admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-06-05 17:00:33 +00:00
parent 8d74aa22ca
commit 2b3a12aef6
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
18 changed files with 692 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
2020/5xxx/CVE-2020-5245.json
View File

@ -1,121 +1,125 @@
{
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5245",
"STATE": "PUBLIC",
"TITLE": "Remote Code Execution (RCE) vulnerability in dropwizard-validation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "dropwizard-validation",
"version": {
"version_data": [
{
"version_value": "< 1.3.19"
},
{
"version_value": ">= 2.0.0, < 2.0.2"
}
]
}
}
]
},
"vendor_name": "dropwizard"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-5245",
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2."
"value": "Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature.\n\nThe issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"
"value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "dropwizard",
"product": {
"product_data": [
{
"product_name": "dropwizard-validation",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.3.0, < 1.3.19"
},
{
"version_affected": "=",
"version_value": ">= 2.0.0, < 2.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"url": "https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"name": "https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf"
},
{
"name": "https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf",
"refsource": "CONFIRM",
"url": "https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf"
"url": "https://github.com/dropwizard/dropwizard/pull/3157",
"refsource": "MISC",
"name": "https://github.com/dropwizard/dropwizard/pull/3157"
},
{
"name": "https://github.com/dropwizard/dropwizard/pull/3157",
"url": "https://github.com/dropwizard/dropwizard/pull/3160",
"refsource": "MISC",
"url": "https://github.com/dropwizard/dropwizard/pull/3157"
"name": "https://github.com/dropwizard/dropwizard/pull/3160"
},
{
"name": "https://github.com/dropwizard/dropwizard/pull/3160",
"url": "https://github.com/dropwizard/dropwizard/commit/28479f743a9d0aab6d0e963fc07f3dd98e8c8236",
"refsource": "MISC",
"url": "https://github.com/dropwizard/dropwizard/pull/3160"
"name": "https://github.com/dropwizard/dropwizard/commit/28479f743a9d0aab6d0e963fc07f3dd98e8c8236"
},
{
"name": "https://github.com/dropwizard/dropwizard/commit/d87d1e4f8e20f6494c0232bf8560c961b46db634",
"url": "https://github.com/dropwizard/dropwizard/commit/d87d1e4f8e20f6494c0232bf8560c961b46db634",
"refsource": "MISC",
"url": "https://github.com/dropwizard/dropwizard/commit/d87d1e4f8e20f6494c0232bf8560c961b46db634"
"name": "https://github.com/dropwizard/dropwizard/commit/d87d1e4f8e20f6494c0232bf8560c961b46db634"
},
{
"name": "https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation",
"url": "https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation",
"refsource": "MISC",
"url": "https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation"
"name": "https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation"
},
{
"name": "https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions",
"url": "https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions",
"refsource": "MISC",
"url": "https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions"
"name": "https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions"
},
{
"name": "https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm",
"url": "https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm",
"refsource": "MISC",
"url": "https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm"
"name": "https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm"
}
]
},
"source": {
"advisory": "GHSA-3mcp-9wr4-cjqf",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
]
}
}

34
2023/47xxx/CVE-2023-47245.json
View File

@ -40,9 +40,24 @@
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "1.7"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "1.7.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
@ -68,6 +83,19 @@
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to&nbsp;1.7.1 or a higher version."
}
],
"value": "Update to\u00a01.7.1 or a higher version."
}
],
"credits": [
{
"lang": "en",

15
2023/6xxx/CVE-2023-6240.json
View File

@ -44,7 +44,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-553.5.1.el8_10",
"version": "0:4.18.0-553.5.1.rt7.346.el8_10",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -56,6 +56,14 @@
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-553.5.1.el8_10",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
@ -243,6 +251,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3618"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3627",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3627"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6240",
"refsource": "MISC",

15
2024/0xxx/CVE-2024-0340.json
View File

@ -44,7 +44,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-553.5.1.el8_10",
"version": "0:4.18.0-553.5.1.rt7.346.el8_10",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -56,6 +56,14 @@
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-553.5.1.el8_10",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
@ -126,6 +134,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3618"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3627",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3627"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0340",
"refsource": "MISC",

21
2024/1xxx/CVE-2024-1459.json
View File

@ -36,7 +36,7 @@
"product": {
"product_data": [
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.1.0",
"product_name": "Red Hat JBoss Enterprise Application Platform 7",
"version": {
"version_data": [
{
@ -44,6 +44,12 @@
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
@ -155,19 +161,6 @@
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Fuse 6",
"version": {

