mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
128bbde62a
commit
57de9fa1f9
@ -40,148 +40,29 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF1",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "510.2 HF14",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "510.2 HF13",
|
||||
"status": "unaffected",
|
||||
"version": "510.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2",
|
||||
"version_value": "520.2 TCU4"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "510.1",
|
||||
"version_value": "510.2 HF13"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "520.2 TCU4 HFR2",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.1",
|
||||
"version_value": "520.1 TCU4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "511.1",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2 TCU4 HFR2",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -40,148 +40,29 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF1",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "510.2 HF14",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "510.2 HF13",
|
||||
"status": "unaffected",
|
||||
"version": "510.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2",
|
||||
"version_value": "520.2 TCU4"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "510.1",
|
||||
"version_value": "510.2 HF13"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "520.2 TCU4 HFR2",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.1",
|
||||
"version_value": "520.1 TCU4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "511.1",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2 TCU4 HFR2",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -72,92 +72,24 @@
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2",
|
||||
"version_value": "520.2 TCU4"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "520.2 TCU4 HFR2",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "511.1",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.1",
|
||||
"version_value": "520.1 TCU4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2 TCU4 HFR2",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -40,148 +40,29 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF1",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "510.2 HF14",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "510.2 HF13",
|
||||
"status": "unaffected",
|
||||
"version": "510.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2",
|
||||
"version_value": "520.2 TCU4"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "510.1",
|
||||
"version_value": "510.2 HF13"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "520.2 TCU4 HFR2",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.1",
|
||||
"version_value": "520.1 TCU4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "511.1",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2 TCU4 HFR2",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -40,124 +40,29 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"lessThanOrEqual": "510.2 HF13",
|
||||
"status": "unaffected",
|
||||
"version": "510.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2",
|
||||
"version_value": "520.2 TCU4"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "511.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "510.1",
|
||||
"version_value": "510.2 HF13"
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.2 TCU4 HF2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.2 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.2",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "520.1 TCU5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "520.1 TCU4",
|
||||
"status": "unaffected",
|
||||
"version": "520.1",
|
||||
"versionType": "semver"
|
||||
},
|
||||
{
|
||||
"changes": [
|
||||
{
|
||||
"at": "511.5 TCU4 HF4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"lessThanOrEqual": "511.5 TCU4 HF3",
|
||||
"status": "unaffected",
|
||||
"version": "520.2 TCU4 HFR2",
|
||||
"versionType": "semver"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.1",
|
||||
"version_value": "520.1 TCU4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "511.1",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "520.2 TCU4 HFR2",
|
||||
"version_value": "511.5 TCU4 HF3"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,140 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-6596",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability for an OpenShift Containers."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Uncontrolled Resource Consumption",
|
||||
"cweId": "CWE-400"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Red Hat OpenShift Container Platform 4.11",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "v4.11.0-202401301508.p0.g5ea0428.assembly.stream",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat OpenShift Container Platform 4.12",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "v4.12.0-202401190520.p0.g4b287bd.assembly.stream",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat OpenShift Container Platform 4",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:0485",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:0485"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:0682",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:0682"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2023-6596",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2023-6596"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253521",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2253521"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -263,26 +243,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -263,26 +243,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -127,26 +107,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -168,15 +128,15 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOVK2F3ALGKYIQ5IOMAYEC2DGI7BWAW/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOVK2F3ALGKYIQ5IOMAYEC2DGI7BWAW/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -184,26 +164,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "qemu",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -128,26 +108,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "qemu",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -128,26 +108,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -164,15 +124,15 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254580"
|
||||
},
|
||||
{
|
||||
"url": "https://security.netapp.com/advisory/ntap-20240208-0004/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20240208-0004/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y/"
|
||||
},
|
||||
{
|
||||
