diff --git a/2023/7xxx/CVE-2023-7249.json b/2023/7xxx/CVE-2023-7249.json index f21577acb4c..15dd7f4055c 100644 --- a/2023/7xxx/CVE-2023-7249.json +++ b/2023/7xxx/CVE-2023-7249.json @@ -1,18 +1,71 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-7249", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@opentext.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "OpenText", + "product": { + "product_data": [ + { + "product_name": "OpenText Directory Services", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.4.2", + "version_value": "24.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.opentext.com/csm?id=kb_article_view&sysparm_article=KB0807814", + "refsource": "MISC", + "name": "https://support.opentext.com/csm?id=kb_article_view&sysparm_article=KB0807814" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/27xxx/CVE-2024-27443.json b/2024/27xxx/CVE-2024-27443.json index a79dc7d54b6..dc30f7b0ebe 100644 --- a/2024/27xxx/CVE-2024-27443.json +++ b/2024/27xxx/CVE-2024-27443.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-27443", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-27443", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this via an email message containing a crafted calendar header with an embedded XSS payload. When a victim views this message in the Zimbra webmail classic interface, the payload is executed in the context of the victim's session, potentially leading to execution of arbitrary JavaScript code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.7#Security_Fixes" + }, + { + "refsource": "CONFIRM", + "name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P39#Security_Fixes" } ] } diff --git a/2024/33xxx/CVE-2024-33892.json b/2024/33xxx/CVE-2024-33892.json index cfad71f661c..6f2b988ebf5 100644 --- a/2024/33xxx/CVE-2024-33892.json +++ b/2024/33xxx/CVE-2024-33892.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf", "url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf" + }, + { + "refsource": "MISC", + "name": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/", + "url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/" } ] } diff --git a/2024/33xxx/CVE-2024-33893.json b/2024/33xxx/CVE-2024-33893.json index 8911c45661c..7a80e18982c 100644 --- a/2024/33xxx/CVE-2024-33893.json +++ b/2024/33xxx/CVE-2024-33893.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf", "url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf" + }, + { + "refsource": "MISC", + "name": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/", + "url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/" } ] } diff --git a/2024/33xxx/CVE-2024-33894.json b/2024/33xxx/CVE-2024-33894.json index 63819bfa4e3..f87d89d1d89 100644 --- a/2024/33xxx/CVE-2024-33894.json +++ b/2024/33xxx/CVE-2024-33894.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf", "url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf" + }, + { + "refsource": "MISC", + "name": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/", + "url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/" } ] } diff --git a/2024/33xxx/CVE-2024-33895.json b/2024/33xxx/CVE-2024-33895.json index e62bae1e6ec..d56512b968d 100644 --- a/2024/33xxx/CVE-2024-33895.json +++ b/2024/33xxx/CVE-2024-33895.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf", "url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf" + }, + { + "refsource": "MISC", + "name": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/", + "url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/" } ] } diff --git a/2024/33xxx/CVE-2024-33896.json b/2024/33xxx/CVE-2024-33896.json index 1036bd5ca52..e936cd118a3 100644 --- a/2024/33xxx/CVE-2024-33896.json +++ b/2024/33xxx/CVE-2024-33896.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf", "url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf" + }, + { + "refsource": "MISC", + "name": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/", + "url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/" } ] } diff --git a/2024/33xxx/CVE-2024-33897.json b/2024/33xxx/CVE-2024-33897.json index 471eb9209fe..aae5c781009 100644 --- a/2024/33xxx/CVE-2024-33897.json +++ b/2024/33xxx/CVE-2024-33897.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf", "url": "https://hmsnetworks.blob.core.windows.net/nlw/docs/default-source/products/cybersecurity/security-advisory/hms-security-advisory-2024-07-29-001--ewon-several-cosy--vulnerabilities.pdf" + }, + { + "refsource": "MISC", + "name": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/", + "url": "https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/" } ] } diff --git a/2024/36xxx/CVE-2024-36877.json b/2024/36xxx/CVE-2024-36877.json index c7fbe1c0467..81a469f3cd0 100644 --- a/2024/36xxx/CVE-2024-36877.json +++ b/2024/36xxx/CVE-2024-36877.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-36877", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-36877", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was discovered to contain a write-what-where condition in the in the SW handler for SMI 0xE3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://csr.msi.com/global/product-security-advisories", + "url": "https://csr.msi.com/global/product-security-advisories" + }, + { + "refsource": "CONFIRM", + "name": "https://jjensn.com/at-home-in-your-firmware/", + "url": "https://jjensn.com/at-home-in-your-firmware/" } ] } diff --git a/2024/39xxx/CVE-2024-39091.json b/2024/39xxx/CVE-2024-39091.json index 5b0642763c9..d17d14e2eba 100644 --- a/2024/39xxx/CVE-2024-39091.json +++ b/2024/39xxx/CVE-2024-39091.