From 57de9fa1f9690dfaf3d09a22cfac249093c7da9d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 25 Apr 2024 17:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/5xxx/CVE-2023-5389.json | 157 ++------------ 2023/5xxx/CVE-2023-5392.json | 157 ++------------ 2023/5xxx/CVE-2023-5393.json | 100 ++------- 2023/5xxx/CVE-2023-5394.json | 157 ++------------ 2023/5xxx/CVE-2023-5396.json | 133 ++---------- 2023/6xxx/CVE-2023-6596.json | 131 ++++++++++- 2023/6xxx/CVE-2023-6606.json | 40 ---- 2023/6xxx/CVE-2023-6610.json | 40 ---- 2023/6xxx/CVE-2023-6622.json | 50 +---- 2023/6xxx/CVE-2023-6679.json | 40 ---- 2023/6xxx/CVE-2023-6683.json | 40 ---- 2023/6xxx/CVE-2023-6693.json | 50 +---- 2023/6xxx/CVE-2023-6710.json | 20 -- 2023/6xxx/CVE-2023-6717.json | 384 ++++++++++++++++++++++++++++++++- 2023/6xxx/CVE-2023-6725.json | 40 ---- 2023/6xxx/CVE-2023-6787.json | 151 ++++++++++++- 2023/6xxx/CVE-2023-6816.json | 79 +------ 2023/6xxx/CVE-2023-6915.json | 40 ---- 2023/6xxx/CVE-2023-6917.json | 45 ---- 2023/6xxx/CVE-2023-6918.json | 90 +------- 2023/6xxx/CVE-2023-6927.json | 20 -- 2023/6xxx/CVE-2023-6944.json | 25 --- 2023/7xxx/CVE-2023-7008.json | 25 --- 2023/7xxx/CVE-2023-7042.json | 50 +---- 2023/7xxx/CVE-2023-7192.json | 106 ++++++--- 2023/7xxx/CVE-2023-7216.json | 40 ---- 2023/7xxx/CVE-2023-7250.json | 45 ---- 2024/0xxx/CVE-2024-0193.json | 40 ---- 2024/0xxx/CVE-2024-0217.json | 45 ---- 2024/0xxx/CVE-2024-0229.json | 69 ------ 2024/0xxx/CVE-2024-0232.json | 94 -------- 2024/0xxx/CVE-2024-0406.json | 25 --- 2024/0xxx/CVE-2024-0408.json | 83 +------ 2024/0xxx/CVE-2024-0409.json | 83 +------ 2024/0xxx/CVE-2024-0443.json | 40 ---- 2024/0xxx/CVE-2024-0553.json | 45 ---- 2024/0xxx/CVE-2024-0560.json | 20 -- 2024/0xxx/CVE-2024-0562.json | 51 ----- 2024/0xxx/CVE-2024-0564.json | 40 ---- 2024/0xxx/CVE-2024-0565.json | 58 ----- 2024/0xxx/CVE-2024-0567.json | 51 ----- 2024/0xxx/CVE-2024-0582.json | 40 ---- 2024/0xxx/CVE-2024-0607.json | 45 ---- 2024/0xxx/CVE-2024-0639.json | 58 ----- 2024/0xxx/CVE-2024-0641.json | 58 ----- 2024/0xxx/CVE-2024-0646.json | 51 ----- 2024/0xxx/CVE-2024-0775.json | 58 ----- 2024/0xxx/CVE-2024-0822.json | 20 -- 2024/0xxx/CVE-2024-0841.json | 40 ---- 2024/0xxx/CVE-2024-0874.json | 121 ++++++++++- 2024/0xxx/CVE-2024-0914.json | 66 +++--- 2024/1xxx/CVE-2024-1013.json | 40 ---- 2024/1xxx/CVE-2024-1023.json | 20 -- 2024/1xxx/CVE-2024-1048.json | 60 +----- 2024/1xxx/CVE-2024-1062.json | 45 ---- 2024/1xxx/CVE-2024-1102.json | 229 +++++++++++++++++++- 2024/1xxx/CVE-2024-1132.json | 20 -- 2024/1xxx/CVE-2024-1139.json | 135 +++++++++++- 2024/1xxx/CVE-2024-1141.json | 20 -- 2024/1xxx/CVE-2024-1233.json | 20 -- 2024/1xxx/CVE-2024-1249.json | 20 -- 2024/1xxx/CVE-2024-1300.json | 20 -- 2024/1xxx/CVE-2024-1342.json | 20 -- 2024/1xxx/CVE-2024-1441.json | 61 +----- 2024/1xxx/CVE-2024-1459.json | 28 +-- 2024/1xxx/CVE-2024-1481.json | 45 ---- 2024/1xxx/CVE-2024-1485.json | 20 -- 2024/1xxx/CVE-2024-1635.json | 42 ---- 2024/1xxx/CVE-2024-1657.json | 169 ++++++++++++++- 2024/1xxx/CVE-2024-1722.json | 20 -- 2024/1xxx/CVE-2024-1725.json | 20 -- 2024/1xxx/CVE-2024-1726.json | 111 +++++++++- 2024/1xxx/CVE-2024-1979.json | 25 --- 2024/21xxx/CVE-2024-21885.json | 69 ------ 2024/21xxx/CVE-2024-21886.json | 69 ------ 2024/25xxx/CVE-2024-25624.json | 76 ++++++- 2024/28xxx/CVE-2024-28240.json | 81 ++++++- 2024/28xxx/CVE-2024-28241.json | 81 ++++++- 2024/29xxx/CVE-2024-29660.json | 56 ++++- 2024/2xxx/CVE-2024-2002.json | 46 +--- 2024/2xxx/CVE-2024-2182.json | 91 ++------ 2024/2xxx/CVE-2024-2236.json | 58 ++--- 2024/2xxx/CVE-2024-2307.json | 51 +---- 2024/2xxx/CVE-2024-2419.json | 20 -- 2024/2xxx/CVE-2024-2467.json | 140 +++++++++++- 2024/2xxx/CVE-2024-2494.json | 50 +---- 2024/2xxx/CVE-2024-2496.json | 45 ---- 2024/30xxx/CVE-2024-30890.json | 56 ++++- 2024/31xxx/CVE-2024-31574.json | 56 ++++- 2024/31xxx/CVE-2024-31745.json | 63 +----- 2024/32xxx/CVE-2024-32236.json | 56 ++++- 2024/32xxx/CVE-2024-32358.json | 61 +++++- 2024/4xxx/CVE-2024-4196.json | 18 ++ 2024/4xxx/CVE-2024-4197.json | 18 ++ 2024/4xxx/CVE-2024-4198.json | 18 ++ 2024/4xxx/CVE-2024-4199.json | 18 ++ 96 files changed, 2392 insertions(+), 3651 deletions(-) create mode 100644 2024/4xxx/CVE-2024-4196.json create mode 100644 2024/4xxx/CVE-2024-4197.json create mode 100644 2024/4xxx/CVE-2024-4198.json create mode 100644 2024/4xxx/CVE-2024-4199.json diff --git a/2023/5xxx/CVE-2023-5389.json b/2023/5xxx/CVE-2023-5389.json index 89d6cc4babc..990390375de 100644 --- a/2023/5xxx/CVE-2023-5389.json +++ b/2023/5xxx/CVE-2023-5389.json @@ -40,148 +40,29 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF1", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "510.2 HF14", - "status": "unaffected" - } - ], - "lessThanOrEqual": "510.2 HF13", - "status": "unaffected", - "version": "510.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.2", + "version_value": "520.2 TCU4" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "510.1", + "version_value": "510.2 HF13" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "520.2 TCU4 HFR2", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.1", + "version_value": "520.1 TCU4" + }, + { + "version_affected": "<=", + "version_name": "511.1", + "version_value": "511.5 TCU4 HF3" + }, + { + "version_affected": "<=", + "version_name": "520.2 TCU4 HFR2", + "version_value": "511.5 TCU4 HF3" } ] } diff --git a/2023/5xxx/CVE-2023-5392.json b/2023/5xxx/CVE-2023-5392.json index d12e460dc9e..41e293c9e86 100644 --- a/2023/5xxx/CVE-2023-5392.json +++ b/2023/5xxx/CVE-2023-5392.json @@ -40,148 +40,29 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF1", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "510.2 HF14", - "status": "unaffected" - } - ], - "lessThanOrEqual": "510.2 HF13", - "status": "unaffected", - "version": "510.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.2", + "version_value": "520.2 TCU4" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "510.1", + "version_value": "510.2 HF13" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "520.2 TCU4 HFR2", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.1", + "version_value": "520.1 TCU4" + }, + { + "version_affected": "<=", + "version_name": "511.1", + "version_value": "511.5 TCU4 HF3" + }, + { + "version_affected": "<=", + "version_name": "520.2 TCU4 HFR2", + "version_value": "511.5 TCU4 HF3" } ] } diff --git a/2023/5xxx/CVE-2023-5393.json b/2023/5xxx/CVE-2023-5393.json index 9f5706ee7c2..3c05840828b 100644 --- a/2023/5xxx/CVE-2023-5393.json +++ b/2023/5xxx/CVE-2023-5393.json @@ -72,92 +72,24 @@ } }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.2", + "version_value": "520.2 TCU4" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "520.2 TCU4 HFR2", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "511.1", + "version_value": "511.5 TCU4 HF3" + }, + { + "version_affected": "<=", + "version_name": "520.1", + "version_value": "520.1 TCU4" + }, + { + "version_affected": "<=", + "version_name": "520.2 TCU4 HFR2", + "version_value": "511.5 TCU4 HF3" } ] } diff --git a/2023/5xxx/CVE-2023-5394.json b/2023/5xxx/CVE-2023-5394.json index d77e9890203..e07c9c54487 100644 --- a/2023/5xxx/CVE-2023-5394.json +++ b/2023/5xxx/CVE-2023-5394.json @@ -40,148 +40,29 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF1", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "510.2 HF14", - "status": "unaffected" - } - ], - "lessThanOrEqual": "510.2 HF13", - "status": "unaffected", - "version": "510.