admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-04-04 21:00:40 +00:00
parent 92665a852a
commit 7825aa320e
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
23 changed files with 1534 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
2023/38xxx/CVE-2023-38709.json
View File

@ -1,18 +1,76 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-38709", "ID": "CVE-2023-38709",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@apache.org",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\n\nThis issue affects Apache HTTP Server: through 2.4.58.\n"
} }
] ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HTTP response splitting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "2.4.58"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"name": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Orange Tsai (@orange_8361) from DEVCORE"
}
]
} }

101
2023/45xxx/CVE-2023-45288.json
View File

@ -1,18 +1,109 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-45288", "ID": "CVE-2023-45288",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@golang.org",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection."
} }
] ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Go standard library",
"product": {
"product_data": [
{
"product_name": "net/http",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.21.9"
},
{
"version_affected": "<",
"version_name": "1.22.0-0",
"version_value": "1.22.2"
}
]
}
}
]
}
},
{
"vendor_name": "golang.org/x/net",
"product": {
"product_data": [
{
"product_name": "golang.org/x/net/http2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "0.23.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://go.dev/issue/65051",
"refsource": "MISC",
"name": "https://go.dev/issue/65051"
},
{
"url": "https://go.dev/cl/576155",
"refsource": "MISC",
"name": "https://go.dev/cl/576155"
},
{
"url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M",
"refsource": "MISC",
"name": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2687",
"refsource": "MISC",
"name": "https://pkg.go.dev/vuln/GO-2024-2687"
}
]
},
"credits": [
{
"lang": "en",
"value": "Bartek Nowotarski (https://nowotarski.info/)"
}
]
} }

161
2024/22xxx/CVE-2024-22023.json
View File

@ -1,17 +1,170 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-22023", "ID": "CVE-2024-22023",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "support@hackerone.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. "
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ivanti",
"product": {
"product_data": [
{
"product_name": "Connect Secure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "22.1R6.2",
"version_value": "22.1R6.2"
},
{
"version_affected": "<",
"version_name": "22.2R4.2",
"version_value": "22.2R4.2"
},
{
"version_affected": "<",
"version_name": "22.3R1.2",
"version_value": "22.3R1.2"
},
{
"version_affected": "<",
"version_name": "22.4R1.2",
"version_value": "22.4R1.2"
},
{
"version_affected": "<",
"version_name": "22.4R2.4",
"version_value": "22.4R2.4"
},
{
"version_affected": "<",
"version_name": "22.5R1.3",
"version_value": "22.5R1.3"
},
{
"version_affected": "<",
"version_name": "22.5R2.4",
"version_value": "22.5R2.4"
},
{
"version_affected": "<",
"version_name": "22.6R2.3",
"version_value": "22.6R2.3"
},
{
"version_affected": "<",
"version_name": "9.1R14.6",
"version_value": "9.1R14.6"
},
{
"version_affected": "<",
"version_name": "9.1R15.4",
"version_value": "9.1R15.4"
},
{
"version_affected": "<",
"version_name": "9.1R16.4",
"version_value": "9.1R16.4"
},
{
"version_affected": "<",
"version_name": "9.1R17.4",
"version_value": "9.1R17.4"
},
{
"version_affected": "<",
"version_name": "9.1R18.5",
"version_value": "9.1R18.5"
}
]
}
},
{
"product_name": "Policy Secure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "22.4R1.2",
"version_value": "22.4R1.2"
},
{
"version_affected": "<",
"version_name": "22.5R1.3",
"version_value": "22.5R1.3"
},
{
"version_affected": "<",
"version_name": "22.6R1.2",
"version_value": "22.6R1.2"
},
{
"version_affected": "<",
"version_name": "9.1R16.4",
"version_value": "9.1R16.4"
},
{
"version_affected": "<",
"version_name": "9.1R17.4",
"version_value": "9.1R17.4"
},
{
"version_affected": "<",
"version_name": "9.1R18.5",
"version_value": "9.1R18.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",
"refsource": "MISC",
"name": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
} }
] ]
} }

