From 950ee8dc57d0593e1842ec20771a1d9f09fb1984 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 20 Feb 2025 20:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/11xxx/CVE-2024-11146.json | 11 +++- 2024/13xxx/CVE-2024-13897.json | 18 ++++++ 2025/0xxx/CVE-2025-0352.json | 104 +++++++++++++++++++++++++++++++-- 2025/1xxx/CVE-2025-1265.json | 104 +++++++++++++++++++++++++++++++-- 2025/1xxx/CVE-2025-1508.json | 18 ++++++ 2025/1xxx/CVE-2025-1509.json | 18 ++++++ 2025/1xxx/CVE-2025-1510.json | 18 ++++++ 2025/1xxx/CVE-2025-1511.json | 18 ++++++ 2025/1xxx/CVE-2025-1512.json | 18 ++++++ 2025/1xxx/CVE-2025-1513.json | 18 ++++++ 2025/1xxx/CVE-2025-1514.json | 18 ++++++ 2025/1xxx/CVE-2025-1515.json | 18 ++++++ 2025/24xxx/CVE-2025-24893.json | 100 +++++++++++++++++++++++++++++-- 2025/25xxx/CVE-2025-25299.json | 81 +++++++++++++++++++++++-- 2025/26xxx/CVE-2025-26618.json | 71 ++++++++++++++++++++-- 2025/27xxx/CVE-2025-27096.json | 58 ++++++++++++++++-- 16 files changed, 664 insertions(+), 27 deletions(-) create mode 100644 2024/13xxx/CVE-2024-13897.json create mode 100644 2025/1xxx/CVE-2025-1508.json create mode 100644 2025/1xxx/CVE-2025-1509.json create mode 100644 2025/1xxx/CVE-2025-1510.json create mode 100644 2025/1xxx/CVE-2025-1511.json create mode 100644 2025/1xxx/CVE-2025-1512.json create mode 100644 2025/1xxx/CVE-2025-1513.json create mode 100644 2025/1xxx/CVE-2025-1514.json create mode 100644 2025/1xxx/CVE-2025-1515.json diff --git a/2024/11xxx/CVE-2024-11146.json b/2024/11xxx/CVE-2024-11146.json index 8b9d56c0f23..52894180120 100644 --- a/2024/11xxx/CVE-2024-11146.json +++ b/2024/11xxx/CVE-2024-11146.json @@ -78,16 +78,21 @@ "references": { "reference_data": [ { - "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2024/va-25-016-01.json", + "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2024/va-25-017-01.json", "refsource": "MISC", - "name": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2024/va-25-016-01.json" + "name": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2024/va-25-017-01.json" + }, + { + "url": "https://infosec.exchange/@abreacher", + "refsource": "MISC", + "name": "https://infosec.exchange/@abreacher" } ] }, "credits": [ { "lang": "en", - "value": "[Alison Breacher](https://infosec.exchange/@abreacher)" + "value": "Alison Breacher" } ], "impact": { diff --git a/2024/13xxx/CVE-2024-13897.json b/2024/13xxx/CVE-2024-13897.json new file mode 100644 index 00000000000..17c815c19e6 --- /dev/null +++ b/2024/13xxx/CVE-2024-13897.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13897", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0352.json b/2025/0xxx/CVE-2025-0352.json index 71dee8cd17a..83c1884666c 100644 --- a/2025/0xxx/CVE-2025-0352.json +++ b/2025/0xxx/CVE-2025-0352.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-0352", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an attacker to modify request data, potentially causing the API to return information about other users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key", + "cweId": "CWE-639" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rapid Response Monitoring", + "product": { + "product_data": [ + { + "product_name": "My Security Account App API", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "7/29/24" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-05", + "refsource": "MISC", + "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-05" + }, + { + "url": "https://www.rrms.com/contact-us/", + "refsource": "MISC", + "name": "https://www.rrms.com/contact-us/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "ICSA-25-051-05", + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Rapid Response Monitoring reports that this issue was patched on their end and no action is required by users. For further information, contact Rapid Response Monitoring.\n\n
" + } + ], + "value": "Rapid Response Monitoring reports that this issue was patched on their end and no action is required by users. For further information, contact https://www.rrms.com/contact-us/ \u00a0Rapid Response Monitoring." + } + ], + "credits": [ + { + "lang": "en", + "value": "kbots reported this vulnerability to CISA." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2025/1xxx/CVE-2025-1265.json b/2025/1xxx/CVE-2025-1265.json index f95d456e2ac..972b6c2c538 100644 --- a/2025/1xxx/CVE-2025-1265.json +++ b/2025/1xxx/CVE-2025-1265.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-1265", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An OS command injection vulnerability exists in Vinci Protocol Analyzer that could allow an attacker to escalate privileges and perform code execution on affected system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78 OS Command Injection", + "cweId": "CWE-78" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Elseta", + "product": { + "product_data": [ + { + "product_name": "Vinci Protocol Analyzer", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "3.2.3.19" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-06", + "refsource": "MISC", + "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-06" + }, + { + "url": "https://elseta.com/support/", + "refsource": "MISC", + "name": "https://elseta.com/support/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "ICSA-25-051-06", + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Elseta recommends affected users update to version 3.2.3.19 or later. Contact Elseta for more information.\n\n