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.2", + "version_value": "520.2 TCU4" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "510.1", + "version_value": "510.2 HF13" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "520.2 TCU4 HFR2", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.1", + "version_value": "520.1 TCU4" + }, + { + "version_affected": "<=", + "version_name": "511.1", + "version_value": "511.5 TCU4 HF3" + }, + { + "version_affected": "<=", + "version_name": "520.2 TCU4 HFR2", + "version_value": "511.5 TCU4 HF3" } ] } diff --git a/2023/5xxx/CVE-2023-5396.json b/2023/5xxx/CVE-2023-5396.json index c65e090d596..ada4bafc4c7 100644 --- a/2023/5xxx/CVE-2023-5396.json +++ b/2023/5xxx/CVE-2023-5396.json @@ -40,124 +40,29 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "lessThanOrEqual": "510.2 HF13", - "status": "unaffected", - "version": "510.1", - "versionType": "semver" - }, - { - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.2", + "version_value": "520.2 TCU4" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "510.1", + "version_value": "510.2 HF13" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "520.2 TCU4 HFR2", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.1", + "version_value": "520.1 TCU4" + }, + { + "version_affected": "<=", + "version_name": "511.1", + "version_value": "511.5 TCU4 HF3" + }, + { + "version_affected": "<=", + "version_name": "520.2 TCU4 HFR2", + "version_value": "511.5 TCU4 HF3" } ] } diff --git a/2023/6xxx/CVE-2023-6596.json b/2023/6xxx/CVE-2023-6596.json index 14969eabef7..954665c69d9 100644 --- a/2023/6xxx/CVE-2023-6596.json +++ b/2023/6xxx/CVE-2023-6596.json @@ -1,17 +1,140 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-6596", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability for an OpenShift Containers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Uncontrolled Resource Consumption", + "cweId": "CWE-400" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat OpenShift Container Platform 4.11", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "v4.11.0-202401301508.p0.g5ea0428.assembly.stream", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4.12", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "v4.12.0-202401190520.p0.g4b287bd.assembly.stream", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:0485", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:0485" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:0682", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:0682" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2023-6596", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2023-6596" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253521", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2253521" + } + ] + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2023/6xxx/CVE-2023-6606.json b/2023/6xxx/CVE-2023-6606.json index e76ff3b44bb..691e8432bd5 100644 --- a/2023/6xxx/CVE-2023-6606.json +++ b/2023/6xxx/CVE-2023-6606.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -263,26 +243,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2023/6xxx/CVE-2023-6610.json b/2023/6xxx/CVE-2023-6610.json index 332aef440af..b85f2ceb4c9 100644 --- a/2023/6xxx/CVE-2023-6610.json +++ b/2023/6xxx/CVE-2023-6610.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -263,26 +243,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } - } - ] - } } ] } diff --git a/2023/6xxx/CVE-2023-6622.json b/2023/6xxx/CVE-2023-6622.json index d29f8166aa7..7c97f36a691 100644 --- a/2023/6xxx/CVE-2023-6622.json +++ b/2023/6xxx/CVE-2023-6622.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -127,26 +107,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -168,15 +128,15 @@ "refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea" }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/" - }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOVK2F3ALGKYIQ5IOMAYEC2DGI7BWAW/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOVK2F3ALGKYIQ5IOMAYEC2DGI7BWAW/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/" } ] }, diff --git a/2023/6xxx/CVE-2023-6679.json b/2023/6xxx/CVE-2023-6679.json index 647c7d5f399..0ffeed6e17b 100644 --- a/2023/6xxx/CVE-2023-6679.json +++ b/2023/6xxx/CVE-2023-6679.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -184,26 +164,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2023/6xxx/CVE-2023-6683.json b/2023/6xxx/CVE-2023-6683.json index 0d1cade628d..38bb0ff3b34 100644 --- a/2023/6xxx/CVE-2023-6683.json +++ b/2023/6xxx/CVE-2023-6683.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "qemu", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -128,26 +108,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2023/6xxx/CVE-2023-6693.json b/2023/6xxx/CVE-2023-6693.json index eecc183bfa8..79d04603f91 100644 --- a/2023/6xxx/CVE-2023-6693.json +++ b/2023/6xxx/CVE-2023-6693.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "qemu", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -128,26 +108,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -164,15 +124,15 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254580" }, - { - "url": "https://security.netapp.com/advisory/ntap-20240208-0004/", - "refsource": "MISC", - "name": "https://security.netapp.com/advisory/ntap-20240208-0004/" - }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y/" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240208-0004/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240208-0004/" } ] }, diff --git a/2023/6xxx/CVE-2023-6710.json b/2023/6xxx/CVE-2023-6710.json index a4e92d4ef3c..6d80f4fa49a 100644 --- a/2023/6xxx/CVE-2023-6710.json +++ b/2023/6xxx/CVE-2023-6710.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "mod_proxy_cluster", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2023/6xxx/CVE-2023-6717.json b/2023/6xxx/CVE-2023-6717.json index 4e01235faad..1ace01f4c71 100644 --- a/2023/6xxx/CVE-2023-6717.json +++ b/2023/6xxx/CVE-2023-6717.json @@ -1,17 +1,393 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-6717", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat build of Keycloak 22", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "22.0.10-1", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "22-13", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "22-16", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat build of Keycloak 22.0.10", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Migration Toolkit for Applications 6", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Migration Toolkit for Applications 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "OpenShift Serverless", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat build of Quarkus", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Red Hat Data Grid 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Decision Manager 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Developer Hub", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Integration Service Registry", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss A-MQ 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Data Grid 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform 6", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Fuse 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift GitOps", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Process Automation 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Single Sign-On 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1867", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1867" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1868", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1868" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2023-6717", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2023-6717" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2253952" + } + ] + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L", + "version": "3.1" } ] } diff --git a/2023/6xxx/CVE-2023-6725.json b/2023/6xxx/CVE-2023-6725.json index 0f69de19879..8b18edec426 100644 --- a/2023/6xxx/CVE-2023-6725.json +++ b/2023/6xxx/CVE-2023-6725.