"url": "https://security.netapp.com/advisory/ntap-20240208-0004/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20240208-0004/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "mod_proxy_cluster",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -1,17 +1,393 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-6717",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Red Hat build of Keycloak 22",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "22.0.10-1",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "22-13",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "22-16",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat build of Keycloak 22.0.10",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Migration Toolkit for Applications 6",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Migration Toolkit for Applications 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "OpenShift Serverless",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat build of Quarkus",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Data Grid 8",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Decision Manager 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Developer Hub",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Integration Service Registry",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss A-MQ 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Data Grid 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Enterprise Application Platform 6",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Enterprise Application Platform 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Enterprise Application Platform 8",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Fuse 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat OpenShift GitOps",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Process Automation 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Single Sign-On 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:1867",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1867"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:1868",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1868"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2023-6717",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2023-6717"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "HIGH",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "openstack-designate",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -102,26 +82,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "RDO",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "OpenStack RDO",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,160 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-6787",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter \"prompt=login,\" prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting \"Restart login,\" an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Authentication",
|
||||
"cweId": "CWE-287"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Red Hat build of Keycloak 22",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "22.0.10-1",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "22-13",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "22-16",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat build of Keycloak 22.0.10",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Single Sign-On 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:1867",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1867"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:1868",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1868"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2023-6787",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2023-6787"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254375",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254375"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,49 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "xorg-server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "21.1.11",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "xwayland",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "23.2.4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -410,32 +367,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -522,16 +453,16 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
|
||||
},
|
||||
{
|
||||
"url": "https://security.gentoo.org/glsa/202401-30",
|
||||
"refsource": "MISC",
|
||||
"name": "https://security.gentoo.org/glsa/202401-30"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
|
||||
},
|
||||
{
|
||||
"url": "https://security.gentoo.org/glsa/202401-30",
|
||||
"refsource": "MISC",
|
||||
"name": "https://security.gentoo.org/glsa/202401-30"
|
||||
},
|
||||
{
|
||||
"url": "https://security.netapp.com/advisory/ntap-20240307-0006/",
|
||||
"refsource": "MISC",
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -127,26 +107,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "pcp",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.2.0",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -114,26 +89,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,35 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "libssh",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0.9.8",
|
||||
"status": "unaffected"
|
||||
},
|
||||
{
|
||||
"version": "0.10.6",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -124,57 +95,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Extra Packages for Enterprise Linux",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -191,6 +111,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254997"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/",
|
||||
"refsource": "MISC",
|
||||
@ -205,11 +130,6 @@
|
||||
"url": "https://www.libssh.org/security/advisories/CVE-2023-6918.txt",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.libssh.org/security/advisories/CVE-2023-6918.txt"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "keycloak-core",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "rhdh",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "1.21.0",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "systemd",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "25X",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -127,26 +107,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -163,11 +123,6 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2255497"
|
||||
},
|
||||
{
|
||||
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/20231208043433.271449-1-hdthky0@gmail.com/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://patchwork.kernel.org/project/linux-wireless/patch/20231208043433.271449-1-hdthky0@gmail.com/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/54PLF5J33IRSLSR4UU6LQSMXX6FI5AOQ/",
|
||||
"refsource": "MISC",
|
||||
@ -177,6 +132,11 @@
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C25BK2YH5MZ6VNQXKF2NAJBTGXVEPKGC/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C25BK2YH5MZ6VNQXKF2NAJBTGXVEPKGC/"
|
||||
},
|
||||
{
|
||||
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/20231208043433.271449-1-hdthky0@gmail.com/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://patchwork.kernel.org/project/linux-wireless/patch/20231208043433.271449-1-hdthky0@gmail.com/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -32,11 +32,11 @@
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Kernel",
|
||||
"product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
@ -44,22 +44,74 @@
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.3-rc1",
|
||||
"version": "0:4.18.0-193.133.1.el8_2",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:4.18.0-193.133.1.rt13.184.el8_2",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:4.18.0-193.133.1.el8_2",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:4.18.0-193.133.1.el8_2",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
|
||||
"version": {
|
||||
@ -336,26 +388,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -402,6 +434,16 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1404"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:2006",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:2006"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:2008",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:2008"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2023-7192",
|
||||
"refsource": "MISC",