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-39091", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-39091", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An OS command injection vulnerability in the ccm_debug component of MIPC Camera firmware prior to v5.4.1.240424171021 allows attackers within the same network to execute arbitrary code via a crafted HTML request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://joerngermany.github.io/mipc_vulnerability/", + "url": "https://joerngermany.github.io/mipc_vulnerability/" } ] } diff --git a/2024/42xxx/CVE-2024-42477.json b/2024/42xxx/CVE-2024-42477.json index fc445e88636..42d7a20afc3 100644 --- a/2024/42xxx/CVE-2024-42477.json +++ b/2024/42xxx/CVE-2024-42477.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42477", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ggerganov", + "product": { + "product_data": [ + { + "product_name": "llama.cpp", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< b3561" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf", + "refsource": "MISC", + "name": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf" + }, + { + "url": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b", + "refsource": "MISC", + "name": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b" + } + ] + }, + "source": { + "advisory": "GHSA-mqp6-7pv6-fqjf", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42478.json b/2024/42xxx/CVE-2024-42478.json index f775e14c25d..54f7afd556d 100644 --- a/2024/42xxx/CVE-2024-42478.json +++ b/2024/42xxx/CVE-2024-42478.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42478", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ggerganov", + "product": { + "product_data": [ + { + "product_name": "llama.cpp", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< b3561" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-5vm9-p64x-gqw9", + "refsource": "MISC", + "name": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-5vm9-p64x-gqw9" + }, + { + "url": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b", + "refsource": "MISC", + "name": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b" + } + ] + }, + "source": { + "advisory": "GHSA-5vm9-p64x-gqw9", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42479.json b/2024/42xxx/CVE-2024-42479.json index 0a6c952fa8b..a678897abd1 100644 --- a/2024/42xxx/CVE-2024-42479.json +++ b/2024/42xxx/CVE-2024-42479.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42479", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-123: Write-what-where Condition", + "cweId": "CWE-123" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ggerganov", + "product": { + "product_data": [ + { + "product_name": "llama.cpp", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< b3561" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-wcr5-566p-9cwj", + "refsource": "MISC", + "name": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-wcr5-566p-9cwj" + }, + { + "url": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b", + "refsource": "MISC", + "name": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b" + } + ] + }, + "source": { + "advisory": "GHSA-wcr5-566p-9cwj", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42480.json b/2024/42xxx/CVE-2024-42480.json index 6e194a0847a..f4455b2fe81 100644 --- a/2024/42xxx/CVE-2024-42480.json +++ b/2024/42xxx/CVE-2024-42480.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42480", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions 1.0.0 and earlier, Kamaji uses an \"open at the top\" range definition in RBAC for etcd roles leading to some TCPs API servers being able to read, write, and delete the data of other control planes. This vulnerability is fixed in edge-24.8.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "clastix", + "product": { + "product_data": [ + { + "product_name": "kamaji", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 1.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/clastix/kamaji/security/advisories/GHSA-6r4j-4rjc-8vw5", + "refsource": "MISC", + "name": "https://github.com/clastix/kamaji/security/advisories/GHSA-6r4j-4rjc-8vw5" + }, + { + "url": "https://github.com/clastix/kamaji/commit/1731e8c2ed5148b125ecfbdf091ee177bd44f3db", + "refsource": "MISC", + "name": "https://github.com/clastix/kamaji/commit/1731e8c2ed5148b125ecfbdf091ee177bd44f3db" + }, + { + "url": "https://github.com/clastix/kamaji/blob/8cdc6191242f80d120c46b166e2102d27568225a/internal/datastore/etcd.go#L19-L24", + "refsource": "MISC", + "name": "https://github.com/clastix/kamaji/blob/8cdc6191242f80d120c46b166e2102d27568225a/internal/datastore/etcd.go#L19-L24" + } + ] + }, + "source": { + "advisory": "GHSA-6r4j-4rjc-8vw5", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42481.json b/2024/42xxx/CVE-2024-42481.json index 3109127b2cf..08ec291763d 100644 --- a/2024/42xxx/CVE-2024-42481.json +++ b/2024/42xxx/CVE-2024-42481.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42481", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400: Uncontrolled Resource Consumption", + "cweId": "CWE-400" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "skyportlabs", + "product": { + "product_data": [ + { + "product_name": "skyportd", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.2.