From 9dd19dd18cc63cca2d2b5574c051c436a40e6d98 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 3 May 2024 18:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/20xxx/CVE-2021-20556.json | 83 +++++++++++++++++- 2022/48xxx/CVE-2022-48690.json | 92 +++++++++++++++++++- 2022/48xxx/CVE-2022-48695.json | 148 ++++++++++++++++++++++++++++++++- 2022/48xxx/CVE-2022-48704.json | 148 ++++++++++++++++++++++++++++++++- 2022/48xxx/CVE-2022-48705.json | 92 +++++++++++++++++++- 2023/23xxx/CVE-2023-23474.json | 83 +++++++++++++++++- 2023/28xxx/CVE-2023-28952.json | 83 +++++++++++++++++- 2023/38xxx/CVE-2023-38724.json | 83 +++++++++++++++++- 2023/40xxx/CVE-2023-40696.json | 83 +++++++++++++++++- 2024/30xxx/CVE-2024-30851.json | 61 ++++++++++++-- 2024/31xxx/CVE-2024-31673.json | 56 +++++++++++-- 2024/33xxx/CVE-2024-33789.json | 56 +++++++++++-- 2024/33xxx/CVE-2024-33791.json | 56 +++++++++++-- 2024/33xxx/CVE-2024-33792.json | 56 +++++++++++-- 2024/34xxx/CVE-2024-34066.json | 81 +++++++++++++++++- 2024/34xxx/CVE-2024-34067.json | 91 +++++++++++++++++++- 2024/34xxx/CVE-2024-34068.json | 95 ++++++++++++++++++++- 2024/34xxx/CVE-2024-34075.json | 86 ++++++++++++++++++- 2024/34xxx/CVE-2024-34451.json | 18 ++++ 2024/34xxx/CVE-2024-34452.json | 18 ++++ 2024/34xxx/CVE-2024-34453.json | 18 ++++ 21 files changed, 1505 insertions(+), 82 deletions(-) create mode 100644 2024/34xxx/CVE-2024-34451.json create mode 100644 2024/34xxx/CVE-2024-34452.json create mode 100644 2024/34xxx/CVE-2024-34453.json diff --git a/2021/20xxx/CVE-2021-20556.json b/2021/20xxx/CVE-2021-20556.json index 879b99b8ceb..2c29e374ee9 100644 --- a/2021/20xxx/CVE-2021-20556.json +++ b/2021/20xxx/CVE-2021-20556.json @@ -1,17 +1,92 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20556", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames due to differentiating error messages on existing usernames. IBM X-Force ID: 199181." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-204 Response Discrepancy Information Exposure", + "cweId": "CWE-204" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Cognos Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.4.1, 10.4.2, 11.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7149876", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7149876" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199181", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199181" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2022/48xxx/CVE-2022-48690.json b/2022/48xxx/CVE-2022-48690.json index 61293477348..9747a575f51 100644 --- a/2022/48xxx/CVE-2022-48690.json +++ b/2022/48xxx/CVE-2022-48690.json @@ -1,18 +1,102 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-48690", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix DMA mappings leak\n\nFix leak, when user changes ring parameters.\nDuring reallocation of RX buffers, new DMA mappings are created for\nthose buffers. New buffers with different RX ring count should\nsubstitute older ones, but those buffers were freed in ice_vsi_cfg_rxq\nand reallocated again with ice_alloc_rx_buf. kfree on rx_buf caused\nleak of already mapped DMA.\nReallocate ZC with xdp_buf struct, when BPF program loads. Reallocate\nback to rx_buf, when BPF program unloads.\nIf BPF program is loaded/unloaded and XSK pools are created, reallocate\nRX queues accordingly in XDP_SETUP_XSK_POOL handler.\n\nSteps for reproduction:\nwhile :\ndo\n\tfor ((i=0; i<=8160; i=i+32))\n\tdo\n\t\tethtool -G enp130s0f0 rx $i tx $i\n\t\tsleep 0.5\n\t\tethtool -g enp130s0f0\n\tdone\ndone" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "617f3e1b588c", + "version_value": "07f40e9f0ff3" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "5.16", + "status": "affected" + }, + { + "version": "0", + "lessThan": "5.16", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.19.9", + "lessThanOrEqual": "5.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.0", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/07f40e9f0ff342eb3e97d5c544783b7cb641689c", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/07f40e9f0ff342eb3e97d5c544783b7cb641689c" + }, + { + "url": "https://git.kernel.org/stable/c/7e753eb675f0523207b184558638ee2eed6c9ac2", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/7e753eb675f0523207b184558638ee2eed6c9ac2" + } + ] + }, + "generator": { + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2022/48xxx/CVE-2022-48695.json b/2022/48xxx/CVE-2022-48695.json index 877f10dcc08..6409a2e0916 100644 --- a/2022/48xxx/CVE-2022-48695.json +++ b/2022/48xxx/CVE-2022-48695.json @@ -1,18 +1,158 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-48695", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix use-after-free warning\n\nFix the following use-after-free warning which is observed during\ncontroller reset:\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1da177e4c3f4", + "version_value": "b8fc9e91b931" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "4.9.328", + "lessThanOrEqual": "4.9.