" + } + ], + "value": "Elseta recommends affected users update to version 3.2.3.19 or later. Contact Elseta for more information. https://elseta.com/support/" + } + ], + "credits": [ + { + "lang": "en", + "value": "Elseta recommends affected users update to version 3.2.3.19 or later. Contact Elseta for more information." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/1xxx/CVE-2025-1508.json b/2025/1xxx/CVE-2025-1508.json new file mode 100644 index 00000000000..366b621b6c4 --- /dev/null +++ b/2025/1xxx/CVE-2025-1508.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1508", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1509.json b/2025/1xxx/CVE-2025-1509.json new file mode 100644 index 00000000000..90b3e381a61 --- /dev/null +++ b/2025/1xxx/CVE-2025-1509.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1509", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1510.json b/2025/1xxx/CVE-2025-1510.json new file mode 100644 index 00000000000..471326fbaef --- /dev/null +++ b/2025/1xxx/CVE-2025-1510.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1510", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1511.json b/2025/1xxx/CVE-2025-1511.json new file mode 100644 index 00000000000..f9af022335f --- /dev/null +++ b/2025/1xxx/CVE-2025-1511.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1511", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1512.json b/2025/1xxx/CVE-2025-1512.json new file mode 100644 index 00000000000..4290b8d3290 --- /dev/null +++ b/2025/1xxx/CVE-2025-1512.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1512", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1513.json b/2025/1xxx/CVE-2025-1513.json new file mode 100644 index 00000000000..e0e7be3d2a7 --- /dev/null +++ b/2025/1xxx/CVE-2025-1513.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1513", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1514.json b/2025/1xxx/CVE-2025-1514.json new file mode 100644 index 00000000000..c984ea90e47 --- /dev/null +++ b/2025/1xxx/CVE-2025-1514.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1514", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1515.json b/2025/1xxx/CVE-2025-1515.json new file mode 100644 index 00000000000..3958e826c64 --- /dev/null +++ b/2025/1xxx/CVE-2025-1515.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1515", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24893.json b/2025/24xxx/CVE-2025-24893.json index ac806050486..05d13011b95 100644 --- a/2025/24xxx/CVE-2025-24893.json +++ b/2025/24xxx/CVE-2025-24893.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24893", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28\"Hello%20from\"%20%2B%20\"%20search%20text%3A\"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Users are advised to upgrade. Users unable to upgrade may edit `Main.SolrSearchMacros` in `SolrSearchMacros.xml` on line 955 to match the `rawResponse` macro in `macros.vm#L2824` with a content type of `application/xml`, instead of simply outputting the content of the feed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", + "cweId": "CWE-95" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 5.3-milestone-2, < 15.10.11" + }, + { + "version_affected": "=", + "version_value": ">= 16.0.0-rc-1, < 16.4.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rr6p-3pfg-562j", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rr6p-3pfg-562j" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/67021db9b8ed26c2236a653269302a86bf01ef40", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/67021db9b8ed26c2236a653269302a86bf01ef40" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/blob/568447cad5172d97d6bbcfda9f6183689c2cf086/xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-ui/src/main/resources/Main/SolrSearchMacros.xml#L955", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/blob/568447cad5172d97d6bbcfda9f6183689c2cf086/xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-ui/src/main/resources/Main/SolrSearchMacros.xml#L955" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/blob/67021db9b8ed26c2236a653269302a86bf01ef40/xwiki-platform-core/xwiki-platform-web/xwiki-platform-web-templates/src/main/resources/templates/macros.vm#L2824", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/blob/67021db9b8ed26c2236a653269302a86bf01ef40/xwiki-platform-core/xwiki-platform-web/xwiki-platform-web-templates/src/main/resources/templates/macros.vm#L2824" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-22149", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-22149" + } + ] + }, + "source": { + "advisory": "GHSA-rr6p-3pfg-562j", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/25xxx/CVE-2025-25299.json b/2025/25xxx/CVE-2025-25299.json