admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-06-26 18:00:33 +00:00
parent 1a4c753740
commit 302730d9ff
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
9 changed files with 220 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
2024/30xxx/CVE-2024-30057.json
View File

@ -21,7 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Spoofing"
"value": "CWE-356: Product UI does not Warn User of Unsafe Actions",
"cweId": "CWE-356"
}
]
}

3
2024/30xxx/CVE-2024-30058.json
View File

@ -21,7 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Spoofing"
"value": "CWE-357: Insufficient UI Warning of Dangerous Operations",
"cweId": "CWE-357"
}
]
}

66
2024/35xxx/CVE-2024-35545.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-35545",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-35545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MAP-OS v4.45.0 and earlier was discovered to contain a cross-site scripting (XSS) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portswigger.net/web-security/cross-site-scripting/stored",
"refsource": "MISC",
"name": "https://portswigger.net/web-security/cross-site-scripting/stored"
},
{
"url": "https://github.com/RamonSilva20/mapos/tree/master",
"refsource": "MISC",
"name": "https://github.com/RamonSilva20/mapos/tree/master"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/RamonSilva20/mapos/commit/3559bae4782162faab94670f503fd35b0f331929",
"url": "https://github.com/RamonSilva20/mapos/commit/3559bae4782162faab94670f503fd35b0f331929"
}
]
}

3
2024/38xxx/CVE-2024-38082.json
View File

@ -21,7 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Not a Vulnerability"
"value": "CWE-451: User Interface (UI) Misrepresentation of Critical Information",
"cweId": "CWE-451"
}
]
}

3
2024/38xxx/CVE-2024-38083.json
View File

@ -21,7 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Spoofing"
"value": "CWE-449: The UI Performs the Wrong Action",
"cweId": "CWE-449"
}
]
}

3
2024/38xxx/CVE-2024-38093.json
View File

@ -21,7 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Spoofing"
"value": "CWE-451: User Interface (UI) Misrepresentation of Critical Information",
"cweId": "CWE-451"
}
]
}

54
2024/39xxx/CVE-2024-39458.json
View File

@ -1,17 +1,63 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39458",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins Project",
"product": {
"product_data": [
{
"product_name": "Jenkins Structs Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "337.v1b_04ea_4df7c8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3371",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3371"
}
]
}

54
2024/39xxx/CVE-2024-39459.json
View File

@ -1,17 +1,63 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39459",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In rare cases Jenkins Plain Credentials Plugin 182.v468b_97b_9dcb_8 and earlier stores secret file credentials unencrypted (only Base64 encoded) on the Jenkins controller file system, where they can be viewed by users with access to the Jenkins controller file system (global credentials) or with Item/Extended Read permission (folder-scoped credentials)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins Project",
"product": {
"product_data": [
{
"product_name": "Jenkins Plain Credentials Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "182.v468b_97b_9dcb_8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-2495",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-2495"
}
]
}

54
2024/39xxx/CVE-2024-39460.json
View File

@ -1,17 +1,63 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39460",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins Project",
"product": {
"product_data": [
{
"product_name": "Jenkins Bitbucket Branch Source Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "886.v44cf5e4ecec5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363"
}
]
}