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.14.293", + "lessThanOrEqual": "4.14.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.258", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.213", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.143", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.68", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.19.9", + "lessThanOrEqual": "5.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.0", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/b8fc9e91b931215110ba824d1a2983c5f60b6f82", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/b8fc9e91b931215110ba824d1a2983c5f60b6f82" + }, + { + "url": "https://git.kernel.org/stable/c/d4959d09b76eb7a4146f5133962b88d3bddb63d6", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/d4959d09b76eb7a4146f5133962b88d3bddb63d6" + }, + { + "url": "https://git.kernel.org/stable/c/82efb917eeb27454dc4c6fe26432fc8f6c75bc16", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/82efb917eeb27454dc4c6fe26432fc8f6c75bc16" + }, + { + "url": "https://git.kernel.org/stable/c/5682c94644fde72f72bded6580c38189ffc856b5", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/5682c94644fde72f72bded6580c38189ffc856b5" + }, + { + "url": "https://git.kernel.org/stable/c/ea10a652ad2ae2cf3eced6f632a5c98f26727057", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/ea10a652ad2ae2cf3eced6f632a5c98f26727057" + }, + { + "url": "https://git.kernel.org/stable/c/6229fa494a5949be209bc73afbc5d0a749c2e3c7", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/6229fa494a5949be209bc73afbc5d0a749c2e3c7" + }, + { + "url": "https://git.kernel.org/stable/c/41acb064c4e013808bc7d5fc1b506fa449425b0b", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/41acb064c4e013808bc7d5fc1b506fa449425b0b" + }, + { + "url": "https://git.kernel.org/stable/c/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/991df3dd5144f2e6b1c38b8d20ed3d4d21e20b34" + } + ] + }, + "generator": { + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2022/48xxx/CVE-2022-48704.json b/2022/48xxx/CVE-2022-48704.json index 0301ba34b52..5e00d021f11 100644 --- a/2022/48xxx/CVE-2022-48704.json +++ b/2022/48xxx/CVE-2022-48704.json @@ -1,18 +1,158 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-48704", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: add a force flush to delay work when radeon\n\nAlthough radeon card fence and wait for gpu to finish processing current batch rings,\nthere is still a corner case that radeon lockup work queue may not be fully flushed,\nand meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to\nput device in D3hot state.\nPer PCI spec rev 4.0 on 5.3.1.4.1 D3hot State.\n> Configuration and Message requests are the only TLPs accepted by a Function in\n> the D3hot state. All other received Requests must be handled as Unsupported Requests,\n> and all received Completions may optionally be handled as Unexpected Completions.\nThis issue will happen in following logs:\nUnable to handle kernel paging request at virtual address 00008800e0008010\nCPU 0 kworker/0:3(131): Oops 0\npc = [] ra = [] ps = 0000 Tainted: G W\npc is at si_gpu_check_soft_reset+0x3c/0x240\nra is at si_dma_is_lockup+0x34/0xd0\nv0 = 0000000000000000 t0 = fff08800e0008010 t1 = 0000000000010000\nt2 = 0000000000008010 t3 = fff00007e3c00000 t4 = fff00007e3c00258\nt5 = 000000000000ffff t6 = 0000000000000001 t7 = fff00007ef078000\ns0 = fff00007e3c016e8 s1 = fff00007e3c00000 s2 = fff00007e3c00018\ns3 = fff00007e3c00000 s4 = fff00007fff59d80 s5 = 0000000000000000\ns6 = fff00007ef07bd98\na0 = fff00007e3c00000 a1 = fff00007e3c016e8 a2 = 0000000000000008\na3 = 0000000000000001 a4 = 8f5c28f5c28f5c29 a5 = ffffffff810f4338\nt8 = 0000000000000275 t9 = ffffffff809b66f8 t10 = ff6769c5d964b800\nt11= 000000000000b886 pv = ffffffff811bea20 at = 0000000000000000\ngp = ffffffff81d89690 sp = 00000000aa814126\nDisabling lock debugging due to kernel taint\nTrace:\n[] si_dma_is_lockup+0x34/0xd0\n[] radeon_fence_check_lockup+0xd0/0x290\n[] process_one_work+0x280/0x550\n[] worker_thread+0x70/0x7c0\n[] worker_thread+0x130/0x7c0\n[] kthread+0x200/0x210\n[] worker_thread+0x0/0x7c0\n[] kthread+0x14c/0x210\n[] ret_from_kernel_thread+0x18/0x20\n[] kthread+0x0/0x210\n Code: ad3e0008 43f0074a ad7e0018 ad9e0020 8c3001e8 40230101\n <88210000> 4821ed21\nSo force lockup work queue flush to fix this problem." