diff --git a/2023/40xxx/CVE-2023-40546.json b/2023/40xxx/CVE-2023-40546.json index c3886ebaf38..425f3167a4f 100644 --- a/2023/40xxx/CVE-2023-40546.json +++ b/2023/40xxx/CVE-2023-40546.json @@ -44,7 +44,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "15.8-1.el7", + "version": "15.8", "status": "unaffected" } ] @@ -123,6 +123,104 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "version": { @@ -172,6 +270,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-3.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 7", "version": { @@ -249,6 +368,21 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1835" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1873", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1873" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1876", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1876" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1883", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1883" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-40546", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40547.json b/2023/40xxx/CVE-2023-40547.json index 11fdab822fa..9838b8a6f48 100644 --- a/2023/40xxx/CVE-2023-40547.json +++ b/2023/40xxx/CVE-2023-40547.json @@ -44,7 +44,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "15.8-1.el7", + "version": "15.8", "status": "unaffected" } ] @@ -123,6 +123,104 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "version": { @@ -172,6 +270,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-3.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 7", "version": { @@ -254,6 +373,21 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1835" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1873", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1873" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1876", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1876" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1883", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1883" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-40547", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40548.json b/2023/40xxx/CVE-2023-40548.json index 9a1e3a83887..dc9d965ba05 100644 --- a/2023/40xxx/CVE-2023-40548.json +++ b/2023/40xxx/CVE-2023-40548.json @@ -44,7 +44,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "15.8-1.el7", + "version": "15.8", "status": "unaffected" } ] @@ -123,6 +123,104 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "version": { @@ -172,6 +270,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-3.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 7", "version": { @@ -249,6 +368,21 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1835" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1873", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1873" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1876", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1876" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1883", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1883" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-40548", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40549.json b/2023/40xxx/CVE-2023-40549.json index 57fcb12d29d..a73eb6c3222 100644 --- a/2023/40xxx/CVE-2023-40549.json +++ b/2023/40xxx/CVE-2023-40549.json @@ -44,7 +44,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "15.8-1.el7", + "version": "15.8", "status": "unaffected" } ] @@ -123,6 +123,104 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "version": { @@ -172,6 +270,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-3.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 7", "version": { @@ -249,6 +368,21 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1835" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1873", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1873" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1876", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1876" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1883", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1883" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-40549", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40550.json b/2023/40xxx/CVE-2023-40550.json index 8bccb277ded..d66d4c6b5f2 100644 --- a/2023/40xxx/CVE-2023-40550.json +++ b/2023/40xxx/CVE-2023-40550.json @@ -44,7 +44,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "15.8-1.el7", + "version": "15.8", "status": "unaffected" } ] @@ -123,6 +123,104 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "version": { @@ -172,6 +270,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-3.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 7", "version": { @@ -249,6 +368,21 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1835" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1873", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1873" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1876", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1876" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1883", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1883" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-40550", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40551.json b/2023/40xxx/CVE-2023-40551.json index f3457c2289d..b485cf4dbc9 100644 --- a/2023/40xxx/CVE-2023-40551.json +++ b/2023/40xxx/CVE-2023-40551.json @@ -44,7 +44,7 @@ "x_cve_json_5_version_data": { "versions": [ { - "version": "15.8-1.el7", + "version": "15.8", "status": "unaffected" } ] @@ -123,6 +123,104 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8_4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-2.el8", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "version": { @@ -172,6 +270,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:15.8-3.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 7", "version": { @@ -249,6 +368,21 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1835" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1873", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1873" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1876", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1876" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1883", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1883" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-40551", "refsource": "MISC", diff --git a/2023/6xxx/CVE-2023-6240.json b/2023/6xxx/CVE-2023-6240.json index df700c4fc70..e87451d243b 100644 --- a/2023/6xxx/CVE-2023-6240.json +++ b/2023/6xxx/CVE-2023-6240.json @@ -55,6 +55,41 @@ "vendor_name": "Red Hat", "product": { "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:5.14.0-284.62.1.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:5.14.0-284.62.1.rt14.347.el9_2", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 6", "version": { @@ -153,6 +188,16 @@ }, "references": { "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1881", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1881" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1882", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1882" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-6240", "refsource": "MISC", diff --git a/2024/1xxx/CVE-2024-1426.json b/2024/1xxx/CVE-2024-1426.json index 9c0d70dbe64..304be03f220 100644 --- a/2024/1xxx/CVE-2024-1426.json +++ b/2024/1xxx/CVE-2024-1426.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1426", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018link\u2019 attribute of the Price List widget in all versions up to, and including, 5.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "bdthemes", + "product": { + "product_data": [ + { + "product_name": "Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "5.6.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2edfceaf-e719-4351-8f5c-2d7dd401c84e?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2edfceaf-e719-4351-8f5c-2d7dd401c84e?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3070672/bdthemes-element-pack-lite/trunk/modules/price-list/widgets/price-list.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3070672/bdthemes-element-pack-lite/trunk/modules/price-list/widgets/price-list.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "wesley" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/1xxx/CVE-2024-1429.json b/2024/1xxx/CVE-2024-1429.json index 24d339c4d7f..a97a3a16cbe 100644 --- a/2024/1xxx/CVE-2024-1429.json +++ b/2024/1xxx/CVE-2024-1429.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-1429", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018tab_link\u2019 attribute of the Panel Slider widget in all versions up to, and including, 5.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "bdthemes", + "product": { + "product_data": [ + { + "product_name": "Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "5.6.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ec6b03c-e594-4b20-9da0-78413048ba70?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ec6b03c-e594-4b20-9da0-78413048ba70?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3070672/bdthemes-element-pack-lite/trunk/modules/panel-slider/widgets/panel-slider.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3070672/bdthemes-element-pack-lite/trunk/modules/panel-slider/widgets/panel-slider.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Maxuel" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/28xxx/CVE-2024-28834.json b/2024/28xxx/CVE-2024-28834.json index ca22993a77c..90470045d41 100644 --- a/2024/28xxx/CVE-2024-28834.json +++ b/2024/28xxx/CVE-2024-28834.json @@ -95,6 +95,41 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.7.6-23.el9_3.4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.7.6-23.el9_3.4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 6", "version": { @@ -120,19 +155,6 @@ } ] } - }, - { - "product_name": "Red Hat Enterprise Linux 9", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } } ] } @@ -167,6 +189,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1784" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1879", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1879" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-28834", "refsource": "MISC", diff --git a/2024/28xxx/CVE-2024-28835.json b/2024/28xxx/CVE-2024-28835.json index f43b2f17894..ce4f965b95b 100644 --- a/2024/28xxx/CVE-2024-28835.json +++ b/2024/28xxx/CVE-2024-28835.json @@ -60,6 +60,41 @@ "vendor_name": "Red Hat", "product": { "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.7.6-23.el9_3.4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.7.6-23.el9_3.4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 6", "version": { @@ -98,19 +133,6 @@ } ] } - }, - { - "product_name": "Red Hat Enterprise Linux 9", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } } ] } @@ -140,6 +162,11 @@ }, "references": { "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:1879", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1879" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-28835", "refsource": "MISC", diff --git a/2024/2xxx/CVE-2024-2729.json b/2024/2xxx/CVE-2024-2729.json index ecf9872c89b..92f425917c7 100644 --- a/2024/2xxx/CVE-2024-2729.json +++ b/2024/2xxx/CVE-2024-2729.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-2729", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Otter Blocks ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.6.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/5014f886-020e-49d1-96a5-2159eed8ba14/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/5014f886-020e-49d1-96a5-2159eed8ba14/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Dmitrii Ignatyev" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file