161
2024/22xxx/CVE-2024-22052.json
View File

@ -1,17 +1,170 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-22052", "ID": "CVE-2024-22052",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "support@hackerone.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack "
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ivanti",
"product": {
"product_data": [
{
"product_name": "Connect Secure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "22.1R6.2",
"version_value": "22.1R6.2"
},
{
"version_affected": "<",
"version_name": "22.2R4.2",
"version_value": "22.2R4.2"
},
{
"version_affected": "<",
"version_name": "22.3R1.2",
"version_value": "22.3R1.2"
},
{
"version_affected": "<",
"version_name": "22.4R1.2",
"version_value": "22.4R1.2"
},
{
"version_affected": "<",
"version_name": "22.4R2.4",
"version_value": "22.4R2.4"
},
{
"version_affected": "<",
"version_name": "22.5R1.3",
"version_value": "22.5R1.3"
},
{
"version_affected": "<",
"version_name": "22.5R2.4",
"version_value": "22.5R2.4"
},
{
"version_affected": "<",
"version_name": "22.6R2.3",
"version_value": "22.6R2.3"
},
{
"version_affected": "<",
"version_name": "9.1R14.6",
"version_value": "9.1R14.6"
},
{
"version_affected": "<",
"version_name": "9.1R15.4",
"version_value": "9.1R15.4"
},
{
"version_affected": "<",
"version_name": "9.1R16.4",
"version_value": "9.1R16.4"
},
{
"version_affected": "<",
"version_name": "9.1R17.4",
"version_value": "9.1R17.4"
},
{
"version_affected": "<",
"version_name": "9.1R18.5",
"version_value": "9.1R18.5"
}
]
}
},
{
"product_name": "Policy Secure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "22.4R1.2",
"version_value": "22.4R1.2"
},
{
"version_affected": "<",
"version_name": "22.5R1.3",
"version_value": "22.5R1.3"
},
{
"version_affected": "<",
"version_name": "22.6R1.2",
"version_value": "22.6R1.2"
},
{
"version_affected": "<",
"version_name": "9.1R16.4",
"version_value": "9.1R16.4"
},
{
"version_affected": "<",
"version_name": "9.1R17.4",
"version_value": "9.1R17.4"
},
{
"version_affected": "<",
"version_name": "9.1R18.5",
"version_value": "9.1R18.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",
"refsource": "MISC",
"name": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH"
} }
] ]
} }

161
2024/22xxx/CVE-2024-22053.json
View File

@ -1,17 +1,170 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-22053", "ID": "CVE-2024-22053",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "support@hackerone.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x\n 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. "
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ivanti",
"product": {
"product_data": [
{
"product_name": "Connect Secure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "22.1R6.2",
"version_value": "22.1R6.2"
},
{
"version_affected": "<",
"version_name": "22.2R4.2",
"version_value": "22.2R4.2"
},
{
"version_affected": "<",
"version_name": "22.3R1.2",
"version_value": "22.3R1.2"
},
{
"version_affected": "<",
"version_name": "22.4R1.2",
"version_value": "22.4R1.2"
},
{
"version_affected": "<",
"version_name": "22.4R2.4",
"version_value": "22.4R2.4"
},
{
"version_affected": "<",
"version_name": "22.5R1.3",
"version_value": "22.5R1.3"
},
{
"version_affected": "<",
"version_name": "22.5R2.4",
"version_value": "22.5R2.4"
},
{
"version_affected": "<",
"version_name": "22.6R2.3",
"version_value": "22.6R2.3"
},
{
"version_affected": "<",
"version_name": "9.1R14.6",
"version_value": "9.1R14.6"
},
{
"version_affected": "<",
"version_name": "9.1R15.4",
"version_value": "9.1R15.4"
},
{
"version_affected": "<",
"version_name": "9.1R16.4",
"version_value": "9.1R16.4"
},
{
"version_affected": "<",
"version_name": "9.1R17.4",
"version_value": "9.1R17.4"
},
{
"version_affected": "<",
"version_name": "9.1R18.5",
"version_value": "9.1R18.5"
}
]
}
},
{
"product_name": "Policy Secure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "22.4R1.2",
"version_value": "22.4R1.2"
},
{
"version_affected": "<",
"version_name": "22.5R1.3",
"version_value": "22.5R1.3"
},
{
"version_affected": "<",
"version_name": "22.6R1.2",
"version_value": "22.6R1.2"
},
{
"version_affected": "<",
"version_name": "9.1R16.4",
"version_value": "9.1R16.4"
},
{
"version_affected": "<",
"version_name": "9.1R17.4",
"version_value": "9.1R17.4"
},
{
"version_affected": "<",
"version_name": "9.1R18.5",
"version_value": "9.1R18.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",
"refsource": "MISC",
"name": "https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH"
} }
] ]
} }

72
2024/24xxx/CVE-2024-24795.json
View File

@ -1,18 +1,80 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-24795", "ID": "CVE-2024-24795",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@apache.org",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.\n\nUsers are recommended to upgrade to version 2.4.59, which fixes this issue."
} }
] ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HTTP response splitting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4.0",
"version_value": "2.4.58"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"name": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Keran Mu, Tsinghua University and Zhongguancun Laboratory."
},
{
"lang": "en",
"value": "Jianjun Chen, Tsinghua University and Zhongguancun Laboratory."
}
]
} }