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1da177e4c3f4", + "version_value": "b878da58df2c" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "4.9.328", + "lessThanOrEqual": "4.9.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.14.293", + "lessThanOrEqual": "4.14.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.258", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.213", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.143", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.68", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.19.9", + "lessThanOrEqual": "5.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.0", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/b878da58df2c40b08914d3960e2224040fd1fbfe", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/b878da58df2c40b08914d3960e2224040fd1fbfe" + }, + { + "url": "https://git.kernel.org/stable/c/4e25e8f27fdbdc6fd55cc572a9939bf24500b9e8", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/4e25e8f27fdbdc6fd55cc572a9939bf24500b9e8" + }, + { + "url": "https://git.kernel.org/stable/c/c0a45f41fde4a0f2c900f719817493ee5c4a5aa3", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/c0a45f41fde4a0f2c900f719817493ee5c4a5aa3" + }, + { + "url": "https://git.kernel.org/stable/c/c72d97146fc5a4dff381b1737f6167e89860430d", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/c72d97146fc5a4dff381b1737f6167e89860430d" + }, + { + "url": "https://git.kernel.org/stable/c/826b46fd5974113515abe9e4fc8178009a8ce18c", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/826b46fd5974113515abe9e4fc8178009a8ce18c" + }, + { + "url": "https://git.kernel.org/stable/c/5a7a5b2edac4b05abd744eeaebda46d9dacd952d", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/5a7a5b2edac4b05abd744eeaebda46d9dacd952d" + }, + { + "url": "https://git.kernel.org/stable/c/16cb367daa446923d82e332537f446a4cc784b40", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/16cb367daa446923d82e332537f446a4cc784b40" + }, + { + "url": "https://git.kernel.org/stable/c/f461950fdc374a3ada5a63c669d997de4600dffe", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/f461950fdc374a3ada5a63c669d997de4600dffe" + } + ] + }, + "generator": { + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2022/48xxx/CVE-2022-48705.json b/2022/48xxx/CVE-2022-48705.json index db1e6a06b95..4dd163dc19a 100644 --- a/2022/48xxx/CVE-2022-48705.json +++ b/2022/48xxx/CVE-2022-48705.json @@ -1,18 +1,102 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-48705", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921e: fix crash in chip reset fail\n\nIn case of drv own fail in reset, we may need to run mac_reset several\ntimes. The sequence would trigger system crash as the log below.\n\nBecause we do not re-enable/schedule \"tx_napi\" before disable it again,\nthe process would keep waiting for state change in napi_diable(). To\navoid the problem and keep status synchronize for each run, goto final\nresource handling if drv own failed.\n\n[ 5857.353423] mt7921e 0000:3b:00.0: driver own failed\n[ 5858.433427] mt7921e 0000:3b:00.0: Timeout for driver own\n[ 5859.633430] mt7921e 0000:3b:00.0: driver own failed\n[ 5859.633444] ------------[ cut here ]------------\n[ 5859.633446] WARNING: CPU: 6 at kernel/kthread.c:659 kthread_park+0x11d\n[ 5859.633717] Workqueue: mt76 mt7921_mac_reset_work [mt7921_common]\n[ 5859.633728] RIP: 0010:kthread_park+0x11d/0x150\n[ 5859.633736] RSP: 0018:ffff8881b676fc68 EFLAGS: 00010202\n......\n[ 5859.633766] Call Trace:\n[ 5859.633768] \n[ 5859.633771] mt7921e_mac_reset+0x176/0x6f0 [mt7921e]\n[ 5859.633778] mt7921_mac_reset_work+0x184/0x3a0 [mt7921_common]\n[ 5859.633785] ? mt7921_mac_set_timing+0x520/0x520 [mt7921_common]\n[ 5859.633794] ? __kasan_check_read+0x11/0x20\n[ 5859.633802] process_one_work+0x7ee/0x1320\n[ 5859.633810] worker_thread+0x53c/0x1240\n[ 5859.633818] kthread+0x2b8/0x370\n[ 5859.633824] ? process_one_work+0x1320/0x1320\n[ 5859.633828] ? kthread_complete_and_exit+0x30/0x30\n[ 5859.633834] ret_from_fork+0x1f/0x30\n[ 5859.633842] " } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0efaf31dec57", + "version_value": "f7f3001723e3" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "5.17", + "status": "affected" + }, + { + "version": "0", + "lessThan": "5.17", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.19.9", + "lessThanOrEqual": "5.