From 9d8893469befe2200fce09b29873c30ea85f23fd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 8 Jan 2025 16:01:01 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/13xxx/CVE-2024-13206.json | 18 +++++++ 2024/13xxx/CVE-2024-13207.json | 18 +++++++ 2024/13xxx/CVE-2024-13208.json | 18 +++++++ 2024/51xxx/CVE-2024-51480.json | 97 +++++++++++++++++++++++++++++++-- 2024/51xxx/CVE-2024-51737.json | 98 ++++++++++++++++++++++++++++++++-- 2024/55xxx/CVE-2024-55517.json | 56 ++++++++++++++++--- 2024/55xxx/CVE-2024-55656.json | 88 ++++++++++++++++++++++++++++-- 2025/0xxx/CVE-2025-0329.json | 18 +++++++ 2025/22xxx/CVE-2025-22130.json | 68 +++++++++++++++++++++-- 9 files changed, 457 insertions(+), 22 deletions(-) create mode 100644 2024/13xxx/CVE-2024-13206.json create mode 100644 2024/13xxx/CVE-2024-13207.json create mode 100644 2024/13xxx/CVE-2024-13208.json create mode 100644 2025/0xxx/CVE-2025-0329.json diff --git a/2024/13xxx/CVE-2024-13206.json b/2024/13xxx/CVE-2024-13206.json new file mode 100644 index 00000000000..0a66a329a95 --- /dev/null +++ b/2024/13xxx/CVE-2024-13206.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13206", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13207.json b/2024/13xxx/CVE-2024-13207.json new file mode 100644 index 00000000000..caf3a942161 --- /dev/null +++ b/2024/13xxx/CVE-2024-13207.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13207", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13208.json b/2024/13xxx/CVE-2024-13208.json new file mode 100644 index 00000000000..53cf8ea06d7 --- /dev/null +++ b/2024/13xxx/CVE-2024-13208.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13208", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/51xxx/CVE-2024-51480.json b/2024/51xxx/CVE-2024-51480.json index a8381357983..7d011e7059e 100644 --- a/2024/51xxx/CVE-2024-51480.json +++ b/2024/51xxx/CVE-2024-51480.json @@ -1,17 +1,106 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-51480", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "RedisTimeSeries is a time-series database (TSDB) module for Redis, by Redis. Executing one of these commands TS.QUERYINDEX, TS.MGET, TS.MRAGE, TS.MREVRANGE by an authenticated user, using specially crafted command arguments may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. This vulnerability is fixed in 1.6.20, 1.8.15, 1.10.15, and 1.12.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "RedisTimeSeries", + "product": { + "product_data": [ + { + "product_name": "RedisTimeSeries", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.0.0, < 1.6.20" + }, + { + "version_affected": "=", + "version_value": ">= 1.8.0, < 1.8.15" + }, + { + "version_affected": "=", + "version_value": ">= 1.10.0, < 1.10.15" + }, + { + "version_affected": "=", + "version_value": ">= 1.12.0, < 1.12.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/RedisTimeSeries/RedisTimeSeries/security/advisories/GHSA-73x6-fqww-x8rg", + "refsource": "MISC", + "name": "https://github.com/RedisTimeSeries/RedisTimeSeries/security/advisories/GHSA-73x6-fqww-x8rg" + } + ] + }, + "source": { + "advisory": "GHSA-73x6-fqww-x8rg", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/51xxx/CVE-2024-51737.json b/2024/51xxx/CVE-2024-51737.json index 845f65afa3c..143b6fd27ac 100644 --- a/2024/51xxx/CVE-2024-51737.json +++ b/2024/51xxx/CVE-2024-51737.json @@ -1,17 +1,107 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-51737", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "RediSearch is a Redis module that provides querying, secondary indexing, and full-text search for Redis. An authenticated redis user executing FT.SEARCH or FT.AGGREGATE with a specially crafted LIMIT command argument, or FT.SEARCH with a specially crafted KNN command argument, can trigger an integer overflow, leading to heap overflow and potential remote code execution. This vulnerability is fixed in 2.6.24, 2.8.21, and 2.10.10. Avoid setting value of -1 or large values for configuration parameters MAXSEARCHRESULTS and MAXAGGREGATERESULTS, to avoid exploiting large LIMIT arguments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "RediSearch", + "product": { + "product_data": [ + { + "product_name": "RediSearch", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 2.0.0, < 2.6.24" + }, + { + "version_affected": "=", + "version_value": ">= 2.8.0, < 2.8.21" + }, + { + "version_affected": "=", + "version_value": ">= 