admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-11-08 16:00:34 +00:00
parent 818cdfdaaa
commit 2810669050
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
15 changed files with 349 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
2022/48xxx/CVE-2022-48910.json
View File

@ -69,6 +69,12 @@
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.323",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.193",
"lessThanOrEqual": "5.4.*",
@ -124,6 +130,11 @@
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c71bf3229f9e9dd60ba02f5a5be02066edf57012"
},
{
"url": "https://git.kernel.org/stable/c/24888915364cfa410de62d8abb5df95c3b67455d",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/24888915364cfa410de62d8abb5df95c3b67455d"
},
{
"url": "https://git.kernel.org/stable/c/9588ac2eddc2f223ebcebf6e9f5caed84d32922b",
"refsource": "MISC",

24
2022/48xxx/CVE-2022-48938.json
View File

@ -41,12 +41,24 @@
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "69560efa0013"
"version_value": "a612395c7631"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.323",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.285",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.103",
"lessThanOrEqual": "5.10.*",
@ -86,6 +98,16 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a612395c7631918e0e10ea48b9ce5ab4340f26a6",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a612395c7631918e0e10ea48b9ce5ab4340f26a6"
},
{
"url": "https://git.kernel.org/stable/c/9957fbf34f52a4d8945d1bf39aae400ef9a11246",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9957fbf34f52a4d8945d1bf39aae400ef9a11246"
},
{
"url": "https://git.kernel.org/stable/c/69560efa001397ebb8dc1c3e6a3ce00302bb9f7f",
"refsource": "MISC",

13
2023/52xxx/CVE-2023-52497.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "0ffd71bcc3a0",
"version_value": "a0180e940cf1"
"version_value": "9ff2d260b25d"
},
{
"version_value": "not down converted",
@ -57,6 +57,12 @@
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.285",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.211",
"lessThanOrEqual": "5.10.*",
@ -108,6 +114,11 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/9ff2d260b25df6fe1341a79113d88fecf6bd553e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/9ff2d260b25df6fe1341a79113d88fecf6bd553e"
},
{
"url": "https://git.kernel.org/stable/c/a0180e940cf1aefa7d516e20b259ad34f7a8b379",
"refsource": "MISC",

13
2023/52xxx/CVE-2023-52530.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "fdf7cb4185b6",
"version_value": "e8e599a63506"
"version_value": "2408f491ff99"
},
{
"version_value": "not down converted",
@ -57,6 +57,12 @@
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.285",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.228",
"lessThanOrEqual": "5.10.*",
@ -102,6 +108,11 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/2408f491ff998d674707725eadc47d8930aced09",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/2408f491ff998d674707725eadc47d8930aced09"
},
{
"url": "https://git.kernel.org/stable/c/e8e599a635066c50ac214c3e10858f1d37e03022",
"refsource": "MISC",

13
2023/52xxx/CVE-2023-52913.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "eb4dedae920a",
"version_value": "b696c627b3f5"
"version_value": "ae2788871931"
},
{
"version_value": "not down converted",
@ -57,6 +57,12 @@
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.171",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.7",
"lessThanOrEqual": "6.1.*",
@ -84,6 +90,11 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/ae278887193110dfeb857ea63e243a3851fbb0bc",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ae278887193110dfeb857ea63e243a3851fbb0bc"
},
{
"url": "https://git.kernel.org/stable/c/b696c627b3f56e173f7f70b8487d66da8ff22506",
"refsource": "MISC",

24
2023/52xxx/CVE-2023-52917.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "e26a5843f7f5",
"version_value": "ef7e34237e26"
"version_value": "20cbc281033e"
},
{
"version_value": "not down converted",
@ -57,6 +57,18 @@
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.323",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.285",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.227",
"lessThanOrEqual": "5.10.*",
@ -114,6 +126,16 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/20cbc281033ef5324f67f2d54bc539968f937255",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20cbc281033ef5324f67f2d54bc539968f937255"
},
{
"url": "https://git.kernel.org/stable/c/4b2fbba4e44630a59b09d32627b63c4ffdf70f78",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b2fbba4e44630a59b09d32627b63c4ffdf70f78"
},
{
"url": "https://git.kernel.org/stable/c/ef7e34237e2612b116a84c9640628a6f7a0d693e",
"refsource": "MISC",

18
2024/11xxx/CVE-2024-11027.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11027",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

13
2024/26xxx/CVE-2024-26885.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "6f9d451ab1a3",
"version_value": "225da02acdc9"
"version_value": "1f5e352b9088"
},
{
"version_value": "not down converted",
@ -57,6 +57,12 @@
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.285",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.214",
"lessThanOrEqual": "5.10.*",
@ -120,6 +126,11 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1f5e352b9088211fa5eb4e1639cd365f4f7d2f65",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1f5e352b9088211fa5eb4e1639cd365f4f7d2f65"
},
{
"url": "https://git.kernel.org/stable/c/225da02acdc97af01b6bc6ce1a3e5362bf01d3fb",
"refsource": "MISC",

