admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-02-07 22:00:34 +00:00
parent 5e28a8ea6f
commit 6596e45572
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
18 changed files with 1464 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
2023/4xxx/CVE-2023-4132.json
View File

@ -95,6 +95,27 @@
] ]
} }
}, },
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{ {
"product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"version": { "version": {
@ -116,6 +137,27 @@
] ]
} }
}, },
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "Red Hat Enterprise Linux 6",
"version": { "version": {
@ -210,6 +252,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0575" "name": "https://access.redhat.com/errata/RHSA-2024:0575"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2024:0724",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0724"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-4132", "url": "https://access.redhat.com/security/cve/CVE-2023-4132",
"refsource": "MISC", "refsource": "MISC",

274
2023/6xxx/CVE-2023-6356.json
View File

@ -1,17 +1,283 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-6356", "ID": "CVE-2023-6356",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.rt14.337.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0723"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0724",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0724"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0725",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0725"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6356",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-6356"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254054",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254054"
}
]
},
"work_around": [
{
"lang": "en",
"value": "To mitigate this issue, prevent module nvmet-tcp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Alon Zahavi for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
} }
] ]
} }

274
2023/6xxx/CVE-2023-6535.json
View File

@ -1,17 +1,283 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-6535", "ID": "CVE-2023-6535",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.rt14.337.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0723"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0724",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0724"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0725",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0725"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6535",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-6535"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254053",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254053"
}
]
},
"work_around": [
{
"lang": "en",
"value": "To mitigate this issue, prevent module nvmet-tcp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Alon Zahavi for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
} }
] ]
} }

274
2023/6xxx/CVE-2023-6536.json
View File

@ -1,17 +1,283 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-6536", "ID": "CVE-2023-6536",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.rt14.337.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0723"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0724",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0724"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0725",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0725"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6536",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-6536"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254052",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254052"
}
]
},
"work_around": [
{
"lang": "en",
"value": "To mitigate this issue, prevent module nvmet-tcp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Alon Zahavi for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
} }
] ]
} }

45
2023/6xxx/CVE-2023-6606.json
View File

@ -55,6 +55,41 @@
"vendor_name": "Red Hat", "vendor_name": "Red Hat",
"product": { "product": {
"product_data": [ "product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.rt14.337.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "Red Hat Enterprise Linux 6",
"version": { "version": {
@ -153,6 +188,16 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0723"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0725",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0725"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-6606", "url": "https://access.redhat.com/security/cve/CVE-2023-6606",
"refsource": "MISC", "refsource": "MISC",

98
2023/6xxx/CVE-2023-6610.json
View File

@ -55,6 +55,83 @@
"vendor_name": "Red Hat", "vendor_name": "Red Hat",
"product": { "product": {
"product_data": [ "product_data": [
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.rt14.337.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "Red Hat Enterprise Linux 6",
"version": { "version": {
@ -91,12 +168,6 @@
"product_name": "Red Hat Enterprise Linux 8", "product_name": "Red Hat Enterprise Linux 8",
"version": { "version": {
"version_data": [ "version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{ {
"version_value": "not down converted", "version_value": "not down converted",
"x_cve_json_5_version_data": { "x_cve_json_5_version_data": {
@ -153,6 +224,21 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0723"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0724",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0724"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0725",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0725"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-6610", "url": "https://access.redhat.com/security/cve/CVE-2023-6610",
"refsource": "MISC", "refsource": "MISC",

45
2023/7xxx/CVE-2023-7192.json
View File

@ -60,6 +60,41 @@
"vendor_name": "Red Hat", "vendor_name": "Red Hat",
"product": { "product": {
"product_data": [ "product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.rt14.337.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "Red Hat Enterprise Linux 6",
"version": { "version": {
@ -158,6 +193,16 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0723"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0725",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0725"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-7192", "url": "https://access.redhat.com/security/cve/CVE-2023-7192",
"refsource": "MISC", "refsource": "MISC",

98
2024/0xxx/CVE-2024-0646.json
View File

@ -65,6 +65,83 @@
"vendor_name": "Red Hat", "vendor_name": "Red Hat",
"product": { "product": {
"product_data": [ "product_data": [
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.52.1.rt14.337.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-372.91.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "Red Hat Enterprise Linux 6",
"version": { "version": {
@ -101,12 +178,6 @@
"product_name": "Red Hat Enterprise Linux 8", "product_name": "Red Hat Enterprise Linux 8",
"version": { "version": {
"version_data": [ "version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{ {
"version_value": "not down converted", "version_value": "not down converted",
"x_cve_json_5_version_data": { "x_cve_json_5_version_data": {
@ -163,6 +234,21 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0723",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0723"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0724",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0724"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0725",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0725"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2024-0646", "url": "https://access.redhat.com/security/cve/CVE-2024-0646",
"refsource": "MISC", "refsource": "MISC",

36
2024/0xxx/CVE-2024-0690.json
View File

@ -69,12 +69,41 @@
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Ansible Automation Platform 2", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "not down converted", "version_value": "not down converted",
"x_cve_json_5_version_data": { "x_cve_json_5_version_data": {
"versions": [
{
"version": "1:2.15.9-1.el8ap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:2.15.9-1.el9ap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected" "defaultStatus": "affected"
} }
} }
@ -167,6 +196,11 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0733",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0733"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2024-0690", "url": "https://access.redhat.com/security/cve/CVE-2024-0690",
"refsource": "MISC", "refsource": "MISC",

18
2024/1xxx/CVE-2024-1335.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1335",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1336.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1336",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1337.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1337",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1338.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1338",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1339.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1339",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1340.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1340",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/1xxx/CVE-2024-1341.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1341",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

84
2024/23xxx/CVE-2024-23448.json
View File

@ -1,17 +1,93 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-23448", "ID": "CVE-2024-23448",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@elastic.co",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Insertion of Sensitive Information into Log File",
"cweId": "CWE-532"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elastic",
"product": {
"product_data": [
{
"product_name": "APM Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "8.12",
"version_value": "8.12.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://discuss.elastic.co/t/apm-server-8-12-1-security-update-esa-2024-03/352688",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/apm-server-8-12-1-security-update-esa-2024-03/352688"
},
{
"url": "https://www.elastic.co/community/security",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
} }
] ]
} }

96
2024/24xxx/CVE-2024-24806.json
View File

@ -1,17 +1,105 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-24806", "ID": "CVE-2024-24806",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918: Server-Side Request Forgery (SSRF)",
"cweId": "CWE-918"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "libuv",
"product": {
"product_data": [
{
"product_name": "libuv",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.45.0, < 1.48.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6",
"refsource": "MISC",
"name": "https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6"
},
{
"url": "https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629",
"refsource": "MISC",
"name": "https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629"
},
{
"url": "https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70",
"refsource": "MISC",
"name": "https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70"
},
{
"url": "https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488",
"refsource": "MISC",
"name": "https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488"
},
{
"url": "https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39",
"refsource": "MISC",
"name": "https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39"
}
]
},
"source": {
"advisory": "GHSA-f74f-cvh7-c6q6",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
} }
] ]
} }