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "cpio",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -109,26 +89,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "iperf",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "3.15",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -101,26 +76,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -184,26 +164,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "PackageKit",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "1.2.7",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -120,26 +95,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,49 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "xorg-server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "21.1.11",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "xwayland",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "23.2.4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -410,32 +367,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "sqlite",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "3.43.2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -120,75 +95,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Extra Packages for Enterprise Linux",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "mholt",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,49 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "xorg-server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "21.1.11",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "xwayland",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "23.2.4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -176,32 +133,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -223,6 +154,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2257689"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/",
|
||||
"refsource": "MISC",
|
||||
@ -234,20 +170,15 @@
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
|
||||
},
|
||||
{
|
||||
"url": "https://security.gentoo.org/glsa/202401-30",
|
||||
"refsource": "MISC",
|
||||
"name": "https://security.gentoo.org/glsa/202401-30"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
|
||||
},
|
||||
{
|
||||
"url": "https://security.netapp.com/advisory/ntap-20240307-0006/",
|
||||
"refsource": "MISC",
|
||||
|
||||
@ -31,49 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "xorg-server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "21.1.11",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "xwayland",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "23.2.4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -176,32 +133,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -223,6 +154,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/",
|
||||
"refsource": "MISC",
|
||||
@ -234,20 +170,15 @@
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html"
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
|
||||
},
|
||||
{
|
||||
"url": "https://security.gentoo.org/glsa/202401-30",
|
||||
"refsource": "MISC",
|
||||
"name": "https://security.gentoo.org/glsa/202401-30"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"
|
||||
},
|
||||
{
|
||||
"url": "https://security.netapp.com/advisory/ntap-20240307-0006/",
|
||||
"refsource": "MISC",
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -135,26 +115,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "gnutls",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "3.8.3",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -221,26 +196,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "upstream",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,37 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.0-rc3",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -174,26 +143,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -30,26 +30,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -126,26 +106,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,44 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.7-rc6",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -259,26 +221,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "GnuTLS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "3.8.3",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -188,32 +163,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -127,26 +107,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.7-rc2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -132,26 +107,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,44 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.5-rc1",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -145,26 +107,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,44 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.6-rc5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -145,26 +107,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -30,37 +30,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.7-rc5",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -510,26 +479,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,44 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "6.4-rc2",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -145,26 +107,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "ovirt-engine",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -30,26 +30,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kernel",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -126,26 +106,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,130 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-0874",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Use of Cache Containing Sensitive Information",
|
||||
"cweId": "CWE-524"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Logging Subsystem for Red Hat OpenShift",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unaffected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Advanced Cluster Management for Kubernetes 2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat OpenShift Container Platform 4",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2024-0874",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2024-0874"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219234",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2219234"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/coredns/coredns/issues/6186",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/coredns/coredns/issues/6186"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/coredns/coredns/pull/6354",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/coredns/coredns/pull/6354"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "This issue was discovered by Petr Mensik (Red Hat)."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "openCryptoki",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -76,6 +56,27 @@
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:3.17.0-6.el8_6",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support",
|
||||
"version": {
|
||||
@ -167,26 +168,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -213,6 +194,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1856"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:1992",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1992"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2024-0914",
|
||||
"refsource": "MISC",
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "unixODBC",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -115,26 +95,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "vertx",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "grub2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -109,26 +89,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -150,16 +110,6 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2256827"
|
||||
},
|
||||
{
|
||||