69
2024/27xxx/CVE-2024-27316.json
View File

@ -1,18 +1,77 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-27316", "ID": "CVE-2024-27316",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@apache.org",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion."
} }
] ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2.4.17",
"version_value": "2.4.58"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"name": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Bartek Nowotarski (https://nowotarski.info/) "
}
]
} }

56
2024/29xxx/CVE-2024-29386.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-29386",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-29386",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "projeqtor up to 11.2.0 was discovered to contain a SQL injection vulnerability via the component /view/criticalResourceExport.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://cve.anas-cherni.me/2024/04/04/cve-2024-29386/",
"url": "https://cve.anas-cherni.me/2024/04/04/cve-2024-29386/"
} }
] ]
} }

56
2024/29xxx/CVE-2024-29387.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-29387",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2024-29387",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "projeqtor up to 11.2.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /view/print.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://cve.anas-cherni.me/2024/04/04/cve-2024-29387/",
"url": "https://cve.anas-cherni.me/2024/04/04/cve-2024-29387/"
} }
] ]
} }

2
2024/29xxx/CVE-2024-29946.json
View File

@ -64,7 +64,7 @@
{ {
"version_affected": "<", "version_affected": "<",
"version_name": "-", "version_name": "-",
"version_value": "9.1.2312.100" "version_value": "9.1.2312.200"
} }
] ]
} }

88
2024/30xxx/CVE-2024-30255.json
View File

@ -1,17 +1,97 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-30255", "ID": "CVE-2024-30255",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoy's header map limits. This allows an attacker to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic and culminating in denial of service through CPU exhaustion. Users should upgrade to version 1.29.3, 1.28.2, 1.27.4, or 1.26.8 to mitigate the effects of the CONTINUATION flood. As a workaround, disable HTTP/2 protocol for downstream connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-390: Detection of Error Condition Without Action",
"cweId": "CWE-390"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "envoyproxy",
"product": {
"product_data": [
{
"product_name": "envoy",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.29.0, < 1.29.3"
},
{
"version_affected": "=",
"version_value": ">= 1.28.0, < 1.28.2"
},
{
"version_affected": "=",
"version_value": ">= 1.27.0, < 1.27.4"
},
{
"version_affected": "=",
"version_value": "< 1.26.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm",
"refsource": "MISC",
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm"
}
]
},
"source": {
"advisory": "GHSA-j654-3ccm-vfmm",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
} }
] ]
} }

86
2024/30xxx/CVE-2024-30264.json
View File

@ -1,17 +1,95 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-30264", "ID": "CVE-2024-30264",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Typebot is an open-source chatbot builder. A reflected cross-site scripting (XSS) in the sign-in page of typebot.io prior to version 2.24.0 may allow an attacker to hijack a user's account. The sign-in page takes the `redirectPath` parameter from the URL. If a user clicks on a link where the `redirectPath` parameter has a javascript scheme, the attacker that crafted the link may be able to execute arbitrary JavaScript with the privileges of the user. Version 2.24.0 contains a patch for this issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "baptisteArno",
"product": {
"product_data": [
{
"product_name": "typebot.io",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 2.24.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-mx2f-9mcr-8j73",
"refsource": "MISC",
"name": "https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-mx2f-9mcr-8j73"
},
{
"url": "https://github.com/baptisteArno/typebot.io/commit/d0be29e25732c410b561cbc3c5607c3c1d4b6c8e",
"refsource": "MISC",
"name": "https://github.com/baptisteArno/typebot.io/commit/d0be29e25732c410b561cbc3c5607c3c1d4b6c8e"
},
{
"url": "https://github.com/baptisteArno/typebot.io/blob/v2.23.0/apps/builder/src/features/auth/components/SignInForm.tsx#L35",
"refsource": "MISC",
"name": "https://github.com/baptisteArno/typebot.io/blob/v2.23.0/apps/builder/src/features/auth/components/SignInForm.tsx#L35"
}
]
},
"source": {
"advisory": "GHSA-mx2f-9mcr-8j73",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
} }
] ]
} }

81
2024/30xxx/CVE-2024-30270.json
View File

@ -1,17 +1,90 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-30270", "ID": "CVE-2024-30270",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability is a combination of path traversal and arbitrary code execution, specifically targeting the `rspamd_maps()` function. It allows authenticated admin users to overwrite any file writable by the www-data user by exploiting improper path validation. The exploit chain can lead to the execution of arbitrary commands on the server. Version 2024-04 contains a patch for the issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "mailcow",
"product": {
"product_data": [
{
"product_name": "mailcow-dockerized",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 2024-04"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-4m8r-87gc-3vvp",
"refsource": "MISC",
"name": "https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-4m8r-87gc-3vvp"
},
{
"url": "https://mailcow.email/posts/2024/release-2024-04",
"refsource": "MISC",
"name": "https://mailcow.email/posts/2024/release-2024-04"
}
]
},
"source": {
"advisory": "GHSA-4m8r-87gc-3vvp",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
} }
] ]
} }