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "openstack-designate", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -102,26 +82,6 @@ } ] } - }, - { - "vendor_name": "RDO", - "product": { - "product_data": [ - { - "product_name": "OpenStack RDO", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2023/6xxx/CVE-2023-6787.json b/2023/6xxx/CVE-2023-6787.json index 2e06f392e6e..c286340e527 100644 --- a/2023/6xxx/CVE-2023-6787.json +++ b/2023/6xxx/CVE-2023-6787.json @@ -1,17 +1,160 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-6787", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter \"prompt=login,\" prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting \"Restart login,\" an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Authentication", + "cweId": "CWE-287" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat build of Keycloak 22", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "22.0.10-1", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "22-13", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "22-16", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat build of Keycloak 22.0.10", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Red Hat Single Sign-On 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1867", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1867" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1868", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1868" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2023-6787", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2023-6787" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254375", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254375" + } + ] + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "version": "3.1" } ] } diff --git a/2023/6xxx/CVE-2023-6816.json b/2023/6xxx/CVE-2023-6816.json index 80352e0f109..e92d4440464 100644 --- a/2023/6xxx/CVE-2023-6816.json +++ b/2023/6xxx/CVE-2023-6816.json @@ -31,49 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "xorg-server", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "21.1.11", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "xwayland", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "23.2.4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -410,32 +367,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -522,16 +453,16 @@ "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/" }, - { - "url": "https://security.gentoo.org/glsa/202401-30", - "refsource": "MISC", - "name": "https://security.gentoo.org/glsa/202401-30" - }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/" }, + { + "url": "https://security.gentoo.org/glsa/202401-30", + "refsource": "MISC", + "name": "https://security.gentoo.org/glsa/202401-30" + }, { "url": "https://security.netapp.com/advisory/ntap-20240307-0006/", "refsource": "MISC", diff --git a/2023/6xxx/CVE-2023-6915.json b/2023/6xxx/CVE-2023-6915.json index 2b4be64ed3c..cbd15a17deb 100644 --- a/2023/6xxx/CVE-2023-6915.json +++ b/2023/6xxx/CVE-2023-6915.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -127,26 +107,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2023/6xxx/CVE-2023-6917.json b/2023/6xxx/CVE-2023-6917.json index 8f62ac1b5ef..16c5b2a10a5 100644 --- a/2023/6xxx/CVE-2023-6917.json +++ b/2023/6xxx/CVE-2023-6917.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "pcp", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "6.2.0", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -114,26 +89,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2023/6xxx/CVE-2023-6918.json b/2023/6xxx/CVE-2023-6918.json index 97d38c2c999..f96f5dcd3e8 100644 --- a/2023/6xxx/CVE-2023-6918.json +++ b/2023/6xxx/CVE-2023-6918.json @@ -31,35 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "libssh", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "0.9.8", - "status": "unaffected" - }, - { - "version": "0.10.6", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -124,57 +95,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - }, - { - "product_name": "Extra Packages for Enterprise Linux", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unknown" - } - } - ] - } - } - ] - } } ] } @@ -191,6 +111,11 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254997" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", "refsource": "MISC", @@ -205,11 +130,6 @@ "url": "https://www.libssh.org/security/advisories/CVE-2023-6918.txt", "refsource": "MISC", "name": "https://www.libssh.org/security/advisories/CVE-2023-6918.txt" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/" } ] }, diff --git a/2023/6xxx/CVE-2023-6927.json b/2023/6xxx/CVE-2023-6927.json index f2c06a391b0..281aed84949 100644 --- a/2023/6xxx/CVE-2023-6927.json +++ b/2023/6xxx/CVE-2023-6927.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "keycloak-core", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2023/6xxx/CVE-2023-6944.json b/2023/6xxx/CVE-2023-6944.json index a331f0cc58e..d1271f7545b 100644 --- a/2023/6xxx/CVE-2023-6944.json +++ b/2023/6xxx/CVE-2023-6944.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "rhdh", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "1.21.0", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2023/7xxx/CVE-2023-7008.json b/2023/7xxx/CVE-2023-7008.json index e94bd3e79ba..a875e70273d 100644 --- a/2023/7xxx/CVE-2023-7008.json +++ b/2023/7xxx/CVE-2023-7008.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "systemd", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "25X", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2023/7xxx/CVE-2023-7042.json b/2023/7xxx/CVE-2023-7042.json index a91790073b3..d04d17c39de 100644 --- a/2023/7xxx/CVE-2023-7042.json +++ b/2023/7xxx/CVE-2023-7042.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -127,26 +107,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -163,11 +123,6 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2255497" }, - { - "url": "https://patchwork.kernel.org/project/linux-wireless/patch/20231208043433.271449-1-hdthky0@gmail.com/", - "refsource": "MISC", - "name": "https://patchwork.kernel.org/project/linux-wireless/patch/20231208043433.271449-1-hdthky0@gmail.com/" - }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/54PLF5J33IRSLSR4UU6LQSMXX6FI5AOQ/", "refsource": "MISC", @@ -177,6 +132,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C25BK2YH5MZ6VNQXKF2NAJBTGXVEPKGC/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C25BK2YH5MZ6VNQXKF2NAJBTGXVEPKGC/" + }, + { + "url": "https://patchwork.kernel.org/project/linux-wireless/patch/20231208043433.271449-1-hdthky0@gmail.com/", + "refsource": "MISC", + "name": "https://patchwork.kernel.org/project/linux-wireless/patch/20231208043433.271449-1-hdthky0@gmail.com/" } ] }, diff --git a/2023/7xxx/CVE-2023-7192.json b/2023/7xxx/CVE-2023-7192.json index ade37f89ce7..97547a653de 100644 --- a/2023/7xxx/CVE-2023-7192.json +++ b/2023/7xxx/CVE-2023-7192.json @@ -32,11 +32,11 @@ "vendor": { "vendor_data": [ { - "vendor_name": "n/a", + "vendor_name": "Red Hat", "product": { "product_data": [ { - "product_name": "Kernel", + "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "version": { "version_data": [ { @@ -44,22 +44,74 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "6.3-rc1", + "version": "0:4.18.0-193.133.1.el8_2", + "lessThan": "*", + "versionType": "rpm", "status": "unaffected" } - ] + ], + "defaultStatus": "affected" } } ] } - } - ] - } - }, - { - "vendor_name": "Red Hat", - "product": { - "product_data": [ + }, + { + "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:4.18.0-193.133.1.rt13.184.el8_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:4.18.0-193.133.1.el8_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:4.18.0-193.133.1.el8_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "version": { @@ -336,26 +388,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } - } - ] - } } ] } @@ -402,6 +434,16 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1404" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:2006", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:2006" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:2008", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:2008" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-7192", "refsource": "MISC", diff --git a/2023/7xxx/CVE-2023-7216.json b/2023/7xxx/CVE-2023-7216.json index 02a5151a4ad..9c81e7edc5a 100644 --- a/2023/7xxx/CVE-2023-7216.json +++ b/2023/7xxx/CVE-2023-7216.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "cpio", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -109,26 +89,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unknown" - } - } - ] - } - } - ] - } } ] } diff --git a/2023/7xxx/CVE-2023-7250.json b/2023/7xxx/CVE-2023-7250.json index 0a51887dde5..315ee3201d3 100644 --- a/2023/7xxx/CVE-2023-7250.json +++ b/2023/7xxx/CVE-2023-7250.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "iperf", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "3.15", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -101,26 +76,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0193.json b/2024/0xxx/CVE-2024-0193.json index e28821380e3..1e8d617abd9 100644 --- a/2024/0xxx/CVE-2024-0193.json +++ b/2024/0xxx/CVE-2024-0193.