"url": "https://www.openwall.com/lists/oss-security/2024/02/06/3",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.openwall.com/lists/oss-security/2024/02/06/3"
|
||||
},
|
||||
{
|
||||
"url": "https://security.netapp.com/advisory/ntap-20240223-0007/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20240223-0007/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRZQCVZ3XOASVFT6XLO7F2ZXOLOHIJZQ/",
|
||||
"refsource": "MISC",
|
||||
@ -169,6 +119,16 @@
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSJAEGRR3XHMBBBKYOVMII4P34IXEYPE/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSJAEGRR3XHMBBBKYOVMII4P34IXEYPE/"
|
||||
},
|
||||
{
|
||||
"url": "https://security.netapp.com/advisory/ntap-20240223-0007/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20240223-0007/"
|
||||
},
|
||||
{
|
||||
"url": "https://www.openwall.com/lists/oss-security/2024/02/06/3",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.openwall.com/lists/oss-security/2024/02/06/3"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "389-ds-base",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "2.2.0",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -169,26 +144,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,238 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-1102",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Red Hat Build of Keycloak",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Data Grid 8",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Data Grid 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Enterprise Application Platform 6",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Enterprise Application Platform 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Enterprise Application Platform 8",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat JBoss Fuse 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Single Sign-On 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2024-1102",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2024-1102"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262060",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2262060"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/jberet/jsr352/issues/452",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/jberet/jsr352/issues/452"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "upstream",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -1,17 +1,144 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-1139",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
|
||||
"cweId": "CWE-200"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Red Hat Advanced Cluster Management for Kubernetes 2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat OpenShift Container Platform 3.11",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat OpenShift Container Platform 4",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2024-1139",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2024-1139"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262158",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2262158"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Red Hat would like to thank Calvinna Caswara (noris network AG) and Patrick Gress (noris network AG) for reporting this issue."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.7,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "upstream",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -30,26 +30,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "eap",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "org.keycloak.protocol.oidc",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "vertx",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "openshift",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,37 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "libvirt",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "10.1.0",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -133,26 +102,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -169,6 +118,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2263841"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45FFKU3LODT345LAB5T4XZA5WKYMXJYU/",
|
||||
"refsource": "MISC",
|
||||
@ -178,11 +132,6 @@
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6MVZO5GXDB7RHY6MS3ZXES3HPK34P3A/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6MVZO5GXDB7RHY6MS3ZXES3HPK34P3A/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "upstream",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -114,7 +94,7 @@
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
@ -192,6 +172,12 @@
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Red Hat would like to thank AAIB IT Unix Team for reporting this issue."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "freeipa",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "4.11.1",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -101,26 +76,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "registry-support",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,48 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "undertow",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "2.3.10.SP3",
|
||||
"status": "unaffected"
|
||||
},
|
||||
{
|
||||
"version": "2.2.30.SP1",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "upstream",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -1,17 +1,178 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-1657",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Missing Origin Validation in WebSockets",
|
||||
"cweId": "CWE-1385"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:2.4-6.el8ap",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:1.0.5-1.el8ap",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:1.0.5-1.el8ap",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:2.4-6.el9ap",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:1.0.5-1.el9ap",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "0:1.0.5-1.el9ap",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:1057",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1057"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2024-1657",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2024-1657"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265085",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2265085"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 8.1,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "keycloak-core",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "kubevirt-csi",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -1,17 +1,120 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-1726",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A flaw was discovered in the RESTEasy Reactive implementation in Quarkus. Due to security checks for some JAX-RS endpoints being performed after serialization, more processing resources are consumed while the HTTP request is checked. In certain configurations, if an attacker has knowledge of any POST, PUT, or PATCH request paths, they can potentially identify vulnerable endpoints and trigger excessive resource usage as the endpoints process the requests. This can result in a denial of service."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Preservation of Permissions",
|
||||
"cweId": "CWE-281"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Red Hat build of Quarkus 3.2.11.Final",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "3.2.11.Final-redhat-00001",
|
||||
"lessThan": "*",
|
||||
"versionType": "rpm",
|
||||
"status": "unaffected"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat build of Quarkus",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/errata/RHSA-2024:1662",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2024:1662"