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.0", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/f7f3001723e337568017e8617974f29bc8b2f595", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/f7f3001723e337568017e8617974f29bc8b2f595" + }, + { + "url": "https://git.kernel.org/stable/c/fa3fbe64037839f448dc569212bafc5a495d8219", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/fa3fbe64037839f448dc569212bafc5a495d8219" + } + ] + }, + "generator": { + "engine": "bippy-d175d3acf727" } } \ No newline at end of file diff --git a/2023/23xxx/CVE-2023-23474.json b/2023/23xxx/CVE-2023-23474.json index 087047dd83e..1695843ed47 100644 --- a/2023/23xxx/CVE-2023-23474.json +++ b/2023/23xxx/CVE-2023-23474.json @@ -1,17 +1,92 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-23474", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 245403." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-209 Generation of Error Message Containing Sensitive Information", + "cweId": "CWE-209" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Cognos Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.4.1, 10.4.2, 11.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7149876", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7149876" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/245403", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/245403" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2023/28xxx/CVE-2023-28952.json b/2023/28xxx/CVE-2023-28952.json index c3080a185b2..4fba5c0d21f 100644 --- a/2023/28xxx/CVE-2023-28952.json +++ b/2023/28xxx/CVE-2023-28952.json @@ -1,17 +1,92 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28952", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-117 Improper Output Neutralization for Logs", + "cweId": "CWE-117" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Cognos Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.4.1, 10.4.2, 11.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7149876", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7149876" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251463", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251463" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2023/38xxx/CVE-2023-38724.json b/2023/38xxx/CVE-2023-38724.json index a9b49b6b9fb..6a8959ba2c3 100644 --- a/2023/38xxx/CVE-2023-38724.json +++ b/2023/38xxx/CVE-2023-38724.json @@ -1,17 +1,92 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-38724", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 262183." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Cognos Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.4.1, 10.4.2, 11.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7149876", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7149876" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262183", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262183" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/40xxx/CVE-2023-40696.json b/2023/40xxx/CVE-2023-40696.json index cb740d76deb..61023f4d069 100644 --- a/2023/40xxx/CVE-2023-40696.json +++ b/2023/40xxx/CVE-2023-40696.json @@ -1,17 +1,92 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40696", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 264939." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm", + "cweId": "CWE-327" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Cognos Controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.4.1, 10.4.2, 11.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7149876", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7149876" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264939", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264939" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/30xxx/CVE-2024-30851.json b/2024/30xxx/CVE-2024-30851.json index 715f6118b66..dcc460c9007 100644 --- a/2024/30xxx/CVE-2024-30851.json +++ b/2024/30xxx/CVE-2024-30851.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-30851", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-30851", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an attacker to obtain sensitive information via the download_file.php component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/codesiddhant/Jasmin-Ransomware", + "refsource": "MISC", + "name": "https://github.com/codesiddhant/Jasmin-Ransomware" + }, + { + "refsource": "MISC", + "name": "https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc", + "url": "https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc" } ] } diff --git a/2024/31xxx/CVE-2024-31673.json b/2024/31xxx/CVE-2024-31673.json index 1d9b9fc56f5..2513aabe4af 100644 --- a/2024/31xxx/CVE-2024-31673.json +++ b/2024/31xxx/CVE-2024-31673.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-31673", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-31673", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in load_data.php via the userid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Kliqqi-CMS/Kliqqi-CMS/issues/265", + "refsource": "MISC", + "name": "https://github.com/Kliqqi-CMS/Kliqqi-CMS/issues/265" } ] } diff --git a/2024/33xxx/CVE-2024-33789.json b/2024/33xxx/CVE-2024-33789.json index d0024199ca2..eb2743dbea3 100644 --- a/2024/33xxx/CVE-2024-33789.json +++ b/2024/33xxx/CVE-2024-33789.