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -184,26 +164,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0217.json b/2024/0xxx/CVE-2024-0217.json index 7f74d2de4c6..71353975e21 100644 --- a/2024/0xxx/CVE-2024-0217.json +++ b/2024/0xxx/CVE-2024-0217.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "PackageKit", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "1.2.7", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -120,26 +95,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0229.json b/2024/0xxx/CVE-2024-0229.json index befc9cbd0f5..248a147589e 100644 --- a/2024/0xxx/CVE-2024-0229.json +++ b/2024/0xxx/CVE-2024-0229.json @@ -31,49 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "xorg-server", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "21.1.11", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "xwayland", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "23.2.4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -410,32 +367,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0232.json b/2024/0xxx/CVE-2024-0232.json index 7a34c6e3abe..05919c798ea 100644 --- a/2024/0xxx/CVE-2024-0232.json +++ b/2024/0xxx/CVE-2024-0232.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "sqlite", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "3.43.2", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -120,75 +95,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - }, - { - "product_name": "Extra Packages for Enterprise Linux", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0406.json b/2024/0xxx/CVE-2024-0406.json index 96e16a684e0..80bd028c5a3 100644 --- a/2024/0xxx/CVE-2024-0406.json +++ b/2024/0xxx/CVE-2024-0406.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "mholt", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/0xxx/CVE-2024-0408.json b/2024/0xxx/CVE-2024-0408.json index 973672cd47c..48028b8ed5b 100644 --- a/2024/0xxx/CVE-2024-0408.json +++ b/2024/0xxx/CVE-2024-0408.json @@ -31,49 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "xorg-server", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "21.1.11", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "xwayland", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "23.2.4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -176,32 +133,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -223,6 +154,11 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2257689" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/", "refsource": "MISC", @@ -234,20 +170,15 @@ "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/" }, { - "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/", "refsource": "MISC", - "name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html" + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/" }, { "url": "https://security.gentoo.org/glsa/202401-30", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202401-30" }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/" - }, { "url": "https://security.netapp.com/advisory/ntap-20240307-0006/", "refsource": "MISC", diff --git a/2024/0xxx/CVE-2024-0409.json b/2024/0xxx/CVE-2024-0409.json index 8fa697f084d..bd529c51a15 100644 --- a/2024/0xxx/CVE-2024-0409.json +++ b/2024/0xxx/CVE-2024-0409.json @@ -31,49 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "xorg-server", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "21.1.11", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "xwayland", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "23.2.4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -176,32 +133,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -223,6 +154,11 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/", "refsource": "MISC", @@ -234,20 +170,15 @@ "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/" }, { - "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/", "refsource": "MISC", - "name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html" + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/" }, { "url": "https://security.gentoo.org/glsa/202401-30", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202401-30" }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/" - }, { "url": "https://security.netapp.com/advisory/ntap-20240307-0006/", "refsource": "MISC", diff --git a/2024/0xxx/CVE-2024-0443.json b/2024/0xxx/CVE-2024-0443.json index c468396fe80..22a9546bad3 100644 --- a/2024/0xxx/CVE-2024-0443.json +++ b/2024/0xxx/CVE-2024-0443.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -135,26 +115,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0553.json b/2024/0xxx/CVE-2024-0553.json index d248fa28b78..964e79664eb 100644 --- a/2024/0xxx/CVE-2024-0553.json +++ b/2024/0xxx/CVE-2024-0553.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "gnutls", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "3.8.3", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -221,26 +196,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0560.json b/2024/0xxx/CVE-2024-0560.json index 931e2db2194..99d6d5af26d 100644 --- a/2024/0xxx/CVE-2024-0560.json +++ b/2024/0xxx/CVE-2024-0560.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "upstream", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/0xxx/CVE-2024-0562.json b/2024/0xxx/CVE-2024-0562.json index dcea08e8afb..3055afbd168 100644 --- a/2024/0xxx/CVE-2024-0562.json +++ b/2024/0xxx/CVE-2024-0562.json @@ -31,37 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "6.0-rc3", - "status": "unaffected" - } - ] - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -174,26 +143,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0564.json b/2024/0xxx/CVE-2024-0564.json index 1f3074e9338..41491fed69b 100644 --- a/2024/0xxx/CVE-2024-0564.json +++ b/2024/0xxx/CVE-2024-0564.json @@ -30,26 +30,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -126,26 +106,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0565.json b/2024/0xxx/CVE-2024-0565.json index 9491be020ec..4ab6cbb82db 100644 --- a/2024/0xxx/CVE-2024-0565.json +++ b/2024/0xxx/CVE-2024-0565.json @@ -31,44 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "6.7-rc6", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -259,26 +221,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0567.json b/2024/0xxx/CVE-2024-0567.json index 6ab516e9b6d..d6fac8c78b8 100644 --- a/2024/0xxx/CVE-2024-0567.json +++ b/2024/0xxx/CVE-2024-0567.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "GnuTLS", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "3.8.3", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -188,32 +163,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0582.json b/2024/0xxx/CVE-2024-0582.json index 1c16668ca31..f111bb8f17d 100644 --- a/2024/0xxx/CVE-2024-0582.json +++ b/2024/0xxx/CVE-2024-0582.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -127,26 +107,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unknown" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0607.json b/2024/0xxx/CVE-2024-0607.json index bd4944af44b..41a2e5fe1f8 100644 --- a/2024/0xxx/CVE-2024-0607.json +++ b/2024/0xxx/CVE-2024-0607.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "6.7-rc2", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -132,26 +107,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0639.json b/2024/0xxx/CVE-2024-0639.json index e28bad56bd8..e30424526ca 100644 --- a/2024/0xxx/CVE-2024-0639.json +++ b/2024/0xxx/CVE-2024-0639.json @@ -31,44 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "6.5-rc1", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -145,26 +107,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0641.json b/2024/0xxx/CVE-2024-0641.json index d7a5e10e747..377605cbe93 100644 --- a/2024/0xxx/CVE-2024-0641.json +++ b/2024/0xxx/CVE-2024-0641.json @@ -31,44 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "6.6-rc5", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -145,26 +107,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0646.json b/2024/0xxx/CVE-2024-0646.json index f01ceb96504..9487d95071e 100644 --- a/2024/0xxx/CVE-2024-0646.json +++ b/2024/0xxx/CVE-2024-0646.json @@ -30,37 +30,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "6.7-rc5", - "status": "unaffected" - } - ] - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -510,26 +479,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0775.json b/2024/0xxx/CVE-2024-0775.json index b712fe0839e..6d84a4cf3e4 100644 --- a/2024/0xxx/CVE-2024-0775.json +++ b/2024/0xxx/CVE-2024-0775.json @@ -31,44 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "6.4-rc2", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -145,26 +107,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0822.json b/2024/0xxx/CVE-2024-0822.json index 605e9bf65bf..299fab16a15 100644 --- a/2024/0xxx/CVE-2024-0822.json +++ b/2024/0xxx/CVE-2024-0822.