|
||||
},
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2024-1726",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2024-1726"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265158",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2265158"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "This issue was discovered by Michal Vav\u0159\u00edk (Red Hat)."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "quarkus",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "3.7.3",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -31,49 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "xorg-server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "21.1.11",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "xwayland",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "23.2.4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -410,32 +367,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,49 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "xorg-server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "21.1.11",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "xwayland",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "23.2.4",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -410,32 +367,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,85 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-25624",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security-advisories@github.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in `iris-web` is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability can lead to an arbitrary Remote Code Execution. An authenticated administrator has to upload a crafted report template containing the payload. Upon generation of a report based on the weaponized report, any user can trigger the vulnerability. The vulnerability is patched in IRIS v2.4.6. No workaround is available. It is recommended to update as soon as possible. Until patching, review the report templates and keep the administrative privileges that include the upload of report templates limited to dedicated users. \n"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
|
||||
"cweId": "CWE-1336"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "dfir-iris",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "iris-web",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "< 2.4.6"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/dfir-iris/iris-web/security/advisories/GHSA-m64w-f7fg-hpcr",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/dfir-iris/iris-web/security/advisories/GHSA-m64w-f7fg-hpcr"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "GHSA-m64w-f7fg-hpcr",
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.8,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,90 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-28240",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security-advisories@github.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The GLPI Agent is a generic management agent. A vulnerability that only affects GLPI-Agent installed on windows via MSI packaging can allow a local user to cause denial of agent service by replacing GLPI server url with a wrong url or disabling the service. Additionally, in the case the Deploy task is installed, a local malicious user can trigger privilege escalation configuring a malicious server providing its own deploy task payload. GLPI-Agent 1.7.2 contains a patch for this issue. As a workaround, edit GLPI-Agent related key under `HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall` and add `SystemComponent` DWORD value setting it to `1` to hide GLPI-Agent from installed applications."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-20: Improper Input Validation",
|
||||
"cweId": "CWE-20"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "glpi-project",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "glpi-agent",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "< 1.7.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-hx3x-mmqg-h3jp",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-hx3x-mmqg-h3jp"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/glpi-project/glpi-agent/commit/41bbb1169e899bd15350a9e2fdbf9269a3b7a14f",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/glpi-project/glpi-agent/commit/41bbb1169e899bd15350a9e2fdbf9269a3b7a14f"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "GHSA-hx3x-mmqg-h3jp",
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.3,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,90 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-28241",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security-advisories@github.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The GLPI Agent is a generic management agent. Prior to version 1.7.2, a local user can modify GLPI-Agent code or used DLLs to modify agent logic and even gain higher privileges. Users should upgrade to GLPI-Agent 1.7.2 to receive a patch. As a workaround, use the default installation folder which involves installed folder is automatically secured by the system."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-269: Improper Privilege Management",
|
||||
"cweId": "CWE-269"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "glpi-project",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "glpi-agent",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "< 1.7.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-3268-p58w-86hw",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-3268-p58w-86hw"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/glpi-project/glpi-agent/commit/9a97114f595562c91b0833b4a800dd51e9df65e9",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/glpi-project/glpi-agent/commit/9a97114f595562c91b0833b4a800dd51e9df65e9"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "GHSA-3268-p58w-86hw",
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.3,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-29660",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-29660",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Cross Site Scripting vulnerability in DedeCMS v.5.7 allows a local attacker to execute arbitrary code via a crafted payload to the stepselect_main.php component."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/ysl1415926/cve/blob/main/DedeCMSv5.7.md",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/ysl1415926/cve/blob/main/DedeCMSv5.7.md"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "libdwarf",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -70,26 +50,6 @@
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 8",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
@ -131,6 +91,12 @@
|
||||
}
|
||||
]
|
||||
},
|
||||
"work_around": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
|
||||
@ -31,47 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "ovn",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "22.03.7",
|
||||
"status": "unaffected"
|
||||
},
|
||||
{
|
||||
"version": "23.03.3",
|
||||
"status": "unaffected"
|
||||
},
|
||||
{
|
||||
"version": "23.06.3",
|
||||
"status": "unaffected"
|
||||
},
|
||||
{
|
||||
"version": "23.09.3",
|
||||
"status": "unaffected"
|
||||
},
|
||||
{
|
||||
"version": "24.03.1",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -354,26 +313,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -435,6 +374,21 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2267840"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/"
|
||||
},
|
||||
{
|
||||
"url": "https://mail.openvswitch.org/pipermail/ovs-announce/2024-March/000346.html",