76
2024/31xxx/CVE-2024-31204.json
View File

@ -1,17 +1,85 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-31204", "ID": "CVE-2024-31204",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security-advisories@github.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability resides in the exception handling mechanism, specifically when not operating in DEV_MODE. The system saves exception details into a session array without proper sanitization or encoding. These details are later rendered into HTML and executed in a JavaScript block within the user's browser, without adequate escaping of HTML entities. This flaw allows for Cross-Site Scripting (XSS) attacks, where attackers can inject malicious scripts into the admin panel by triggering exceptions with controlled input. The exploitation method involves using any function that might throw an exception with user-controllable argument. This issue can lead to session hijacking and unauthorized administrative actions, posing a significant security risk. Version 2024-04 contains a fix for the issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "mailcow",
"product": {
"product_data": [
{
"product_name": "mailcow-dockerized",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 2024-04"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-fp6h-63w4-5hcm",
"refsource": "MISC",
"name": "https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-fp6h-63w4-5hcm"
}
]
},
"source": {
"advisory": "GHSA-fp6h-63w4-5hcm",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
} }
] ]
} }

108
2024/3xxx/CVE-2024-3270.json
View File

@ -1,17 +1,117 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2024-3270", "ID": "CVE-2024-3270",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cna@vuldb.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This vulnerability affects unknown code of the component AdvancedFeature. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259282 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure and replied to be planning to fix this issue in version 3.7."
},
{
"lang": "deu",
"value": "In ThingsBoard bis 3.6.2 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Komponente AdvancedFeature. Dank Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ThingsBoard",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.6.0"
},
{
"version_affected": "=",
"version_value": "3.6.1"
},
{
"version_affected": "=",
"version_value": "3.6.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.259282",
"refsource": "MISC",
"name": "https://vuldb.com/?id.259282"
},
{
"url": "https://vuldb.com/?ctiid.259282",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.259282"
},
{
"url": "https://vuldb.com/?submit.301359",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.301359"
},
{
"url": "https://drive.google.com/file/d/1w9iSMpyKDuapH9wjsgTe8AYPn8Z30u2Z/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1w9iSMpyKDuapH9wjsgTe8AYPn8Z30u2Z/view?usp=drive_link"
}
]
},
"credits": [
{
"lang": "en",
"value": "sickuritywizard (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.8,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4.7,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:P"
} }
] ]
} }

127
2024/3xxx/CVE-2024-3311.json Normal file
View File

@ -0,0 +1,127 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-3311",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Dreamer CMS up to 4.1.3.0. It has been declared as critical. Affected by this vulnerability is the function ZipUtils.unZipFiles of the file controller/admin/ThemesController.java. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.3.1 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-259369 was assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In Dreamer CMS bis 4.1.3.0 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es die Funktion ZipUtils.unZipFiles der Datei controller/admin/ThemesController.java. Dank der Manipulation mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 4.1.3.1 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Path Traversal",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Dreamer",
"product": {
"product_data": [
{
"product_name": "CMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.1.0"
},
{
"version_affected": "=",
"version_value": "4.1.1"
},
{
"version_affected": "=",
"version_value": "4.1.2"
},
{
"version_affected": "=",
"version_value": "4.1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.259369",
"refsource": "MISC",
"name": "https://vuldb.com/?id.259369"
},
{
"url": "https://vuldb.com/?ctiid.259369",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.259369"
},
{
"url": "https://vuldb.com/?submit.303874",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.303874"
},
{
"url": "https://gitee.com/y1336247431/poc-public/issues/I9BA5R",
"refsource": "MISC",
"name": "https://gitee.com/y1336247431/poc-public/issues/I9BA5R"
},
{
"url": "https://gitee.com/iteachyou/dreamer_cms/releases/tag/Latest_Stable_Release_4.1.3.1",
"refsource": "MISC",
"name": "https://gitee.com/iteachyou/dreamer_cms/releases/tag/Latest_Stable_Release_4.1.3.1"
}
]
},
"credits": [
{
"lang": "en",
"value": "passwd7 (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}
}

18
2024/3xxx/CVE-2024-3337.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3337",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3338.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3338",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3339.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3339",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3340.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3340",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3341.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3341",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3342.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3342",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/3xxx/CVE-2024-3343.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-3343",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}