2.10.0, < 2.10.10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/RediSearch/RediSearch/security/advisories/GHSA-p2pg-67m3-4c76", + "refsource": "MISC", + "name": "https://github.com/RediSearch/RediSearch/security/advisories/GHSA-p2pg-67m3-4c76" + }, + { + "url": "https://github.com/RediSearch/RediSearch/commit/13a2936d921dbe5a2e3c72653e0bd7b26af3a6cb", + "refsource": "MISC", + "name": "https://github.com/RediSearch/RediSearch/commit/13a2936d921dbe5a2e3c72653e0bd7b26af3a6cb" + } + ] + }, + "source": { + "advisory": "GHSA-p2pg-67m3-4c76", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/55xxx/CVE-2024-55517.json b/2024/55xxx/CVE-2024-55517.json index 817c828a4e4..2c1d5b001ff 100644 --- a/2024/55xxx/CVE-2024-55517.json +++ b/2024/55xxx/CVE-2024-55517.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-55517", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-55517", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://hackmd.io/@AowPhwc/SyvEiDsIye", + "url": "https://hackmd.io/@AowPhwc/SyvEiDsIye" } ] } diff --git a/2024/55xxx/CVE-2024-55656.json b/2024/55xxx/CVE-2024-55656.json index 30b0a29eb9f..ef9291d5956 100644 --- a/2024/55xxx/CVE-2024-55656.json +++ b/2024/55xxx/CVE-2024-55656.json @@ -1,17 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-55656", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the password) to allocate memory in the heap lesser than the required memory due to wraparound. Then read and write can be performed beyond this allocated memory, leading to info leak and OOB write. The integer overflow is in CMS.INITBYDIM command, which initialize a Count-Min Sketch to dimensions specified by user. It accepts two values (width and depth) and uses them to allocate memory in NewCMSketch(). This vulnerability is fixed in 2.2.19, 2.4.12, 2.6.14, and 2.8.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "RedisBloom", + "product": { + "product_data": [ + { + "product_name": "RedisBloom", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 2.2.0, < 2.2.19" + }, + { + "version_affected": "=", + "version_value": ">= 2.4.0, < 2.4.12" + }, + { + "version_affected": "=", + "version_value": ">= 2.6.0, < 2.6.14" + }, + { + "version_affected": "=", + "version_value": ">= 2.8.0, < 2.8.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/RedisBloom/RedisBloom/security/advisories/GHSA-x5rx-rmq3-ff3h", + "refsource": "MISC", + "name": "https://github.com/RedisBloom/RedisBloom/security/advisories/GHSA-x5rx-rmq3-ff3h" + } + ] + }, + "source": { + "advisory": "GHSA-x5rx-rmq3-ff3h", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/0xxx/CVE-2025-0329.json b/2025/0xxx/CVE-2025-0329.json new file mode 100644 index 00000000000..c2d43d04507 --- /dev/null +++ b/2025/0xxx/CVE-2025-0329.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0329", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22130.json b/2025/22xxx/CVE-2025-22130.json index 303a81665a0..e98f1611c81 100644 --- a/2025/22xxx/CVE-2025-22130.json +++ b/2025/22xxx/CVE-2025-22130.json @@ -1,18 +1,78 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22130", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Soft Serve is a self-hostable Git server for the command line. Prior to 0.8.2 , a path traversal attack allows existing non-admin users to access and take over other user's repositories. A malicious user then can modify, delete, and arbitrarily repositories as if they were an admin user without explicitly giving them permissions. This is patched in v0.8.2." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "charmbracelet", + "product": { + "product_data": [ + { + "product_name": "soft-serve", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.8.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-j4jw-m6xr-fv6c", + "refsource": "MISC", + "name": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-j4jw-m6xr-fv6c" + }, + { + "url": "https://github.com/charmbracelet/soft-serve/commit/a8d1bf3f9349c138383b65079b7b8ad97fff78f4", + "refsource": "MISC", + "name": "https://github.com/charmbracelet/soft-serve/commit/a8d1bf3f9349c138383b65079b7b8ad97fff78f4" + }, + { + "url": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.8.2", + "refsource": "MISC", + "name": "https://github.com/charmbracelet/soft-serve/releases/tag/v0.8.2" + } + ] + }, + "source": { + "advisory": "GHSA-j4jw-m6xr-fv6c", + "discovery": "UNKNOWN" } } \ No newline at end of file