|
||||
"refsource": "MISC",
|
||||
@ -444,21 +398,6 @@
|
||||
"url": "https://www.openwall.com/lists/oss-security/2024/03/12/5",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.openwall.com/lists/oss-security/2024/03/12/5"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -32,29 +32,22 @@
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "upstream",
|
||||
"product_name": "Red Hat Enterprise Linux 6",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 7",
|
||||
"version": {
|
||||
@ -62,7 +55,7 @@
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
@ -75,7 +68,7 @@
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
@ -88,33 +81,7 @@
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
},
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
@ -133,6 +100,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2024-2236"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268268",
|
||||
"refsource": "MISC",
|
||||
@ -140,12 +112,6 @@
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "This issue was discovered by Hubert Kario (Red Hat)."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "osbuild-composer",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "94",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -88,26 +63,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -126,6 +81,12 @@
|
||||
}
|
||||
]
|
||||
},
|
||||
"work_around": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "upstream",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
|
||||
@ -1,17 +1,149 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-2467",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "secalert@redhat.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Observable Discrepancy",
|
||||
"cweId": "CWE-203"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 6",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 7",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "unknown"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 8",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Red Hat Enterprise Linux 9",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://access.redhat.com/security/cve/CVE-2024-2467",
|
||||
"refsource": "MISC",
|
||||
"name": "https://access.redhat.com/security/cve/CVE-2024-2467"
|
||||
},
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269567",
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2269567"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/toddr/Crypt-OpenSSL-RSA/issues/42",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/toddr/Crypt-OpenSSL-RSA/issues/42"
|
||||
},
|
||||
{
|
||||
"url": "https://people.redhat.com/~hkario/marvin/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://people.redhat.com/~hkario/marvin/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"work_around": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "This CVE is mitigated (i.e. not exploitable) by using the openssl package with support for implicit rejection shipped in the following RHEL errata:\n\n* https://access.redhat.com/errata/RHSA-2024:0208\n* https://access.redhat.com/errata/RHSA-2024:0154\n* https://access.redhat.com/errata/RHSA-2023:7877\n* https://access.redhat.com/errata/RHSA-2024:0500\n* https://access.redhat.com/errata/RHBA-2023:6627"
|
||||
}
|
||||
],
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "This issue was discovered by Hubert Kario (Red Hat)."
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "HIGH",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -31,26 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "libvirt",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -122,26 +102,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -158,15 +118,15 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2270115"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -31,31 +31,6 @@
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "libvirt",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"version": "9.8.0",
|
||||
"status": "unaffected"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
@ -127,26 +102,6 @@
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"vendor_name": "Fedora",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Fedora 39",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-30890",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-30890",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://gist.github.com/rootlili/198922ef72c9bef973e04eb6b36a8aad",
|
||||
"url": "https://gist.github.com/rootlili/198922ef72c9bef973e04eb6b36a8aad"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-31574",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-31574",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Cross Site Scripting vulnerability in TWCMS v.2.6 allows a local attacker to execute arbitrary code via a crafted script"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/ysl1415926/cve/blob/main/CVE-2024-31574.md",
|
||||
"url": "https://github.com/ysl1415926/cve/blob/main/CVE-2024-31574.md"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,66 +1,17 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2024-31745",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-31745",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "REJECT"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Libdwarf v0.9.1 was discovered to contain a heap use-after-free via the dw_empty_errlist_item function at /libdwarf/dwarf_alloc.c."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/davea42/libdwarf-code/issues/238",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/davea42/libdwarf-code/issues/238"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/davea42/libdwarf-code/commit/404e6b1b14f60c81388d50b4239f81d461b3c3ad",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/davea42/libdwarf-code/commit/404e6b1b14f60c81388d50b4239f81d461b3c3ad"
|
||||
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-2002. Reason: This candidate is a duplicate of CVE-2024-2002. Notes: All CVE users should reference CVE-2024-2002 instead of this candidate."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-32236",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-32236",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/cidengcc/cmseasy/issues/1",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/cidengcc/cmseasy/issues/1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-32358",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2024-32358",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.wolai.com/catr00t/2LujDzjjcrAjUYpWtcusXD",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.wolai.com/catr00t/2LujDzjjcrAjUYpWtcusXD"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://gist.github.com/rootlili/a6b6c89591f4773857ae81b7ca5898bc",
|
||||
"url": "https://gist.github.com/rootlili/a6b6c89591f4773857ae81b7ca5898bc"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2024/4xxx/CVE-2024-4196.json
Normal file
18
2024/4xxx/CVE-2024-4196.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-4196",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/4xxx/CVE-2024-4197.json
Normal file
18
2024/4xxx/CVE-2024-4197.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-4197",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/4xxx/CVE-2024-4198.json
Normal file
18
2024/4xxx/CVE-2024-4198.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-4198",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
18
2024/4xxx/CVE-2024-4199.json
Normal file
18
2024/4xxx/CVE-2024-4199.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2024-4199",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user