store Cilium state (the default configuration) and Wireguard transparent encryption, traffic to/from the Ingress and health endpoints is not encrypted. This issue affects Cilium v1.14 before v1.14.7 and has been patched in Cilium v1.14.7. There is no workaround to this issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-311: Missing Encryption of Sensitive Data",
"cweId": "CWE-311"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "cilium",
"product": {
"product_data": [
{
"product_name": "cilium",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.14.0, < 1.14.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-7496-fgv9-xw82",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/security/advisories/GHSA-7496-fgv9-xw82"
},
{
"url": "https://docs.cilium.io/en/stable/security/network/encryption-wireguard/#encryption-wg",
"refsource": "MISC",
"name": "https://docs.cilium.io/en/stable/security/network/encryption-wireguard/#encryption-wg"
},
{
"url": "https://github.com/cilium/cilium/releases/tag/v1.14.7",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/releases/tag/v1.14.7"
}
]
},
"source": {
"advisory": "GHSA-7496-fgv9-xw82",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
}

20
2024/26xxx/CVE-2024-26581.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "netfilter: nft_set_rbtree: skip end interval element from gc\n\nrbtree lazy gc on insert might collect an end interval element that has\nbeen just added in this transactions, skip end interval elements that\nare not yet active."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_rbtree: skip end interval element from gc\n\nrbtree lazy gc on insert might collect an end interval element that has\nbeen just added in this transactions, skip end interval elements that\nare not yet active."
}
]
},
@ -92,28 +92,28 @@
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1296c110c5a0",
"url": "https://git.kernel.org/stable/c/1296c110c5a0b45a8fcf58e7d18bc5da61a565cb",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1296c110c5a0"
"name": "https://git.kernel.org/stable/c/1296c110c5a0b45a8fcf58e7d18bc5da61a565cb"
},
{
"url": "https://git.kernel.org/stable/c/b734f7a47aeb",
"url": "https://git.kernel.org/stable/c/b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b734f7a47aeb"
"name": "https://git.kernel.org/stable/c/b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7"
},
{
"url": "https://git.kernel.org/stable/c/6eb14441f106",
"url": "https://git.kernel.org/stable/c/6eb14441f10602fa1cf691da9d685718b68b78a9",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6eb14441f106"
"name": "https://git.kernel.org/stable/c/6eb14441f10602fa1cf691da9d685718b68b78a9"
},
{
"url": "https://git.kernel.org/stable/c/60c0c230c6f0",
"url": "https://git.kernel.org/stable/c/60c0c230c6f046da536d3df8b39a20b9a9fd6af0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/60c0c230c6f0"
"name": "https://git.kernel.org/stable/c/60c0c230c6f046da536d3df8b39a20b9a9fd6af0"
}
]
},
"generator": {
"engine": "bippy-c4875b56942e"
"engine": "bippy-294de6a28b09"
}
}