diff --git a/2024/25xxx/CVE-2024-25270.json b/2024/25xxx/CVE-2024-25270.json index a165065fbd3..e9773392e76 100644 --- a/2024/25xxx/CVE-2024-25270.json +++ b/2024/25xxx/CVE-2024-25270.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-25270", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-25270", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object Reference (IDOR) vulnerability by manipulating the ID parameter and increment STEP parameter, leading to the exposure of sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/fbkcs/CVE-2024-25270", + "url": "https://github.com/fbkcs/CVE-2024-25270" } ] } diff --git a/2024/34xxx/CVE-2024-34334.json b/2024/34xxx/CVE-2024-34334.json index fd8f09e0b37..847bd37d3af 100644 --- a/2024/34xxx/CVE-2024-34334.json +++ b/2024/34xxx/CVE-2024-34334.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-34334", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-34334", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://foss-online.com", + "refsource": "MISC", + "name": "http://foss-online.com" + }, + { + "url": "http://ordat.com", + "refsource": "MISC", + "name": "http://ordat.com" + }, + { + "refsource": "MISC", + "name": "https://mind-bytes.de/sql-injection-in-foss-online-cve-2024-34334/", + "url": "https://mind-bytes.de/sql-injection-in-foss-online-cve-2024-34334/" } ] } diff --git a/2024/34xxx/CVE-2024-34335.json b/2024/34xxx/CVE-2024-34335.json index d4c991627ed..c06f6a9cc5c 100644 --- a/2024/34xxx/CVE-2024-34335.json +++ b/2024/34xxx/CVE-2024-34335.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-34335", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-34335", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://foss-online.com", + "refsource": "MISC", + "name": "http://foss-online.com" + }, + { + "url": "http://ordat.com", + "refsource": "MISC", + "name": "http://ordat.com" + }, + { + "refsource": "MISC", + "name": "https://mind-bytes.de/cross-site-scripting-in-foss-online-cve-2024-34335/", + "url": "https://mind-bytes.de/cross-site-scripting-in-foss-online-cve-2024-34335/" } ] } diff --git a/2024/34xxx/CVE-2024-34336.json b/2024/34xxx/CVE-2024-34336.json index 29185f442bc..514dff73ddd 100644 --- a/2024/34xxx/CVE-2024-34336.json +++ b/2024/34xxx/CVE-2024-34336.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-34336", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-34336", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://foss-online.com", + "refsource": "MISC", + "name": "http://foss-online.com" + }, + { + "url": "http://ordat.com", + "refsource": "MISC", + "name": "http://ordat.com" + }, + { + "refsource": "MISC", + "name": "https://mind-bytes.de/offenlegung-existierender-benutzerkonten-in-foss-online-cve-2024-34336/", + "url": "https://mind-bytes.de/offenlegung-existierender-benutzerkonten-in-foss-online-cve-2024-34336/" } ] } diff --git a/2024/36xxx/CVE-2024-36066.json b/2024/36xxx/CVE-2024-36066.json index c065c06a565..7fca73e1c0a 100644 --- a/2024/36xxx/CVE-2024-36066.json +++ b/2024/36xxx/CVE-2024-36066.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-36066", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-36066", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CMP includes password-based MAC as one of the options for message integrity and authentication (the other option is certificate-based). RFC 4211 section 4.4 requires that password-based MAC parameters use a salt with a random value of at least 8 octets. This helps to inhibit dictionary attacks. Because the standalone CMP client originally was developed as test code, the salt was instead hardcoded and only 6 octets long." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://datatracker.ietf.org/doc/html/rfc4211#section-4.4", + "refsource": "MISC", + "name": "https://datatracker.ietf.org/doc/html/rfc4211#section-4.4" + }, + { + "refsource": "CONFIRM", + "name": "https://support.keyfactor.com/hc/en-us/articles/26965687021595-EJBCA-Security-Advisory-EJBCA-standalone-CMP-CLI-client", + "url": "https://support.keyfactor.com/hc/en-us/articles/26965687021595-EJBCA-Security-Advisory-EJBCA-standalone-CMP-CLI-client" } ] } diff --git a/2024/39xxx/CVE-2024-39611.json b/2024/39xxx/CVE-2024-39611.json new file mode 100644 index 00000000000..73e7ff5b473 --- /dev/null +++ b/2024/39xxx/CVE-2024-39611.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-39611", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/41xxx/CVE-2024-41629.json b/2024/41xxx/CVE-2024-41629.json index 98307ac48a7..fefa890798c 100644 --- a/2024/41xxx/CVE-2024-41629.json +++ b/2024/41xxx/CVE-2024-41629.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-41629", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-41629", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2024/Sep/1", + "url": "https://seclists.org/fulldisclosure/2024/Sep/1" } ] } diff --git a/2024/43xxx/CVE-2024-43103.json b/2024/43xxx/CVE-2024-43103.json new file mode 100644 index 00000000000..84fbaccf09d --- /dev/null +++ b/2024/43xxx/CVE-2024-43103.