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "ovirt-engine", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/0xxx/CVE-2024-0841.json b/2024/0xxx/CVE-2024-0841.json index ae65844aaae..4cc2d1c1373 100644 --- a/2024/0xxx/CVE-2024-0841.json +++ b/2024/0xxx/CVE-2024-0841.json @@ -30,26 +30,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kernel", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -126,26 +106,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/0xxx/CVE-2024-0874.json b/2024/0xxx/CVE-2024-0874.json index 769e8ec0aa7..d87b648ecb0 100644 --- a/2024/0xxx/CVE-2024-0874.json +++ b/2024/0xxx/CVE-2024-0874.json @@ -1,17 +1,130 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0874", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use of Cache Containing Sensitive Information", + "cweId": "CWE-524" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Logging Subsystem for Red Hat OpenShift", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-0874", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-0874" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219234", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2219234" + }, + { + "url": "https://github.com/coredns/coredns/issues/6186", + "refsource": "MISC", + "name": "https://github.com/coredns/coredns/issues/6186" + }, + { + "url": "https://github.com/coredns/coredns/pull/6354", + "refsource": "MISC", + "name": "https://github.com/coredns/coredns/pull/6354" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "This issue was discovered by Petr Mensik (Red Hat)." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/0xxx/CVE-2024-0914.json b/2024/0xxx/CVE-2024-0914.json index 945fb6f3c06..2301e01d1d3 100644 --- a/2024/0xxx/CVE-2024-0914.json +++ b/2024/0xxx/CVE-2024-0914.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "openCryptoki", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -76,6 +56,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.17.0-6.el8_6", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "version": { @@ -167,26 +168,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -213,6 +194,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1856" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1992", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1992" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-0914", "refsource": "MISC", diff --git a/2024/1xxx/CVE-2024-1013.json b/2024/1xxx/CVE-2024-1013.json index e64fcd96b80..c00f373fba7 100644 --- a/2024/1xxx/CVE-2024-1013.json +++ b/2024/1xxx/CVE-2024-1013.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "unixODBC", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -115,26 +95,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/1xxx/CVE-2024-1023.json b/2024/1xxx/CVE-2024-1023.json index 1a697ede151..e07a088eaae 100644 --- a/2024/1xxx/CVE-2024-1023.json +++ b/2024/1xxx/CVE-2024-1023.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "vertx", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1048.json b/2024/1xxx/CVE-2024-1048.json index 31ef34cd5ba..b518b66c7aa 100644 --- a/2024/1xxx/CVE-2024-1048.json +++ b/2024/1xxx/CVE-2024-1048.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "grub2", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -109,26 +89,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -150,16 +110,6 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2256827" }, - { - "url": "https://www.openwall.com/lists/oss-security/2024/02/06/3", - "refsource": "MISC", - "name": "https://www.openwall.com/lists/oss-security/2024/02/06/3" - }, - { - "url": "https://security.netapp.com/advisory/ntap-20240223-0007/", - "refsource": "MISC", - "name": "https://security.netapp.com/advisory/ntap-20240223-0007/" - }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRZQCVZ3XOASVFT6XLO7F2ZXOLOHIJZQ/", "refsource": "MISC", @@ -169,6 +119,16 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSJAEGRR3XHMBBBKYOVMII4P34IXEYPE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSJAEGRR3XHMBBBKYOVMII4P34IXEYPE/" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240223-0007/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240223-0007/" + }, + { + "url": "https://www.openwall.com/lists/oss-security/2024/02/06/3", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2024/02/06/3" } ] }, diff --git a/2024/1xxx/CVE-2024-1062.json b/2024/1xxx/CVE-2024-1062.json index ae676b8affd..0158ca3e5e4 100644 --- a/2024/1xxx/CVE-2024-1062.json +++ b/2024/1xxx/CVE-2024-1062.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "389-ds-base", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "2.2.0", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -169,26 +144,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/1xxx/CVE-2024-1102.json b/2024/1xxx/CVE-2024-1102.json index c8a0579b1fd..bfd78062e86 100644 --- a/2024/1xxx/CVE-2024-1102.json +++ b/2024/1xxx/CVE-2024-1102.json @@ -1,17 +1,238 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1102", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Build of Keycloak", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Data Grid 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Data Grid 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform 6", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat JBoss Fuse 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Single Sign-On 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-1102", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-1102" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262060", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2262060" + }, + { + "url": "https://github.com/jberet/jsr352/issues/452", + "refsource": "MISC", + "name": "https://github.com/jberet/jsr352/issues/452" + } + ] + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/1xxx/CVE-2024-1132.json b/2024/1xxx/CVE-2024-1132.json index 08cc7635a8c..0cd7c8679bb 100644 --- a/2024/1xxx/CVE-2024-1132.json +++ b/2024/1xxx/CVE-2024-1132.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "upstream", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1139.json b/2024/1xxx/CVE-2024-1139.json index 104c00f6906..8fa521287f2 100644 --- a/2024/1xxx/CVE-2024-1139.json +++ b/2024/1xxx/CVE-2024-1139.json @@ -1,17 +1,144 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1139", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 3.11", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-1139", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-1139" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262158", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2262158" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Red Hat would like to thank Calvinna Caswara (noris network AG) and Patrick Gress (noris network AG) for reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/1xxx/CVE-2024-1141.json b/2024/1xxx/CVE-2024-1141.json index ea06f72abc4..fe3c9996d18 100644 --- a/2024/1xxx/CVE-2024-1141.json +++ b/2024/1xxx/CVE-2024-1141.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "upstream", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1233.json b/2024/1xxx/CVE-2024-1233.json index c94646e82fb..a481123ee50 100644 --- a/2024/1xxx/CVE-2024-1233.json +++ b/2024/1xxx/CVE-2024-1233.json @@ -30,26 +30,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "eap", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1249.json b/2024/1xxx/CVE-2024-1249.json index a8798d93bc9..138b8ffd2d0 100644 --- a/2024/1xxx/CVE-2024-1249.json +++ b/2024/1xxx/CVE-2024-1249.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "org.keycloak.protocol.oidc", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1300.json b/2024/1xxx/CVE-2024-1300.json index 7800ec9bf47..8fbd6afb9c7 100644 --- a/2024/1xxx/CVE-2024-1300.json +++ b/2024/1xxx/CVE-2024-1300.