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-33789", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-33789", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33789", + "url": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33789" } ] } diff --git a/2024/33xxx/CVE-2024-33791.json b/2024/33xxx/CVE-2024-33791.json index c3971c44f65..91288a106cc 100644 --- a/2024/33xxx/CVE-2024-33791.json +++ b/2024/33xxx/CVE-2024-33791.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-33791", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-33791", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the getTimeZone function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33791", + "url": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33791" } ] } diff --git a/2024/33xxx/CVE-2024-33792.json b/2024/33xxx/CVE-2024-33792.json index 0acd1c924fb..7ed539d0c10 100644 --- a/2024/33xxx/CVE-2024-33792.json +++ b/2024/33xxx/CVE-2024-33792.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-33792", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-33792", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tracert page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33792", + "url": "https://github.com/ymkyu/CVE/tree/main/CVE-2024-33792" } ] } diff --git a/2024/34xxx/CVE-2024-34066.json b/2024/34xxx/CVE-2024-34066.json index bf4559060f1..0c3f844dc44 100644 --- a/2024/34xxx/CVE-2024-34066.json +++ b/2024/34xxx/CVE-2024-34066.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-34066", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue has been addressed in version 1.11.12 and users are advised to upgrade. Users unable to upgrade may enable the `ignore_panel_config_updates` option as a workaround." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-552: Files or Directories Accessible to External Parties", + "cweId": "CWE-552" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "pterodactyl", + "product": { + "product_data": [ + { + "product_name": "wings", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 1.11.12" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/wings/security/advisories/GHSA-gqmf-jqgv-v8fw" + }, + { + "url": "https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/wings/commit/5415f8ae07f533623bd8169836dd7e0b933964de" + } + ] + }, + "source": { + "advisory": "GHSA-gqmf-jqgv-v8fw", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/34xxx/CVE-2024-34067.json b/2024/34xxx/CVE-2024-34067.json index 6cca6844a38..7128303bede 100644 --- a/2024/34xxx/CVE-2024-34067.json +++ b/2024/34xxx/CVE-2024-34067.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-34067", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pterodactyl is a free, open-source game server management panel built with PHP, React, and Go. Importing a malicious egg or gaining access to wings instance could lead to cross site scripting (XSS) on the panel, which could be used to gain an administrator account on the panel. Specifically, the following things are impacted: Egg Docker images and Egg variables: Name, Environment variable, Default value, Description, Validation rules. Additionally, certain fields would reflect malicious input, but it would require the user knowingly entering such input to have an impact. To iterate, this would require an administrator to perform actions and can't be triggered by a normal panel user. This issue has has been addressed in version 1.11.6 and users are advised to upgrade. No workaround is available other than updating to the latest version of the panel." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "pterodactyl", + "product": { + "product_data": [ + { + "product_name": "panel", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 1.11.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pterodactyl/panel/security/advisories/GHSA-384w-wffr-x63q", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/panel/security/advisories/GHSA-384w-wffr-x63q" + }, + { + "url": "https://github.com/pterodactyl/panel/commit/0dad4c5a488661f9adc27dd311542516d9bfa0f2", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/panel/commit/0dad4c5a488661f9adc27dd311542516d9bfa0f2" + }, + { + "url": "https://github.com/pterodactyl/panel/commit/1172d71d31561c4e465dabdf6b838e64de48ad16", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/panel/commit/1172d71d31561c4e465dabdf6b838e64de48ad16" + }, + { + "url": "https://github.com/pterodactyl/panel/commit/f671046947e4695b5e1c647df79305c1cefdf817", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/panel/commit/f671046947e4695b5e1c647df79305c1cefdf817" + } + ] + }, + "source": { + "advisory": "GHSA-384w-wffr-x63q", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/34xxx/CVE-2024-34068.json b/2024/34xxx/CVE-2024-34068.json index aeeecd6d548..61c4120d340 100644 --- a/2024/34xxx/CVE-2024-34068.json +++ b/2024/34xxx/CVE-2024-34068.