diff --git a/2024/12xxx/CVE-2024-12718.json b/2024/12xxx/CVE-2024-12718.json index abc35ca101c..da705e82dd8 100644 --- a/2024/12xxx/CVE-2024-12718.json +++ b/2024/12xxx/CVE-2024-12718.json @@ -1,18 +1,111 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-12718", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@python.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Allows modifying some file metadata (e.g. last modified) with filter=\"data\"\u00a0or file permissions (chmod) with filter=\"tar\"\u00a0of files outside the extraction directory.\nYou are affected by this vulnerability if using the tarfile\u00a0module to extract untrusted tar archives using TarFile.extractall()\u00a0or TarFile.extract()\u00a0using the filter=\u00a0parameter with a value of \"data\"\u00a0or \"tar\". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter \u00a0for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature.\n\nNote that for Python 3.14 or later the default value of filter=\u00a0changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Python Software Foundation", + "product": { + "product_data": [ + { + "product_name": "CPython", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "3.15.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/python/cpython/issues/135034", + "refsource": "MISC", + "name": "https://github.com/python/cpython/issues/135034" + }, + { + "url": "https://github.com/python/cpython/pull/135037", + "refsource": "MISC", + "name": "https://github.com/python/cpython/pull/135037" + }, + { + "url": "https://github.com/python/cpython/issues/127987", + "refsource": "MISC", + "name": "https://github.com/python/cpython/issues/127987" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Jakub Wilk" + }, + { + "lang": "en", + "value": "Seth Larson" + }, + { + "lang": "en", + "value": "Petr Viktorin" + }, + { + "lang": "en", + "value": "Serhiy Storchaka" + }, + { + "lang": "en", + "value": "Hugo van Kemenade" + }, + { + "lang": "en", + "value": "\u0141ukasz Langa" + }, + { + "lang": "en", + "value": "Thomas Wouters" + } + ] } \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4138.json b/2025/4xxx/CVE-2025-4138.json index 8bfd4d92151..28cb1e6e697 100644 --- a/2025/4xxx/CVE-2025-4138.json +++ b/2025/4xxx/CVE-2025-4138.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4138", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@python.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata.\n\n\nYou are affected by this vulnerability if using the tarfile\u00a0module to extract untrusted tar archives using TarFile.extractall()\u00a0or TarFile.extract()\u00a0using the filter=\u00a0parameter with a value of \"data\"\u00a0or \"tar\". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter \u00a0for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature.\n\nNote that for Python 3.14 or later the default value of filter=\u00a0changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Python Software Foundation", + "product": { + "product_data": [ + { + "product_name": "CPython", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "3.15.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/python/cpython/issues/135034", + "refsource": "MISC", + "name": "https://github.com/python/cpython/issues/135034" + }, + { + "url": "https://github.com/python/cpython/pull/135037", + "refsource": "MISC", + "name": "https://github.com/python/cpython/pull/135037" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Caleb Brown (Google)" + }, + { + "lang": "en", + "value": "Petr Viktorin" + }, + { + "lang": "en", + "value": "Serhiy Storchaka" + }, + { + "lang": "en", + "value": "Hugo van Kemenade" + }, + { + "lang": "en", + "value": "\u0141ukasz Langa" + }, + { + "lang": "en", + "value": "Thomas Wouters" + }, + { + "lang": "en", + "value": "Seth Larson" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2025/4xxx/CVE-2025-4330.json b/2025/4xxx/CVE-2025-4330.json index ee2c5570c45..f9439a5487d 100644 --- a/2025/4xxx/CVE-2025-4330.json +++ b/2025/4xxx/CVE-2025-4330.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4330", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@python.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata.\n\n\nYou are affected by this vulnerability if using the tarfile\u00a0module to extract untrusted tar archives using TarFile.extractall()\u00a0or TarFile.extract()\u00a0using the filter=\u00a0parameter with a value of \"data\"\u00a0or \"tar\". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter \u00a0for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature.\n\nNote that for Python 3.14 or later the default value of filter=\u00a0changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Python Software Foundation", + "product": { + "product_data": [ + { + "product_name": "CPython", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "3.15.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/python/cpython/issues/135034", + "refsource": "MISC", + "name": "https://github.com/python/cpython/issues/135034" + }, + { + "url": "https://github.com/python/cpython/pull/135037", + "refsource": "MISC", + "name": "https://github.com/python/cpython/pull/135037" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Caleb Brown (Google)" + }, + { + "lang": "en", + "value": "Petr Viktorin" + }, + { + "lang": "en", + "value": "Serhiy Storchaka" + }, + { + "lang": "en", + "value": "Hugo van Kemenade" + }, + { + "lang": "en", + "value": "\u0141ukasz Langa" + }, + { + "lang": "en", + "value": "Thomas Wouters" + }, + { + "lang": "en", + "value": "Seth Larson" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "version": "3.1" } ] } diff --git a/2025/4xxx/CVE-2025-4435.json b/2025/4xxx/CVE-2025-4435.json index e89db2b49f8..c8f55161a10 100644 --- a/2025/4xxx/CVE-2025-4435.json +++ b/2025/4xxx/CVE-2025-4435.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4435", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@python.