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "vertx", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1342.json b/2024/1xxx/CVE-2024-1342.json index f15ce63d9dc..a489ea6f6da 100644 --- a/2024/1xxx/CVE-2024-1342.json +++ b/2024/1xxx/CVE-2024-1342.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "openshift", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1441.json b/2024/1xxx/CVE-2024-1441.json index 78e8350ff0f..185402f22ce 100644 --- a/2024/1xxx/CVE-2024-1441.json +++ b/2024/1xxx/CVE-2024-1441.json @@ -31,37 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "libvirt", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "10.1.0", - "status": "unaffected" - } - ] - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -133,26 +102,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -169,6 +118,11 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2263841" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html", + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45FFKU3LODT345LAB5T4XZA5WKYMXJYU/", "refsource": "MISC", @@ -178,11 +132,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6MVZO5GXDB7RHY6MS3ZXES3HPK34P3A/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6MVZO5GXDB7RHY6MS3ZXES3HPK34P3A/" - }, - { - "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html", - "refsource": "MISC", - "name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html" } ] }, diff --git a/2024/1xxx/CVE-2024-1459.json b/2024/1xxx/CVE-2024-1459.json index 88c35e6009a..a03d1c61aa4 100644 --- a/2024/1xxx/CVE-2024-1459.json +++ b/2024/1xxx/CVE-2024-1459.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "upstream", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -114,7 +94,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "unknown" + "defaultStatus": "affected" } } ] @@ -192,6 +172,12 @@ } ] }, + "credits": [ + { + "lang": "en", + "value": "Red Hat would like to thank AAIB IT Unix Team for reporting this issue." + } + ], "impact": { "cvss": [ { diff --git a/2024/1xxx/CVE-2024-1481.json b/2024/1xxx/CVE-2024-1481.json index 5148b7b7084..3deee82bf72 100644 --- a/2024/1xxx/CVE-2024-1481.json +++ b/2024/1xxx/CVE-2024-1481.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "freeipa", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "4.11.1", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -101,26 +76,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/1xxx/CVE-2024-1485.json b/2024/1xxx/CVE-2024-1485.json index 682afd512ef..80157b5f034 100644 --- a/2024/1xxx/CVE-2024-1485.json +++ b/2024/1xxx/CVE-2024-1485.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "registry-support", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1635.json b/2024/1xxx/CVE-2024-1635.json index 262488095c1..5a5265982c7 100644 --- a/2024/1xxx/CVE-2024-1635.json +++ b/2024/1xxx/CVE-2024-1635.json @@ -31,48 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "undertow", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "2.3.10.SP3", - "status": "unaffected" - }, - { - "version": "2.2.30.SP1", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "upstream", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1657.json b/2024/1xxx/CVE-2024-1657.json index deaa0ed290d..7b416d5bdc5 100644 --- a/2024/1xxx/CVE-2024-1657.json +++ b/2024/1xxx/CVE-2024-1657.json @@ -1,17 +1,178 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1657", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Origin Validation in WebSockets", + "cweId": "CWE-1385" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:2.4-6.el8ap", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:1.0.5-1.el8ap", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:1.0.5-1.el8ap", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:2.4-6.el9ap", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:1.0.5-1.el9ap", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:1.0.5-1.el9ap", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1057", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1057" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2024-1657", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-1657" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265085", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2265085" + } + ] + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/1xxx/CVE-2024-1722.json b/2024/1xxx/CVE-2024-1722.json index 7132a518118..bea2b212b34 100644 --- a/2024/1xxx/CVE-2024-1722.json +++ b/2024/1xxx/CVE-2024-1722.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "keycloak-core", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1725.json b/2024/1xxx/CVE-2024-1725.json index 09d8a3a7df4..2bb28d80f62 100644 --- a/2024/1xxx/CVE-2024-1725.json +++ b/2024/1xxx/CVE-2024-1725.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "kubevirt-csi", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/1xxx/CVE-2024-1726.json b/2024/1xxx/CVE-2024-1726.json index ed63cf93bd4..10a3d33512d 100644 --- a/2024/1xxx/CVE-2024-1726.json +++ b/2024/1xxx/CVE-2024-1726.json @@ -1,17 +1,120 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1726", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was discovered in the RESTEasy Reactive implementation in Quarkus. Due to security checks for some JAX-RS endpoints being performed after serialization, more processing resources are consumed while the HTTP request is checked. In certain configurations, if an attacker has knowledge of any POST, PUT, or PATCH request paths, they can potentially identify vulnerable endpoints and trigger excessive resource usage as the endpoints process the requests. This can result in a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Preservation of Permissions", + "cweId": "CWE-281" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat build of Quarkus 3.2.11.Final", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "3.2.11.Final-redhat-00001", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat build of Quarkus", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1662", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1662" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2024-1726", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-1726" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265158", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2265158" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "This issue was discovered by Michal Vav\u0159\u00edk (Red Hat)." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" } ] } diff --git a/2024/1xxx/CVE-2024-1979.json b/2024/1xxx/CVE-2024-1979.json index fc77f5d0ef9..0c95720679c 100644 --- a/2024/1xxx/CVE-2024-1979.json +++ b/2024/1xxx/CVE-2024-1979.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "quarkus", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "3.7.3", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/21xxx/CVE-2024-21885.json b/2024/21xxx/CVE-2024-21885.json index 292a0904d63..ff47b015124 100644 --- a/2024/21xxx/CVE-2024-21885.json +++ b/2024/21xxx/CVE-2024-21885.json @@ -31,49 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "xorg-server", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "21.1.11", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "xwayland", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "23.2.4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -410,32 +367,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/21xxx/CVE-2024-21886.json b/2024/21xxx/CVE-2024-21886.json index fc26d601962..14251c3a16d 100644 --- a/2024/21xxx/CVE-2024-21886.json +++ b/2024/21xxx/CVE-2024-21886.json @@ -31,49 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "xorg-server", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "21.1.11", - "status": "unaffected" - } - ] - } - } - ] - } - }, - { - "product_name": "xwayland", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "23.2.4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -410,32 +367,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/25xxx/CVE-2024-25624.json b/2024/25xxx/CVE-2024-25624.json index 4832b60cc9f..0b9a10ab7dd 100644 --- a/2024/25xxx/CVE-2024-25624.json +++ b/2024/25xxx/CVE-2024-25624.