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-43103", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/45xxx/CVE-2024-45181.json b/2024/45xxx/CVE-2024-45181.json index ce02e431174..600825ad4a1 100644 --- a/2024/45xxx/CVE-2024-45181.json +++ b/2024/45xxx/CVE-2024-45181.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-45181", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-45181", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wibu.com", + "refsource": "MISC", + "name": "https://wibu.com" + }, + { + "refsource": "CONFIRM", + "name": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf", + "url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf" } ] } diff --git a/2024/45xxx/CVE-2024-45182.json b/2024/45xxx/CVE-2024-45182.json index e66f1e96f6f..03a62ddc3b6 100644 --- a/2024/45xxx/CVE-2024-45182.json +++ b/2024/45xxx/CVE-2024-45182.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-45182", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-45182", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wibu.com", + "refsource": "MISC", + "name": "https://wibu.com" + }, + { + "refsource": "CONFIRM", + "name": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf", + "url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-94453.pdf" } ] } diff --git a/2024/45xxx/CVE-2024-45303.json b/2024/45xxx/CVE-2024-45303.json index 32a1ba9919c..9878442cc49 100644 --- a/2024/45xxx/CVE-2024-45303.json +++ b/2024/45xxx/CVE-2024-45303.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-45303", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Discourse Calendar plugin adds the ability to create a dynamic calendar in the first post of a topic to Discourse. Rendering event names can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse\u2019s default Content Security Policy. The issue is patched in version 0.5 of the Discourse Calendar plugin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "discourse", + "product": { + "product_data": [ + { + "product_name": "discourse-calendar", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/discourse/discourse-calendar/security/advisories/GHSA-rq37-8pf3-4xc8", + "refsource": "MISC", + "name": "https://github.com/discourse/discourse-calendar/security/advisories/GHSA-rq37-8pf3-4xc8" + }, + { + "url": "https://github.com/discourse/discourse-calendar/commit/81e1c8e3c4c02276fb890da7e3f684259aeb685c", + "refsource": "MISC", + "name": "https://github.com/discourse/discourse-calendar/commit/81e1c8e3c4c02276fb890da7e3f684259aeb685c" + } + ] + }, + "source": { + "advisory": "GHSA-rq37-8pf3-4xc8", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/45xxx/CVE-2024-45383.json b/2024/45xxx/CVE-2024-45383.json new file mode 100644 index 00000000000..bb3db277d71 --- /dev/null +++ b/2024/45xxx/CVE-2024-45383.json @@ -0,0 +1,88 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2024-45383", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. An attacker can execute malicious script/application to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-664: Improper Control of a Resource Through its Lifetime", + "cweId": "CWE-664" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "HDAudBus.sys", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.0.19041.3636 (WinBuild.160101.0800)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2008", + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2008" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Marcin 'Icewall' Noga of Cisco Talos." + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5, + "baseSeverity": "MEDIUM" + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4472.json b/2024/4xxx/CVE-2024-4472.json index 062c1417070..ce931c5e225 100644 --- a/2024/4xxx/CVE-2024-4472.json +++ b/2024/4xxx/CVE-2024-4472.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-4472", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@gitlab.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, where dependency proxy credentials are retained in graphql Logs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-532: Insertion of Sensitive Information into Log File", + "cweId": "CWE-532" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitLab", + "product": { + "product_data": [ + { + "product_name": "GitLab", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.5", + "version_value": "17.1.7" + }, + { + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3.2" + }, + { + "version_affected": "<", + "version_name": "17.2", + "version_value": "17.2.