2
2024/1xxx/CVE-2024-1635.json
View File

@ -36,7 +36,7 @@
"product": {
"product_data": [
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.1.0",
"product_name": "Red Hat JBoss Enterprise Application Platform 7",
"version": {
"version_data": [
{

126
2024/20xxx/CVE-2024-20404.json
View File

@ -1,17 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20404",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@cisco.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF)",
"cweId": "CWE-918"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "Cisco Unified Contact Center Enterprise",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Cisco Unified Contact Center Express",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Cisco Finesse",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.6(2)"
},
{
"version_affected": "=",
"version_value": "12.6(2)ES1"
},
{
"version_affected": "=",
"version_value": "12.6(2)ES2"
}
]
}
},
{
"product_name": "Cisco Packaged Contact Center Enterprise",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
"refsource": "MISC",
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
}
]
},
"source": {
"advisory": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
"discovery": "EXTERNAL",
"defects": [
"CSCwh95292"
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
}
]
}

126
2024/20xxx/CVE-2024-20405.json
View File

@ -1,17 +1,135 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-20405",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@cisco.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. \r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "Cisco Unified Contact Center Enterprise",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Cisco Unified Contact Center Express",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
},
{
"product_name": "Cisco Finesse",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.6(2)"
},
{
"version_affected": "=",
"version_value": "12.6(2)ES1"
},
{
"version_affected": "=",
"version_value": "12.6(2)ES2"
}
]
}
},
{
"product_name": "Cisco Packaged Contact Center Enterprise",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
"refsource": "MISC",
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
}
]
},
"source": {
"advisory": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
"discovery": "EXTERNAL",
"defects": [
"CSCwh95276"
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
}
]
}

36
2024/33xxx/CVE-2024-33542.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5.\n\n"
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5."
}
]
},
@ -40,9 +40,24 @@
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "1.4.5"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "1.4.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.4.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
@ -68,6 +83,19 @@
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to&nbsp;1.4.6 or a higher version."
}
],
"value": "Update to\u00a01.4.6 or a higher version."
}
],
"credits": [
{
"lang": "en",

36
2024/33xxx/CVE-2024-33679.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in FameThemes FameTheme Demo Importer.This issue affects FameTheme Demo Importer: from n/a through 1.1.5.\n\n"
"value": "Cross-Site Request Forgery (CSRF) vulnerability in FameThemes FameTheme Demo Importer.This issue affects FameTheme Demo Importer: from n/a through 1.1.5."
}
]
},
@ -40,9 +40,24 @@
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "1.1.5"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "1.1.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.1.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
@ -68,6 +83,19 @@
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to&nbsp;1.1.6 or a higher version."
}
],
"value": "Update to\u00a01.1.6 or a higher version."
}
],
"credits": [
{
"lang": "en",

113
2024/35xxx/CVE-2024-35674.json
View File

@ -1,17 +1,122 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-35674",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.109."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unlimited Elements",
"product": {
"product_data": [
{
"product_name": "Unlimited Elements For Elementor (Free Widgets, Addons, Templates)",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "1.5.110",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.5.109",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-109-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-109-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.5.110 or a higher version."
}
],
"value": "Update to 1.5.110 or a higher version."
}
],
"credits": [
{
"lang": "en",
"value": "Khalid (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

28
2024/3xxx/CVE-2024-3154.json
View File

@ -56,6 +56,27 @@
]
}
},
{
"product_name": "Red Hat OpenShift Container Platform 4.13",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.26.5-16.2.rhaos4.13.git67e2a9d.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat OpenShift Container Platform 4.14",
"version": {
@ -65,7 +86,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.27.6-2.rhaos4.14.gitb3bd0bf.el8",
"version": "0:1.27.6-2.rhaos4.14.gitb3bd0bf.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -134,6 +155,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:2784"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3496",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:3496"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3154",
"refsource": "MISC",

18
2024/5xxx/CVE-2024-5655.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5655",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/5xxx/CVE-2024-5656.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5656",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/5xxx/CVE-2024-5657.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5657",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/5xxx/CVE-2024-5658.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5658",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/5xxx/CVE-2024-5659.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5659",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/5xxx/CVE-2024-5660.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5660",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}