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-25624", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in `iris-web` is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability can lead to an arbitrary Remote Code Execution. An authenticated administrator has to upload a crafted report template containing the payload. Upon generation of a report based on the weaponized report, any user can trigger the vulnerability. The vulnerability is patched in IRIS v2.4.6. No workaround is available. It is recommended to update as soon as possible. Until patching, review the report templates and keep the administrative privileges that include the upload of report templates limited to dedicated users. \n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine", + "cweId": "CWE-1336" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "dfir-iris", + "product": { + "product_data": [ + { + "product_name": "iris-web", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 2.4.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dfir-iris/iris-web/security/advisories/GHSA-m64w-f7fg-hpcr", + "refsource": "MISC", + "name": "https://github.com/dfir-iris/iris-web/security/advisories/GHSA-m64w-f7fg-hpcr" + } + ] + }, + "source": { + "advisory": "GHSA-m64w-f7fg-hpcr", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/28xxx/CVE-2024-28240.json b/2024/28xxx/CVE-2024-28240.json index 8ec451538e9..2cc1c6115b8 100644 --- a/2024/28xxx/CVE-2024-28240.json +++ b/2024/28xxx/CVE-2024-28240.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-28240", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The GLPI Agent is a generic management agent. A vulnerability that only affects GLPI-Agent installed on windows via MSI packaging can allow a local user to cause denial of agent service by replacing GLPI server url with a wrong url or disabling the service. Additionally, in the case the Deploy task is installed, a local malicious user can trigger privilege escalation configuring a malicious server providing its own deploy task payload. GLPI-Agent 1.7.2 contains a patch for this issue. As a workaround, edit GLPI-Agent related key under `HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall` and add `SystemComponent` DWORD value setting it to `1` to hide GLPI-Agent from installed applications." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "glpi-project", + "product": { + "product_data": [ + { + "product_name": "glpi-agent", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 1.7.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-hx3x-mmqg-h3jp", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-hx3x-mmqg-h3jp" + }, + { + "url": "https://github.com/glpi-project/glpi-agent/commit/41bbb1169e899bd15350a9e2fdbf9269a3b7a14f", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi-agent/commit/41bbb1169e899bd15350a9e2fdbf9269a3b7a14f" + } + ] + }, + "source": { + "advisory": "GHSA-hx3x-mmqg-h3jp", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/28xxx/CVE-2024-28241.json b/2024/28xxx/CVE-2024-28241.json index fe42e3b5d49..e571f7c639d 100644 --- a/2024/28xxx/CVE-2024-28241.json +++ b/2024/28xxx/CVE-2024-28241.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-28241", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The GLPI Agent is a generic management agent. Prior to version 1.7.2, a local user can modify GLPI-Agent code or used DLLs to modify agent logic and even gain higher privileges. Users should upgrade to GLPI-Agent 1.7.2 to receive a patch. As a workaround, use the default installation folder which involves installed folder is automatically secured by the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-269: Improper Privilege Management", + "cweId": "CWE-269" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "glpi-project", + "product": { + "product_data": [ + { + "product_name": "glpi-agent", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 1.7.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-3268-p58w-86hw", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-3268-p58w-86hw" + }, + { + "url": "https://github.com/glpi-project/glpi-agent/commit/9a97114f595562c91b0833b4a800dd51e9df65e9", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi-agent/commit/9a97114f595562c91b0833b4a800dd51e9df65e9" + } + ] + }, + "source": { + "advisory": "GHSA-3268-p58w-86hw", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/29xxx/CVE-2024-29660.json b/2024/29xxx/CVE-2024-29660.json index 4ea64a5f212..2e858d7239c 100644 --- a/2024/29xxx/CVE-2024-29660.json +++ b/2024/29xxx/CVE-2024-29660.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29660", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29660", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in DedeCMS v.5.7 allows a local attacker to execute arbitrary code via a crafted payload to the stepselect_main.php component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ysl1415926/cve/blob/main/DedeCMSv5.7.md", + "refsource": "MISC", + "name": "https://github.com/ysl1415926/cve/blob/main/DedeCMSv5.7.md" } ] } diff --git a/2024/2xxx/CVE-2024-2002.json b/2024/2xxx/CVE-2024-2002.json index d60be52f8cc..9a5818197b9 100644 --- a/2024/2xxx/CVE-2024-2002.json +++ b/2024/2xxx/CVE-2024-2002.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "libdwarf", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -70,26 +50,6 @@ }, { "product_name": "Red Hat Enterprise Linux 8", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unknown" - } - } - ] - } - } - ] - } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", "version": { "version_data": [ { @@ -131,6 +91,12 @@ } ] }, + "work_around": [ + { + "lang": "en", + "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." + } + ], "impact": { "cvss": [ { diff --git a/2024/2xxx/CVE-2024-2182.json b/2024/2xxx/CVE-2024-2182.json index 7c81954804f..797f90bf4dd 100644 --- a/2024/2xxx/CVE-2024-2182.json +++ b/2024/2xxx/CVE-2024-2182.json @@ -31,47 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "ovn", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "22.03.7", - "status": "unaffected" - }, - { - "version": "23.03.3", - "status": "unaffected" - }, - { - "version": "23.06.3", - "status": "unaffected" - }, - { - "version": "23.09.3", - "status": "unaffected" - }, - { - "version": "24.03.1", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -354,26 +313,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -435,6 +374,21 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2267840" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/" + }, { "url": "https://mail.openvswitch.org/pipermail/ovs-announce/2024-March/000346.html", "refsource": "MISC", @@ -444,21 +398,6 @@ "url": "https://www.openwall.com/lists/oss-security/2024/03/12/5", "refsource": "MISC", "name": "https://www.openwall.com/lists/oss-security/2024/03/12/5" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/" } ] }, diff --git a/2024/2xxx/CVE-2024-2236.json b/2024/2xxx/CVE-2024-2236.json index 997bb0e93fd..a65be7dc133 100644 --- a/2024/2xxx/CVE-2024-2236.json +++ b/2024/2xxx/CVE-2024-2236.json @@ -32,29 +32,22 @@ "vendor": { "vendor_data": [ { - "vendor_name": "n/a", + "vendor_name": "Red Hat", "product": { "product_data": [ { - "product_name": "upstream", + "product_name": "Red Hat Enterprise Linux 6", "version": { "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "affected" + "defaultStatus": "unknown" } } ] } - } - ] - } - }, - { - "vendor_name": "Red Hat", - "product": { - "product_data": [ + }, { "product_name": "Red Hat Enterprise Linux 7", "version": { @@ -62,7 +55,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "unknown" + "defaultStatus": "affected" } } ] @@ -75,7 +68,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "unknown" + "defaultStatus": "affected" } } ] @@ -88,33 +81,7 @@ { "version_value": "not down converted", "x_cve_json_5_version_data": { - "defaultStatus": "unknown" - } - } - ] - } - } - ] - } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unknown" - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unknown" + "defaultStatus": "affected" } } ] @@ -133,6 +100,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/security/cve/CVE-2024-2236" }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218" + }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268268", "refsource": "MISC", @@ -140,12 +112,6 @@ } ] }, - "credits": [ - { - "lang": "en", - "value": "This issue was discovered by Hubert Kario (Red Hat)." - } - ], "impact": { "cvss": [ { diff --git a/2024/2xxx/CVE-2024-2307.json b/2024/2xxx/CVE-2024-2307.json index 7197b32c6b0..4749135dcee 100644 --- a/2024/2xxx/CVE-2024-2307.json +++ b/2024/2xxx/CVE-2024-2307.