From 543ec7fe9598c0780436d04fa427a939ad5fca0e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 24 Nov 2024 17:00:31 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/11xxx/CVE-2024-11663.json | 18 ++++++++ 2024/11xxx/CVE-2024-11664.json | 18 ++++++++ 2024/2xxx/CVE-2024-2698.json | 12 +++--- 2024/53xxx/CVE-2024-53899.json | 72 +++++++++++++++++++++++++++++++ 2024/53xxx/CVE-2024-53900.json | 18 ++++++++ 2024/53xxx/CVE-2024-53901.json | 77 ++++++++++++++++++++++++++++++++++ 2024/53xxx/CVE-2024-53902.json | 18 ++++++++ 2024/53xxx/CVE-2024-53903.json | 18 ++++++++ 2024/53xxx/CVE-2024-53904.json | 18 ++++++++ 2024/53xxx/CVE-2024-53905.json | 18 ++++++++ 2024/53xxx/CVE-2024-53906.json | 18 ++++++++ 2024/53xxx/CVE-2024-53907.json | 18 ++++++++ 2024/53xxx/CVE-2024-53908.json | 18 ++++++++ 2024/5xxx/CVE-2024-5154.json | 4 +- 14 files changed, 337 insertions(+), 8 deletions(-) create mode 100644 2024/11xxx/CVE-2024-11663.json create mode 100644 2024/11xxx/CVE-2024-11664.json create mode 100644 2024/53xxx/CVE-2024-53899.json create mode 100644 2024/53xxx/CVE-2024-53900.json create mode 100644 2024/53xxx/CVE-2024-53901.json create mode 100644 2024/53xxx/CVE-2024-53902.json create mode 100644 2024/53xxx/CVE-2024-53903.json create mode 100644 2024/53xxx/CVE-2024-53904.json create mode 100644 2024/53xxx/CVE-2024-53905.json create mode 100644 2024/53xxx/CVE-2024-53906.json create mode 100644 2024/53xxx/CVE-2024-53907.json create mode 100644 2024/53xxx/CVE-2024-53908.json diff --git a/2024/11xxx/CVE-2024-11663.json b/2024/11xxx/CVE-2024-11663.json new file mode 100644 index 00000000000..df145eab3d8 --- /dev/null +++ b/2024/11xxx/CVE-2024-11663.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11663", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/11xxx/CVE-2024-11664.json b/2024/11xxx/CVE-2024-11664.json new file mode 100644 index 00000000000..59c81434fea --- /dev/null +++ b/2024/11xxx/CVE-2024-11664.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-11664", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/2xxx/CVE-2024-2698.json b/2024/2xxx/CVE-2024-2698.json index 095dcfb6c47..7ca6c0b4d2f 100644 --- a/2024/2xxx/CVE-2024-2698.json +++ b/2024/2xxx/CVE-2024-2698.json @@ -21,8 +21,8 @@ "description": [ { "lang": "eng", - "value": "Improper Access Control", - "cweId": "CWE-284" + "value": "Incorrect Authorization", + "cweId": "CWE-863" } ] } @@ -207,15 +207,15 @@ { "attackComplexity": "LOW", "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 7.1, + "availabilityImpact": "HIGH", + "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", + "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } ] diff --git a/2024/53xxx/CVE-2024-53899.json b/2024/53xxx/CVE-2024-53899.json new file mode 100644 index 00000000000..c3e043b04ca --- /dev/null +++ b/2024/53xxx/CVE-2024-53899.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2024-53899", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pypa/virtualenv/issues/2768", + "refsource": "MISC", + "name": "https://github.com/pypa/virtualenv/issues/2768" + }, + { + "url": "https://github.com/pypa/virtualenv/releases/tag/20.26.6", + "refsource": "MISC", + "name": "https://github.com/pypa/virtualenv/releases/tag/20.26.6" + }, + { + "url": "https://github.com/pypa/virtualenv/pull/2771", + "refsource": "MISC", + "name": "https://github.com/pypa/virtualenv/pull/2771" + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53900.json b/2024/53xxx/CVE-2024-53900.json new file mode 100644 index 00000000000..6577dbfad73 --- /dev/null +++ b/2024/53xxx/CVE-2024-53900.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53900", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53901.json b/2024/53xxx/CVE-2024-53901.json new file mode 100644 index 00000000000..685812e3042 --- /dev/null +++ b/2024/53xxx/CVE-2024-53901.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2024-53901", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/tonycoz/imager/issues/534", + "refsource": "MISC", + "name": "https://github.com/tonycoz/imager/issues/534" + }, + { + "url": "https://metacpan.org/release/TONYC/Imager-1.025/changes", + "refsource": "MISC", + "name": "https://metacpan.org/release/TONYC/Imager-1.025/changes" + }, + { + "url": "https://github.com/briandfoy/cpan-security-advisory/issues/171", + "refsource": "MISC", + "name": "https://github.com/briandfoy/cpan-security-advisory/issues/171" + }, + { + "url": "https://github.com/briandfoy/cpan-security-advisory/issues/167", + "refsource": "MISC", + "name": "https://github.com/briandfoy/cpan-security-advisory/issues/167" + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53902.json b/2024/53xxx/CVE-2024-53902.json new file mode 100644 index 00000000000..8fd292bc672 --- /dev/null +++ b/2024/53xxx/CVE-2024-53902.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53902", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53903.json b/2024/53xxx/CVE-2024-53903.json new file mode 100644 index 00000000000..4dc0a8189f8 --- /dev/null +++ b/2024/53xxx/CVE-2024-53903.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53903", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53904.json b/2024/53xxx/CVE-2024-53904.json new file mode 100644 index 00000000000..492fcdc29a6 --- /dev/null +++ b/2024/53xxx/CVE-2024-53904.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53904", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53905.json b/2024/53xxx/CVE-2024-53905.json new file mode 100644 index 00000000000..2d7e15dcb29 --- /dev/null +++ b/2024/53xxx/CVE-2024-53905.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53905", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53906.json b/2024/53xxx/CVE-2024-53906.json new file mode 100644 index 00000000000..ee176906f6a --- /dev/null +++ b/2024/53xxx/CVE-2024-53906.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53906", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53907.json b/2024/53xxx/CVE-2024-53907.json new file mode 100644 index 00000000000..f6da49c2498 --- /dev/null +++ b/2024/53xxx/CVE-2024-53907.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53907", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/53xxx/CVE-2024-53908.json b/2024/53xxx/CVE-2024-53908.json new file mode 100644 index 00000000000..f5267513203 --- /dev/null +++ b/2024/53xxx/CVE-2024-53908.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-53908", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5154.json b/2024/5xxx/CVE-2024-5154.json index 8da3d0c7e4f..ac4fbaa7f74 100644 --- a/2024/5xxx/CVE-2024-5154.json +++ b/2024/5xxx/CVE-2024-5154.json @@ -86,7 +86,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "0:1.27.7-3.rhaos4.14.git674563e.el9", + "version": "0:1.27.7-3.rhaos4.14.git674563e.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected" @@ -107,7 +107,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "0:1.28.7-2.rhaos4.15.git111aec5.el9", + "version": "0:1.28.7-2.rhaos4.15.git111aec5.el8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"