admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-09-26 22:00:39 +00:00
parent 69cbbe4f86
commit 2b29cdcc9f
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
14 changed files with 602 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
2023/3xxx/CVE-2023-3518.json
View File

@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-285 Improper Authorization",
"cweId": "CWE-285"
"value": "CWE-266: Incorrect Privilege Assignment",
"cweId": "CWE-266"
}
]
}
@ -73,23 +73,16 @@
]
},
"source": {
"advisory": "HCSEC-2023-25",
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseSeverity": "HIGH",
"baseScore": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
]
}

19
2023/3xxx/CVE-2023-3774.json
View File

@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"cweId": "CWE-703"
"value": "CWE-248: Uncaught Exception",
"cweId": "CWE-248"
}
]
}
@ -70,23 +70,16 @@
]
},
"source": {
"advisory": "HCSEC-2023-23",
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseSeverity": "MEDIUM",
"baseScore": 4.9,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

19
2023/3xxx/CVE-2023-3775.json
View File

@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
"value": "CWE-266: Incorrect Privilege Assignment",
"cweId": "CWE-266"
}
]
}
@ -73,23 +73,16 @@
]
},
"source": {
"advisory": "HCSEC-2023-29",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseSeverity": "MEDIUM",
"baseScore": 4.2,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H"
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

15
2023/41xxx/CVE-2023-41094.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "\nTouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration\n\nThis issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected\n\n\n"
"value": "TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration\n\nThis issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected"
}
]
},
@ -21,17 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-672 Operation on a Resource after Expiration or Release",
"cweId": "CWE-672"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-772 Missing Release of Resource after Effective Lifetime",
"cweId": "CWE-772"
"value": "CWE-940 Improper Verification of Source of a Communication Channel",
"cweId": "CWE-940"
}
]
}

19
2023/5xxx/CVE-2023-5077.json
View File

@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
"value": "CWE-266: Incorrect Privilege Assignment",
"cweId": "CWE-266"
}
]
}
@ -75,23 +75,16 @@
]
},
"source": {
"advisory": "HCSEC-2023-30",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseSeverity": "HIGH",
"baseScore": 7.6,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

56
2024/40xxx/CVE-2024-40506.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40506",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMHospitality.asmx function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/Jansen-C-Moreira/CVE-2024-40506",
"url": "https://github.com/Jansen-C-Moreira/CVE-2024-40506"
}
]
}

61
2024/40xxx/CVE-2024-40507.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40507",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40507",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMPersonnel.asmx function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/openpetra/openpetra",
"refsource": "MISC",
"name": "https://github.com/openpetra/openpetra"
},
{
"refsource": "MISC",
"name": "https://github.com/Jansen-C-Moreira/CVE-2024-40507",
"url": "https://github.com/Jansen-C-Moreira/CVE-2024-40507"
}
]
}

61
2024/40xxx/CVE-2024-40508.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40508",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMConference.asmx function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/openpetra/openpetra",
"refsource": "MISC",
"name": "https://github.com/openpetra/openpetra"
},
{
"refsource": "MISC",
"name": "https://github.com/Jansen-C-Moreira/CVE-2024-40508",
"url": "https://github.com/Jansen-C-Moreira/CVE-2024-40508"
}
]
}

96
2024/47xxx/CVE-2024-47076.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47076",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OpenPrinting",
"product": {
"product_data": [
{
"product_name": "libcupsfilters",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<= 2.1b1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5"
},
{
"url": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8"
},
{
"url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47"
},
{
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6"
},
{
"url": "https://www.cups.org",
"refsource": "MISC",
"name": "https://www.cups.org"
}
]
},
"source": {
"advisory": "GHSA-w63j-6g73-wmg5",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
]
}

101
2024/47xxx/CVE-2024-47175.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47175",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OpenPrinting",
"product": {
"product_data": [
{
"product_name": "libppd",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<= 2.1b1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6"
},
{
"url": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8"
},
{
"url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47"
},
{
"url": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5"
},
{
"url": "https://www.cups.org",
"refsource": "MISC",
"name": "https://www.cups.org"
},
{
"url": "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I",
"refsource": "MISC",
"name": "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I"
}
]
},
"source": {
"advisory": "GHSA-7xfx-47qg-grp6",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
]
}

119
2024/47xxx/CVE-2024-47176.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47176",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL.\n\nDue to the service binding to `*:631 ( INADDR_ANY )`, multiple bugs in `cups-browsed` can be exploited in sequence to introduce a malicious printer to the system. This chain of exploits ultimately enables an attacker to execute arbitrary commands remotely on the target machine without authentication when a print job is started. This poses a significant security risk over the network. Notably, this vulnerability is particularly concerning as it can be exploited from the public internet, potentially exposing a vast number of systems to remote attacks if their CUPS services are enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-749: Exposed Dangerous Method or Function",
"cweId": "CWE-749"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-1327: Binding to an Unrestricted IP Address",
"cweId": "CWE-1327"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OpenPrinting",
"product": {
"product_data": [
{
"product_name": "cups-browsed",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "= 2.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8"
},
{
"url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47"
},
{
"url": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5"
},
{
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6"
},
{
"url": "https://github.com/OpenPrinting/cups-browsed/blob/master/daemon/cups-browsed.c#L13992",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-browsed/blob/master/daemon/cups-browsed.c#L13992"
},
{
"url": "https://www.cups.org",
"refsource": "MISC",
"name": "https://www.cups.org"
}
]
},
"source": {
"advisory": "GHSA-rj88-6mr5-rcw8",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

96
2024/47xxx/CVE-2024-47177.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-47177",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPCommandLine` via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
"cweId": "CWE-77"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OpenPrinting",
"product": {
"product_data": [
{
"product_name": "cups-filters",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<= 2.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47"
},
{
"url": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8"
},
{
"url": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5"
},
{
"url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6",
"refsource": "MISC",
"name": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6"
},
{
"url": "https://www.cups.org",
"refsource": "MISC",
"name": "https://www.cups.org"
}
]
},
"source": {
"advisory": "GHSA-p9rh-jxmq-gq47",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

2
2024/7xxx/CVE-2024-7259.json
View File

@ -42,7 +42,7 @@
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
"defaultStatus": "affected"
}
}
]

18
2024/9xxx/CVE-2024-9267.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9267",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}