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "osbuild-composer", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "94", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -88,26 +63,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unknown" - } - } - ] - } - } - ] - } } ] } @@ -126,6 +81,12 @@ } ] }, + "work_around": [ + { + "lang": "en", + "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." + } + ], "impact": { "cvss": [ { diff --git a/2024/2xxx/CVE-2024-2419.json b/2024/2xxx/CVE-2024-2419.json index c4e9196ff51..f6302fddd24 100644 --- a/2024/2xxx/CVE-2024-2419.json +++ b/2024/2xxx/CVE-2024-2419.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "upstream", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/2xxx/CVE-2024-2467.json b/2024/2xxx/CVE-2024-2467.json index 102f8fa5bed..2a28dbd4991 100644 --- a/2024/2xxx/CVE-2024-2467.json +++ b/2024/2xxx/CVE-2024-2467.json @@ -1,17 +1,149 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-2467", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Observable Discrepancy", + "cweId": "CWE-203" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 6", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-2467", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-2467" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269567", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2269567" + }, + { + "url": "https://github.com/toddr/Crypt-OpenSSL-RSA/issues/42", + "refsource": "MISC", + "name": "https://github.com/toddr/Crypt-OpenSSL-RSA/issues/42" + }, + { + "url": "https://people.redhat.com/~hkario/marvin/", + "refsource": "MISC", + "name": "https://people.redhat.com/~hkario/marvin/" + } + ] + }, + "work_around": [ + { + "lang": "en", + "value": "This CVE is mitigated (i.e. not exploitable) by using the openssl package with support for implicit rejection shipped in the following RHEL errata:\n\n* https://access.redhat.com/errata/RHSA-2024:0208\n* https://access.redhat.com/errata/RHSA-2024:0154\n* https://access.redhat.com/errata/RHSA-2023:7877\n* https://access.redhat.com/errata/RHSA-2024:0500\n* https://access.redhat.com/errata/RHBA-2023:6627" + } + ], + "credits": [ + { + "lang": "en", + "value": "This issue was discovered by Hubert Kario (Red Hat)." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/2xxx/CVE-2024-2494.json b/2024/2xxx/CVE-2024-2494.json index e48c28d3306..8889dad8b32 100644 --- a/2024/2xxx/CVE-2024-2494.json +++ b/2024/2xxx/CVE-2024-2494.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "libvirt", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -122,26 +102,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -158,15 +118,15 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2270115" }, - { - "url": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/", - "refsource": "MISC", - "name": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/" - }, { "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html" + }, + { + "url": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/", + "refsource": "MISC", + "name": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/" } ] }, diff --git a/2024/2xxx/CVE-2024-2496.json b/2024/2xxx/CVE-2024-2496.json index 01886b32cad..14dfba350ac 100644 --- a/2024/2xxx/CVE-2024-2496.json +++ b/2024/2xxx/CVE-2024-2496.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "libvirt", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "9.8.0", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -127,26 +102,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora 39", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/30xxx/CVE-2024-30890.json b/2024/30xxx/CVE-2024-30890.json index 01072f2c7f2..0dda40e9ed9 100644 --- a/2024/30xxx/CVE-2024-30890.json +++ b/2024/30xxx/CVE-2024-30890.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30890", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30890", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive information via the categories.php component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/rootlili/198922ef72c9bef973e04eb6b36a8aad", + "url": "https://gist.github.com/rootlili/198922ef72c9bef973e04eb6b36a8aad" } ] } diff --git a/2024/31xxx/CVE-2024-31574.json b/2024/31xxx/CVE-2024-31574.json index 954fa080424..d3e1acb6d8d 100644 --- a/2024/31xxx/CVE-2024-31574.json +++ b/2024/31xxx/CVE-2024-31574.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-31574", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-31574", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in TWCMS v.2.6 allows a local attacker to execute arbitrary code via a crafted script" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/ysl1415926/cve/blob/main/CVE-2024-31574.md", + "url": "https://github.com/ysl1415926/cve/blob/main/CVE-2024-31574.md" } ] } diff --git a/2024/31xxx/CVE-2024-31745.json b/2024/31xxx/CVE-2024-31745.json index 162bf47d551..deda381760a 100644 --- a/2024/31xxx/CVE-2024-31745.json +++ b/2024/31xxx/CVE-2024-31745.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2024-31745", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31745", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Libdwarf v0.9.1 was discovered to contain a heap use-after-free via the dw_empty_errlist_item function at /libdwarf/dwarf_alloc.c." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/davea42/libdwarf-code/issues/238", - "refsource": "MISC", - "name": "https://github.com/davea42/libdwarf-code/issues/238" - }, - { - "url": "https://github.com/davea42/libdwarf-code/commit/404e6b1b14f60c81388d50b4239f81d461b3c3ad", - "refsource": "MISC", - "name": "https://github.com/davea42/libdwarf-code/commit/404e6b1b14f60c81388d50b4239f81d461b3c3ad" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-2002. Reason: This candidate is a duplicate of CVE-2024-2002. Notes: All CVE users should reference CVE-2024-2002 instead of this candidate." } ] } diff --git a/2024/32xxx/CVE-2024-32236.json b/2024/32xxx/CVE-2024-32236.json index 0ced1fccf27..1224f1c2f14 100644 --- a/2024/32xxx/CVE-2024-32236.json +++ b/2024/32xxx/CVE-2024-32236.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-32236", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-32236", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/cidengcc/cmseasy/issues/1", + "refsource": "MISC", + "name": "https://github.com/cidengcc/cmseasy/issues/1" } ] } diff --git a/2024/32xxx/CVE-2024-32358.json b/2024/32xxx/CVE-2024-32358.json index bf6039db7d0..0ec92d93014 100644 --- a/2024/32xxx/CVE-2024-32358.json +++ b/2024/32xxx/CVE-2024-32358.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-32358", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-32358", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.wolai.com/catr00t/2LujDzjjcrAjUYpWtcusXD", + "refsource": "MISC", + "name": "https://www.wolai.com/catr00t/2LujDzjjcrAjUYpWtcusXD" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/rootlili/a6b6c89591f4773857ae81b7ca5898bc", + "url": "https://gist.github.com/rootlili/a6b6c89591f4773857ae81b7ca5898bc" } ] } diff --git a/2024/4xxx/CVE-2024-4196.json b/2024/4xxx/CVE-2024-4196.json new file mode 100644 index 00000000000..99150646b22 --- /dev/null +++ b/2024/4xxx/CVE-2024-4196.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4196", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4197.json b/2024/4xxx/CVE-2024-4197.json new file mode 100644 index 00000000000..9c2025b13f2 --- /dev/null +++ b/2024/4xxx/CVE-2024-4197.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4197", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4198.json b/2024/4xxx/CVE-2024-4198.json new file mode 100644 index 00000000000..e69325c3d0a --- /dev/null +++ b/2024/4xxx/CVE-2024-4198.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4198", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4199.json b/2024/4xxx/CVE-2024-4199.json new file mode 100644 index 00000000000..0fc6d13ee92 --- /dev/null +++ b/2024/4xxx/CVE-2024-4199.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4199", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file