From 2d553ad7cd14004d8e6a1c8d2315900ff32578e0 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 3 Oct 2024 12:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/47xxx/CVE-2024-47554.json | 69 ++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9313.json | 91 ++++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9462.json | 18 +++++++ 2024/9xxx/CVE-2024-9463.json | 18 +++++++ 2024/9xxx/CVE-2024-9464.json | 18 +++++++ 2024/9xxx/CVE-2024-9465.json | 18 +++++++ 2024/9xxx/CVE-2024-9466.json | 18 +++++++ 2024/9xxx/CVE-2024-9467.json | 18 +++++++ 2024/9xxx/CVE-2024-9468.json | 18 +++++++ 2024/9xxx/CVE-2024-9469.json | 18 +++++++ 2024/9xxx/CVE-2024-9470.json | 18 +++++++ 2024/9xxx/CVE-2024-9471.json | 18 +++++++ 2024/9xxx/CVE-2024-9472.json | 18 +++++++ 2024/9xxx/CVE-2024-9473.json | 18 +++++++ 2024/9xxx/CVE-2024-9474.json | 18 +++++++ 15 files changed, 385 insertions(+), 9 deletions(-) create mode 100644 2024/9xxx/CVE-2024-9462.json create mode 100644 2024/9xxx/CVE-2024-9463.json create mode 100644 2024/9xxx/CVE-2024-9464.json create mode 100644 2024/9xxx/CVE-2024-9465.json create mode 100644 2024/9xxx/CVE-2024-9466.json create mode 100644 2024/9xxx/CVE-2024-9467.json create mode 100644 2024/9xxx/CVE-2024-9468.json create mode 100644 2024/9xxx/CVE-2024-9469.json create mode 100644 2024/9xxx/CVE-2024-9470.json create mode 100644 2024/9xxx/CVE-2024-9471.json create mode 100644 2024/9xxx/CVE-2024-9472.json create mode 100644 2024/9xxx/CVE-2024-9473.json create mode 100644 2024/9xxx/CVE-2024-9474.json diff --git a/2024/47xxx/CVE-2024-47554.json b/2024/47xxx/CVE-2024-47554.json index bb84bb9923e..2a4f24f961a 100644 --- a/2024/47xxx/CVE-2024-47554.json +++ b/2024/47xxx/CVE-2024-47554.json @@ -1,18 +1,77 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-47554", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO.\n\nThe org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.\n\n\nThis issue affects Apache Commons IO: from 2.0 before 2.14.0.\n\nUsers are recommended to upgrade to version 2.14.0 or later, which fixes the issue." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400 Uncontrolled Resource Consumption", + "cweId": "CWE-400" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache Commons IO", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.0", + "version_value": "2.14.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1", + "refsource": "MISC", + "name": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "CodeQL" + } + ] } \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9313.json b/2024/9xxx/CVE-2024-9313.json index b9106e89215..8fde07d35da 100644 --- a/2024/9xxx/CVE-2024-9313.json +++ b/2024/9xxx/CVE-2024-9313.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9313", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Canonical Ltd.", + "product": { + "product_data": [ + { + "product_name": "Authd", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "0.3.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ubuntu/authd/security/advisories/GHSA-x5q3-c8rm-w787", + "refsource": "MISC", + "name": "https://github.com/ubuntu/authd/security/advisories/GHSA-x5q3-c8rm-w787" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-9313", + "refsource": "MISC", + "name": "https://www.cve.org/CVERecord?id=CVE-2024-9313" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Trevisan" + }, + { + "lang": "en", + "value": "Didier Roche-Tolomelli" + }, + { + "lang": "en", + "value": "Mark Esler" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseSeverity": "HIGH", + "baseScore": 8.8, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ] } diff --git a/2024/9xxx/CVE-2024-9462.json b/2024/9xxx/CVE-2024-9462.json new file mode 100644 index 00000000000..b3eb9ceae73 --- /dev/null +++ b/2024/9xxx/CVE-2024-9462.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9462", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9463.json b/2024/9xxx/CVE-2024-9463.json new file mode 100644 index 00000000000..a24b8ea0f72 --- /dev/null +++ b/2024/9xxx/CVE-2024-9463.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9463", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9464.json b/2024/9xxx/CVE-2024-9464.json new file mode 100644 index 00000000000..24d96ad46aa --- /dev/null +++ b/2024/9xxx/CVE-2024-9464.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9464", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9465.json b/2024/9xxx/CVE-2024-9465.json new file mode 100644 index 00000000000..42df8c8fc99 --- /dev/null +++ b/2024/9xxx/CVE-2024-9465.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9465", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9466.json b/2024/9xxx/CVE-2024-9466.json new file mode 100644 index 00000000000..4e719d0f180 --- /dev/null +++ b/2024/9xxx/CVE-2024-9466.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9466", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9467.json b/2024/9xxx/CVE-2024-9467.json new file mode 100644 index 00000000000..5f96ed34688 --- /dev/null +++ b/2024/9xxx/CVE-2024-9467.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9467", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9468.json b/2024/9xxx/CVE-2024-9468.json new file mode 100644 index 00000000000..082a76910d5 --- /dev/null +++ b/2024/9xxx/CVE-2024-9468.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9468", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9469.json b/2024/9xxx/CVE-2024-9469.json new file mode 100644 index 00000000000..489074ec40c --- /dev/null +++ b/2024/9xxx/CVE-2024-9469.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9469", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9470.json b/2024/9xxx/CVE-2024-9470.json new file mode 100644 index 00000000000..d581ac43939 --- /dev/null +++ b/2024/9xxx/CVE-2024-9470.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9470", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9471.json b/2024/9xxx/CVE-2024-9471.json new file mode 100644 index 00000000000..09512d11ad4 --- /dev/null +++ b/2024/9xxx/CVE-2024-9471.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9471", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9472.json b/2024/9xxx/CVE-2024-9472.json new file mode 100644 index 00000000000..95d90f0b6bd --- /dev/null +++ b/2024/9xxx/CVE-2024-9472.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9472", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9473.json b/2024/9xxx/CVE-2024-9473.json new file mode 100644 index 00000000000..dbe739ac377 --- /dev/null +++ b/2024/9xxx/CVE-2024-9473.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9473", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9474.json b/2024/9xxx/CVE-2024-9474.json new file mode 100644 index 00000000000..eef020a5d29 --- /dev/null +++ b/2024/9xxx/CVE-2024-9474.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9474", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file