13
2024/26xxx/CVE-2024-26921.json
View File

@ -41,7 +41,7 @@
{
"version_affected": "<",
"version_name": "7026b1ddb6b8",
"version_value": "9705f447bf9a"
"version_value": "1b6de5e6575b"
},
{
"version_value": "not down converted",
@ -57,6 +57,12 @@
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.285",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.227",
"lessThanOrEqual": "5.10.*",
@ -108,6 +114,11 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/1b6de5e6575b56502665c65cf93b0ae6aa0f51ab",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1b6de5e6575b56502665c65cf93b0ae6aa0f51ab"
},
{
"url": "https://git.kernel.org/stable/c/9705f447bf9a6cd088300ad2c407b5e1c6591091",
"refsource": "MISC",

13
2024/36xxx/CVE-2024-36914.json
View File

@ -41,12 +41,18 @@
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "951a498fa993"
"version_value": "87de0a741ef6"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.1.116",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.31",
"lessThanOrEqual": "6.6.*",
@ -80,6 +86,11 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/87de0a741ef6d93fcb99983138a0d89a546a043c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/87de0a741ef6d93fcb99983138a0d89a546a043c"
},
{
"url": "https://git.kernel.org/stable/c/951a498fa993c5501994ec2df97c9297b02488c7",
"refsource": "MISC",

56
2024/46xxx/CVE-2024-46947.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-46947",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-46947",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://mender.io/blog/cve-2024-46947-cve-2024-47190-ssrf-issues-in-mender-enterprise-server",
"url": "https://mender.io/blog/cve-2024-46947-cve-2024-47190-ssrf-issues-in-mender-enterprise-server"
}
]
}

56
2024/46xxx/CVE-2024-46948.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-46948",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-46948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Northern.tech Mender before 3.6.5 and 3.7.x before 3.7.5 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://mender.io/blog/cve-2024-46948",
"url": "https://mender.io/blog/cve-2024-46948"
}
]
}

56
2024/47xxx/CVE-2024-47190.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47190",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-47190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Northern.tech Hosted Mender before 2024.07.11 allows SSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://mender.io/blog/cve-2024-46947-cve-2024-47190-ssrf-issues-in-mender-enterprise-server",
"url": "https://mender.io/blog/cve-2024-46947-cve-2024-47190-ssrf-issues-in-mender-enterprise-server"
}
]
}

56
2024/50xxx/CVE-2024-50966.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-50966",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-50966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addAdmin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/evenomn/YangYiWen/tree/main/11",
"url": "https://github.com/evenomn/YangYiWen/tree/main/11"
}
]
}

4
2024/51xxx/CVE-2024-51501.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes (Header, HeaderCollection and Authorize) are vulnerable to CRLF injection. The way HTTP headers are added to a request is via the `HttpHeaders.TryAddWithoutValidation` method. This method does not check for CRLF characters in the header value. This means that any headers added to a refit request are vulnerable to CRLF-injection. In general, CRLF-injection into a HTTP header (when using HTTP/1.1) means that one can inject additional HTTP headers or smuggle whole HTTP requests. If an application using the Refit library passes a user-controllable value through to a header, then that application becomes vulnerable to CRLF-injection. This is not necessarily a security issue for a command line application like the one above, but if such code were present in a web application then it becomes vulnerable to request splitting (as shown in the PoC) and thus Server Side Request Forgery. Strictly speaking this is a potential vulnerability in applications using Refit and not in Refit itself. This issue has been addressed in release version 8.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
"value": "Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes (Header, HeaderCollection and Authorize) are vulnerable to CRLF injection. The way HTTP headers are added to a request is via the `HttpHeaders.TryAddWithoutValidation` method. This method does not check for CRLF characters in the header value. This means that any headers added to a refit request are vulnerable to CRLF-injection. In general, CRLF-injection into a HTTP header (when using HTTP/1.1) means that one can inject additional HTTP headers or smuggle whole HTTP requests. If an application using the Refit library passes a user-controllable value through to a header, then that application becomes vulnerable to CRLF-injection. This is not necessarily a security issue for a command line application like the one above, but if such code were present in a web application then it becomes vulnerable to request splitting (as shown in the PoC) and thus Server Side Request Forgery. Strictly speaking this is a potential vulnerability in applications using Refit and not in Refit itself. This issue has been addressed in release versions 7.2.22 and 8.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
@ -41,7 +41,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "< 8.0.0"
"version_value": "< 7.2.22"
}
]
}