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "When using a TarFile.errorlevel = 0\u00a0and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0\u00a0in affected versions is that the member would still be extracted and not skipped." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Python Software Foundation", + "product": { + "product_data": [ + { + "product_name": "CPython", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "3.15.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/python/cpython/issues/135034", + "refsource": "MISC", + "name": "https://github.com/python/cpython/issues/135034" + }, + { + "url": "https://github.com/python/cpython/pull/135037", + "refsource": "MISC", + "name": "https://github.com/python/cpython/pull/135037" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Chuck Woodraska" + }, + { + "lang": "en", + "value": "Petr Viktorin" + }, + { + "lang": "en", + "value": "Serhiy Storchaka" + }, + { + "lang": "en", + "value": "Hugo van Kemenade" + }, + { + "lang": "en", + "value": "\u0141ukasz Langa" + }, + { + "lang": "en", + "value": "Thomas Wouters" + }, + { + "lang": "en", + "value": "Seth Larson" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "version": "3.1" } ] } diff --git a/2025/4xxx/CVE-2025-4517.json b/2025/4xxx/CVE-2025-4517.json index abdde2917ba..272a937a7d5 100644 --- a/2025/4xxx/CVE-2025-4517.json +++ b/2025/4xxx/CVE-2025-4517.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4517", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@python.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=\"data\".\n\n\nYou are affected by this vulnerability if using the tarfile\u00a0module to extract untrusted tar archives using TarFile.extractall()\u00a0or TarFile.extract()\u00a0using the filter=\u00a0parameter with a value of \"data\"\u00a0or \"tar\". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter \u00a0for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature.\n\nNote that for Python 3.14 or later the default value of filter=\u00a0changed from \"no filtering\" to `\"data\", so if you are relying on this new default behavior then your usage is also affected.\n\nNote that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Python Software Foundation", + "product": { + "product_data": [ + { + "product_name": "CPython", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "3.15.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/python/cpython/issues/135034", + "refsource": "MISC", + "name": "https://github.com/python/cpython/issues/135034" + }, + { + "url": "https://github.com/python/cpython/pull/135037", + "refsource": "MISC", + "name": "https://github.com/python/cpython/pull/135037" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Caleb Brown (Google)" + }, + { + "lang": "en", + "value": "Petr Viktorin" + }, + { + "lang": "en", + "value": "Serhiy Storchaka" + }, + { + "lang": "en", + "value": "Hugo van Kemenade" + }, + { + "lang": "en", + "value": "\u0141ukasz Langa" + }, + { + "lang": "en", + "value": "Thomas Wouters" + }, + { + "lang": "en", + "value": "Seth Larson" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 9.4, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", + "version": "3.1" } ] } diff --git a/2025/4xxx/CVE-2025-4696.json b/2025/4xxx/CVE-2025-4696.json index 0f822865ccf..9d017633733 100644 --- a/2025/4xxx/CVE-2025-4696.json +++ b/2025/4xxx/CVE-2025-4696.json @@ -100,6 +100,11 @@ "refsource": "MISC", "name": "https://vuldb.com/?submit.567683" }, + { + "url": "https://vuldb.com/?submit.586589", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.586589" + }, { "url": "https://github.com/Iandweb/CVE/issues/15", "refsource": "MISC", diff --git a/2025/5xxx/CVE-2025-5495.json b/2025/5xxx/CVE-2025-5495.json index 25a030501e6..a1c35f32610 100644 --- a/2025/5xxx/CVE-2025-5495.json +++ b/2025/5xxx/CVE-2025-5495.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-5495", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of the component URL Handler. The manipulation with the input %00currentsetting.htm leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue appears to have been circulating as an 0day since 2024." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in Netgear WNR614 1.1.0.28_1.0.1WW ausgemacht. Sie wurde als kritisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Komponente URL Handler. Durch das Manipulieren mit der Eingabe %00currentsetting.htm mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Authentication", + "cweId": "CWE-287" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Netgear", + "product": { + "product_data": [ + { + "product_name": "WNR614", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.1.0.28_1.0.1WW" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.310911", + "refsource": "MISC", + "name": "https://vuldb.com/?id.310911" + }, + { + "url": "https://vuldb.com/?ctiid.310911", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.310911" + }, + { + "url": "https://vuldb.com/?submit.584939", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.584939" + }, + { + "url": "https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/ACL%20bypass%20Vulnerability%20in%20Netgear%20WNR614.md", + "refsource": "MISC", + "name": "https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/ACL%20bypass%20Vulnerability%20in%20Netgear%20WNR614.md" + }, + { + "url": "https://www.netgear.com/", + "refsource": "MISC", + "name": "https://www.netgear.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "shuanunio (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/5xxx/CVE-2025-5525.json b/2025/5xxx/CVE-2025-5525.json new file mode 100644 index 00000000000..388465802d8 --- /dev/null +++ b/2025/5xxx/CVE-2025-5525.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-5525", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file