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-34068", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control (GHSA-6rg3-8h8x-5xfv) that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. This would allow malicious users to potentially access resources on local networks that would otherwise be inaccessible. This issue has been addressed in version 1.11.2 and users are advised to upgrade. Users unable to upgrade may enable the `api.disable_remote_download` option as a workaround. " + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-441: Unintended Proxy or Intermediary ('Confused Deputy')", + "cweId": "CWE-441" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "pterodactyl", + "product": { + "product_data": [ + { + "product_name": "wings", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 1.11.12" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pterodactyl/wings/security/advisories/GHSA-qq22-jj8x-4wwv", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/wings/security/advisories/GHSA-qq22-jj8x-4wwv" + }, + { + "url": "https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv" + }, + { + "url": "https://github.com/pterodactyl/wings/commit/c152e36101aba45d8868a9a0eeb890995e8934b8", + "refsource": "MISC", + "name": "https://github.com/pterodactyl/wings/commit/c152e36101aba45d8868a9a0eeb890995e8934b8" + } + ] + }, + "source": { + "advisory": "GHSA-qq22-jj8x-4wwv", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/34xxx/CVE-2024-34075.json b/2024/34xxx/CVE-2024-34075.json index d3a86adce50..868467c3e4c 100644 --- a/2024/34xxx/CVE-2024-34075.json +++ b/2024/34xxx/CVE-2024-34075.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-34075", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "kurwov is a fast, dependency-free library for creating Markov Chains. An unsafe sanitization of dataset contents on the `MarkovData#getNext` method used in `Markov#generate` and `Markov#choose` allows a maliciously crafted string on the dataset to throw and stop the function from running properly. If a string contains a forbidden substring (i.e. `__proto__`) followed by a space character, the code will access a special property in `MarkovData#finalData` by removing the last character of the string, bypassing the dataset sanitization (as it is supposed to be already sanitized before this function is called). Any dataset can be contaminated with the substring making it unable to properly generate anything in some cases. This issue has been addressed in version 3.2.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xiboon", + "product": { + "product_data": [ + { + "product_name": "kurwov", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 3.1.0, < 3.2.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xiboon/kurwov/security/advisories/GHSA-hfrv-h3q8-9jpr", + "refsource": "MISC", + "name": "https://github.com/xiboon/kurwov/security/advisories/GHSA-hfrv-h3q8-9jpr" + }, + { + "url": "https://github.com/xiboon/kurwov/commit/85d63e652594f121d6656177d7a3c0d823c976c9", + "refsource": "MISC", + "name": "https://github.com/xiboon/kurwov/commit/85d63e652594f121d6656177d7a3c0d823c976c9" + }, + { + "url": "https://github.com/xiboon/kurwov/blob/0d58dfa42135ab40e830e92622857282f980ca89/src/MarkovData.ts#L38-L44", + "refsource": "MISC", + "name": "https://github.com/xiboon/kurwov/blob/0d58dfa42135ab40e830e92622857282f980ca89/src/MarkovData.ts#L38-L44" + } + ] + }, + "source": { + "advisory": "GHSA-hfrv-h3q8-9jpr", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/34xxx/CVE-2024-34451.json b/2024/34xxx/CVE-2024-34451.json new file mode 100644 index 00000000000..f91285fa6d3 --- /dev/null +++ b/2024/34xxx/CVE-2024-34451.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-34451", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/34xxx/CVE-2024-34452.json b/2024/34xxx/CVE-2024-34452.json new file mode 100644 index 00000000000..e60a17e5f40 --- /dev/null +++ b/2024/34xxx/CVE-2024-34452.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-34452", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/34xxx/CVE-2024-34453.json b/2024/34xxx/CVE-2024-34453.json new file mode 100644 index 00000000000..18c2aa2745e --- /dev/null +++ b/2024/34xxx/CVE-2024-34453.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-34453", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file