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/460289", + "refsource": "MISC", + "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/460289" + }, + { + "url": "https://hackerone.com/reports/2477062", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2477062" + } + ] + }, + "solution": [ + { + "lang": "en", + "value": "Upgrade to versions 17.1.7, 17.2.5, 17.3.2 or above." + } + ], + "credits": [ + { + "lang": "en", + "value": "Thanks [ac7n0w](https://hackerone.com/ac7n0w) for reporting this vulnerability through our HackerOne bug bounty program" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/6xxx/CVE-2024-6678.json b/2024/6xxx/CVE-2024-6678.json index 44aec139391..0270215069b 100644 --- a/2024/6xxx/CVE-2024-6678.json +++ b/2024/6xxx/CVE-2024-6678.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6678", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@gitlab.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-290: Authentication Bypass by Spoofing", + "cweId": "CWE-290" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitLab", + "product": { + "product_data": [ + { + "product_name": "GitLab", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "8.14", + "version_value": "17.1.7" + }, + { + "version_affected": "<", + "version_name": "17.2", + "version_value": "17.2.5" + }, + { + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/471923", + "refsource": "MISC", + "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/471923" + }, + { + "url": "https://hackerone.com/reports/2595495", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2595495" + } + ] + }, + "solution": [ + { + "lang": "en", + "value": "Upgrade to versions 17.1.7, 17.2.5, 17.3.2 or above." + } + ], + "credits": [ + { + "lang": "en", + "value": "Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" } ] } diff --git a/2024/8xxx/CVE-2024-8311.json b/2024/8xxx/CVE-2024-8311.json index 36d1b16071b..9184c617771 100644 --- a/2024/8xxx/CVE-2024-8311.json +++ b/2024/8xxx/CVE-2024-8311.json @@ -1,17 +1,99 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8311", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@gitlab.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered with pipeline execution policies in GitLab EE affecting all versions from 17.2 prior to 17.2.5, 17.3 prior to 17.3.2 which allows authenticated users to bypass variable overwrite protection via inclusion of a CI/CD template." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-424: Improper Protection of Alternate Path", + "cweId": "CWE-424" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitLab", + "product": { + "product_data": [ + { + "product_name": "GitLab", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "17.2", + "version_value": "17.2.5" + }, + { + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/479315", + "refsource": "MISC", + "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/479315" + } + ] + }, + "solution": [ + { + "lang": "en", + "value": "Upgrade to versions 17.2.5, 17.3.2 or above." + } + ], + "credits": [ + { + "lang": "en", + "value": "This vulnerability has been discovered internally by GitLab team member Andy Schoenen" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/8xxx/CVE-2024-8641.json b/2024/8xxx/CVE-2024-8641.json index fc8e8ff40ca..59515e03bf7 100644 --- a/2024/8xxx/CVE-2024-8641.json +++ b/2024/8xxx/CVE-2024-8641.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8641", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@gitlab.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim's CI_JOB_TOKEN to obtain a GitLab session token belonging to the victim." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-270: Privilege Context Switching Error", + "cweId": "CWE-270" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitLab", + "product": { + "product_data": [ + { + "product_name": "GitLab", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "13.7", + "version_value": "17.1.7" + }, + { + "version_affected": "<", + "version_name": "17.2", + "version_value": "17.2.5" + }, + { + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/471954", + "refsource": "MISC", + "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/471954" + }, + { + "url": "https://hackerone.com/reports/2595495", + "refsource": "MISC", + "name": "https://hackerone.com/reports/2595495" + } + ] + }, + "solution": [ + { + "lang": "en", + "value": "Upgrade to version 17.1.7, 17.2.5 or 17.3.2" + } + ], + "credits": [ + { + "lang": "en", + "value": "Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/8xxx/CVE-2024-8758.json b/2024/8xxx/CVE-2024-8758.json new file mode 100644 index 00000000000..4cfc081a07d --- /dev/null +++ b/2024/8xxx/CVE-2024-8758.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8758", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/8xxx/CVE-2024-8759.json b/2024/8xxx/CVE-2024-8759.json new file mode 100644 index 00000000000..83d96050d0f --- /dev/null +++ b/2024/8xxx/CVE-2024-8759.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-8759", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file