index b0e490eaffa..6419033d0cb 100644 --- a/2025/25xxx/CVE-2025-25299.json +++ b/2025/25xxx/CVE-2025-25299.json @@ -1,18 +1,91 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-25299", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting (XSS) vulnerability was discovered in the CKEditor 5 real-time collaboration package. This vulnerability affects user markers, which represent users' positions within the document. It can lead to unauthorized JavaScript code execution, which might happen with a very specific editor and token endpoint configuration. This vulnerability affects only installations with Real-time collaborative editing enabled. The problem has been recognized and patched. The fix is available in version 44.2.1 (and above). Users are advised to upgrade. There are no known workarounds for this vulnerability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", + "cweId": "CWE-80" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ckeditor", + "product": { + "product_data": [ + { + "product_name": "ckeditor5", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "@ckeditor/ckeditor5-real-time-collaboration: >= 41.3.0, < 44.2.1" + }, + { + "version_affected": "=", + "version_value": "ckeditor5-premium-features: >= 42.0.0, < 44.2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-j3mm-wmfm-mwvh", + "refsource": "MISC", + "name": "https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-j3mm-wmfm-mwvh" + }, + { + "url": "https://ckeditor.com/docs/ckeditor5/latest/features/collaboration/real-time-collaboration/real-time-collaboration.html", + "refsource": "MISC", + "name": "https://ckeditor.com/docs/ckeditor5/latest/features/collaboration/real-time-collaboration/real-time-collaboration.html" + }, + { + "url": "https://github.com/ckeditor/ckeditor5/releases/tag/v44.2.1", + "refsource": "MISC", + "name": "https://github.com/ckeditor/ckeditor5/releases/tag/v44.2.1" + } + ] + }, + "source": { + "advisory": "GHSA-j3mm-wmfm-mwvh", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/26xxx/CVE-2025-26618.json b/2025/26xxx/CVE-2025-26618.json index bf048fcba61..9923bf937ad 100644 --- a/2025/26xxx/CVE-2025-26618.json +++ b/2025/26xxx/CVE-2025-26618.json @@ -1,18 +1,81 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-26618", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet size is not verified properly for SFTP packets. As a result when multiple SSH packets (conforming to max SSH packet size) are received by ssh, they might be combined into an SFTP packet which will exceed the max allowed packet size and potentially cause large amount of memory to be allocated. Note that situation described above can only happen for successfully authenticated users after completing the SSH handshake. This issue has been patched in OTP versions 27.2.4, 26.2.5.9, and 25.3.2.18. There are no known workarounds for this vulnerability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-789: Memory Allocation with Excessive Size Value", + "cweId": "CWE-789" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "erlang", + "product": { + "product_data": [ + { + "product_name": "otp", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= OTP-27.0.0, < OTP-27.2.4" + }, + { + "version_affected": "=", + "version_value": ">= OTP-26.0.0.0, < OTP-26.2.5.9" + }, + { + "version_affected": "=", + "version_value": "< OTP-25.3.2.18" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/erlang/otp/security/advisories/GHSA-78cv-45vx-q6fr", + "refsource": "MISC", + "name": "https://github.com/erlang/otp/security/advisories/GHSA-78cv-45vx-q6fr" + }, + { + "url": "https://github.com/erlang/otp/commit/0ed2573cbd55c92e9125c9dc70fa1ca7fed82872", + "refsource": "MISC", + "name": "https://github.com/erlang/otp/commit/0ed2573cbd55c92e9125c9dc70fa1ca7fed82872" + } + ] + }, + "source": { + "advisory": "GHSA-78cv-45vx-q6fr", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/27xxx/CVE-2025-27096.json b/2025/27xxx/CVE-2025-27096.json index 7d0a715ef56..ac47960964a 100644 --- a/2025/27xxx/CVE-2025-27096.json +++ b/2025/27xxx/CVE-2025-27096.json @@ -1,18 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-27096", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "WeGIA is a Web Manager for Institutions with a focus on Portuguese language. A SQL Injection vulnerability was discovered in the WeGIA application, personalizacao_upload.php endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive information. This issue has been addressed in version 3.2.14 and all users are advised to upgrade. There are no known workarounds for this vulnerability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "LabRedesCefetRJ", + "product": { + "product_data": [ + { + "product_name": "WeGIA", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 3.2.14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-j856-wh9m-9vpm", + "refsource": "MISC", + "name": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-j856-wh9m-9vpm" + } + ] + }, + "source": { + "advisory": "GHSA-j856-wh9m-9vpm", + "discovery": "UNKNOWN" } } \ No newline at end of file