diff --git a/2024/0xxx/CVE-2024-0916.json b/2024/0xxx/CVE-2024-0916.json
index 8477f5e4ed2..2a884fc091f 100644
--- a/2024/0xxx/CVE-2024-0916.json
+++ b/2024/0xxx/CVE-2024-0916.json
@@ -1,17 +1,106 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-0916",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "cna@pentraze.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Unauthenticated\u00a0file upload allows remote code execution.\nThis issue affects UvDesk Community: from 1.0.0 through 1.1.3.\n\n"
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
+ "cweId": "CWE-434"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Webkul Software",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "UvDesk Community",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "1.0.0",
+ "version_value": "1.1.3"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://github.com/uvdesk/core-framework/pull/706",
+ "refsource": "MISC",
+ "name": "https://github.com/uvdesk/core-framework/pull/706"
+ },
+ {
+ "url": "https://pentraze.com/vulnerability-reports/",
+ "refsource": "MISC",
+ "name": "https://pentraze.com/vulnerability-reports/"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Apply the patch in this pull request:
https://github.com/uvdesk/core-framework/pull/706
"
+ }
+ ],
+ "value": "Apply the patch in this pull request:\n\n https://github.com/uvdesk/core-framework/pull/706 \n\n"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 10,
+ "baseSeverity": "CRITICAL",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "privilegesRequired": "NONE",
+ "scope": "CHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2024/29xxx/CVE-2024-29964.json b/2024/29xxx/CVE-2024-29964.json
index 7cd1c9a4ba4..178bc1143bd 100644
--- a/2024/29xxx/CVE-2024-29964.json
+++ b/2024/29xxx/CVE-2024-29964.json
@@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
- "value": "Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and configuration that leads to multiple vulnerabilities. Docker daemons are exposed to the WAN interface, and other vulnerabilities allow total control over the Ova appliance. A Docker instance could access any other instances, and a few could access sensitive files. The vulnerability could allow a sudo privileged user on the underlying OS to access and modify these files.\n"
+ "value": "\u00a0Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files.\n"
}
]
},
@@ -40,8 +40,16 @@
"version": {
"version_data": [
{
- "version_affected": "=",
- "version_value": "before v2.3.1, v2.3.0a"
+ "version_value": "not down converted",
+ "x_cve_json_5_version_data": {
+ "versions": [
+ {
+ "status": "affected",
+ "version": "before v2.3.0a"
+ }
+ ],
+ "defaultStatus": "affected"
+ }
}
]
}
@@ -71,16 +79,16 @@
"cvss": [
{
"attackComplexity": "LOW",
- "attackVector": "NETWORK",
+ "attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
- "baseScore": 4.9,
+ "baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
- "privilegesRequired": "HIGH",
+ "privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
- "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
+ "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
diff --git a/2024/32xxx/CVE-2024-32651.json b/2024/32xxx/CVE-2024-32651.json
index 1e5c114890d..17199f67f78 100644
--- a/2024/32xxx/CVE-2024-32651.json
+++ b/2024/32xxx/CVE-2024-32651.json
@@ -1,17 +1,95 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32651",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security-advisories@github.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Jinja2 that allows Remote Command Execution on the server host. Attackers can run any system command without any restriction and they could use a reverse shell. The impact is critical as the attacker can completely takeover the server machine. This can be reduced if changedetection is behind a login page, but this isn't required by the application (not by default and not enforced)."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
+ "cweId": "CWE-1336"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "dgtlmoon",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "changedetection.io",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "<= 0.45.20"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3",
+ "refsource": "MISC",
+ "name": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3"
+ },
+ {
+ "url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.45.21",
+ "refsource": "MISC",
+ "name": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.45.21"
+ },
+ {
+ "url": "https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2",
+ "refsource": "MISC",
+ "name": "https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2"
+ }
+ ]
+ },
+ "source": {
+ "advisory": "GHSA-4r7v-whpg-8rx3",
+ "discovery": "UNKNOWN"
+ },
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 10,
+ "baseSeverity": "CRITICAL",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "privilegesRequired": "NONE",
+ "scope": "CHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2024/32xxx/CVE-2024-32868.json b/2024/32xxx/CVE-2024-32868.json
index 7e2689ed7cb..28079250d1e 100644
--- a/2024/32xxx/CVE-2024-32868.json
+++ b/2024/32xxx/CVE-2024-32868.json
@@ -1,17 +1,99 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32868",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security-advisories@github.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a `Lockout Policy` with a maximum amount of failed password check attempts, there was no such mechanism for (T)OTP checks. This issue has been patched in version 2.50.0.\n"
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
+ "cweId": "CWE-307"
+ }
+ ]
+ },
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-297: Improper Validation of Certificate with Host Mismatch",
+ "cweId": "CWE-297"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "zitadel",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "zitadel",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "< 2.50.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://github.com/zitadel/zitadel/security/advisories/GHSA-7j7j-66cv-m239",
+ "refsource": "MISC",
+ "name": "https://github.com/zitadel/zitadel/security/advisories/GHSA-7j7j-66cv-m239"
+ },
+ {
+ "url": "https://github.com/zitadel/zitadel/releases/tag/v2.50.0",
+ "refsource": "MISC",
+ "name": "https://github.com/zitadel/zitadel/releases/tag/v2.50.0"
+ }
+ ]
+ },
+ "source": {
+ "advisory": "GHSA-7j7j-66cv-m239",
+ "discovery": "UNKNOWN"
+ },
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.5,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2024/33xxx/CVE-2024-33661.json b/2024/33xxx/CVE-2024-33661.json
new file mode 100644
index 00000000000..3f69f0d9671
--- /dev/null
+++ b/2024/33xxx/CVE-2024-33661.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-33661",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/33xxx/CVE-2024-33662.json b/2024/33xxx/CVE-2024-33662.json
new file mode 100644
index 00000000000..83d7529f770
--- /dev/null
+++ b/2024/33xxx/CVE-2024-33662.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-33662",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/33xxx/CVE-2024-33663.json b/2024/33xxx/CVE-2024-33663.json
new file mode 100644
index 00000000000..b0c43a95ef5
--- /dev/null
+++ b/2024/33xxx/CVE-2024-33663.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2024-33663",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2024/33xxx/CVE-2024-33664.json b/2024/33xxx/CVE-2024-33664.json
new file mode 100644
index 00000000000..7dcfc06e2f3
--- /dev/null
+++ b/2024/33xxx/CVE-2024-33664.json
@@ -0,0 +1,67 @@
+{
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2024-33664",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a \"JWT bomb.\" This is similar to CVE-2024-21319."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://github.com/mpdavis/python-jose/issues/344",
+ "refsource": "MISC",
+ "name": "https://github.com/mpdavis/python-jose/issues/344"
+ },
+ {
+ "url": "https://github.com/mpdavis/python-jose/pull/345",
+ "refsource": "MISC",
+ "name": "https://github.com/mpdavis/python-jose/pull/345"
+ }
+ ]
+ }
+}
\ No newline at end of file