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/skyportlabs/skyportd/security/advisories/GHSA-cwmq-phcx-9g92", + "refsource": "MISC", + "name": "https://github.com/skyportlabs/skyportd/security/advisories/GHSA-cwmq-phcx-9g92" + } + ] + }, + "source": { + "advisory": "GHSA-cwmq-phcx-9g92", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42482.json b/2024/42xxx/CVE-2024-42482.json index 06bab931ff3..90da9ddaf65 100644 --- a/2024/42xxx/CVE-2024-42482.json +++ b/2024/42xxx/CVE-2024-42482.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42482", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "fish-shop/syntax-check is a GitHub action for syntax checking fish shell files. Improper neutralization of delimiters in the `pattern` input (specifically the command separator `;` and command substitution characters `(` and `)`) mean that arbitrary command injection is possible by modification of the input value used in a workflow. This has the potential for exposure or exfiltration of sensitive information from the workflow runner, such as might be achieved by sending environment variables to an external entity. It is recommended that users update to the patched version `v1.6.12` or the latest release version `v2.0.0`, however remediation may be possible through careful control of workflows and the `pattern` input value used by this action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-140: Improper Neutralization of Delimiters", + "cweId": "CWE-140" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "fish-shop", + "product": { + "product_data": [ + { + "product_name": "syntax-check", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 1.6.12" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/fish-shop/syntax-check/security/advisories/GHSA-xj87-mqvh-88w2", + "refsource": "MISC", + "name": "https://github.com/fish-shop/syntax-check/security/advisories/GHSA-xj87-mqvh-88w2" + }, + { + "url": "https://github.com/fish-shop/syntax-check/commit/91e6817c48ad475542fe4e78139029b036a53b03", + "refsource": "MISC", + "name": "https://github.com/fish-shop/syntax-check/commit/91e6817c48ad475542fe4e78139029b036a53b03" + }, + { + "url": "https://github.com/fish-shop/syntax-check/commit/c2cb11395e21119ff8d6e7ea050430ee7d6f49ca", + "refsource": "MISC", + "name": "https://github.com/fish-shop/syntax-check/commit/c2cb11395e21119ff8d6e7ea050430ee7d6f49ca" + } + ] + }, + "source": { + "advisory": "GHSA-xj87-mqvh-88w2", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42485.json b/2024/42xxx/CVE-2024-42485.json index c68e0fd3dca..cc1a6392aeb 100644 --- a/2024/42xxx/CVE-2024-42485.json +++ b/2024/42xxx/CVE-2024-42485.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42485", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Filament Excel enables excel export for Filament admin resources. The export download route `/filament-excel/{path}` allowed downloading any file without login when the webserver allows `../` in the URL. Patched with Version v2.3.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "pxlrbt", + "product": { + "product_data": [ + { + "product_name": "filament-excel", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 2.3.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pxlrbt/filament-excel/security/advisories/GHSA-m3px-vjxr-fx4m", + "refsource": "MISC", + "name": "https://github.com/pxlrbt/filament-excel/security/advisories/GHSA-m3px-vjxr-fx4m" + }, + { + "url": "https://github.com/pxlrbt/filament-excel/commit/bda42891a4b0c15d5dab5da8c53a006ddadccfb7", + "refsource": "MISC", + "name": "https://github.com/pxlrbt/filament-excel/commit/bda42891a4b0c15d5dab5da8c53a006ddadccfb7" + } + ] + }, + "source": { + "advisory": "GHSA-m3px-vjxr-fx4m", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42489.json b/2024/42xxx/CVE-2024-42489.json index 68737cd162a..2f229585746 100644 --- a/2024/42xxx/CVE-2024-42489.json +++ b/2024/42xxx/CVE-2024-42489.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-42489", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform remote code execution. Other macros like Viewppt are vulnerable to the same kind of attack. This vulnerability is fixed in 1.10.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwikisas", + "product": { + "product_data": [ + { + "product_name": "xwiki-pro-macros", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.0, < 1.10.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwikisas/xwiki-pro-macros/security/advisories/GHSA-cfq3-q227-7j65", + "refsource": "MISC", + "name": "https://github.com/xwikisas/xwiki-pro-macros/security/advisories/GHSA-cfq3-q227-7j65" + }, + { + "url": "https://github.com/xwikisas/xwiki-pro-macros/commit/199553c84901999481a20614f093af2d57970eba", + "refsource": "MISC", + "name": "https://github.com/xwikisas/xwiki-pro-macros/commit/199553c84901999481a20614f093af2d57970eba" + }, + { + "url": "https://github.com/xwikisas/xwiki-pro-macros/blob/main/xwiki-pro-macros-ui/src/main/resources/Confluence/Macros/Viewpdf.xml#L265-L267", + "refsource": "MISC", + "name": "https://github.com/xwikisas/xwiki-pro-macros/blob/main/xwiki-pro-macros-ui/src/main/resources/Confluence/Macros/Viewpdf.xml#L265-L267" + } + ] + }, + "source": { + "advisory": "GHSA-cfq3-q227-7j65", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/42xxx/CVE-2024-42628.json b/2024/42xxx/CVE-2024-42628.json index 93a7f06214a..b1289a6dfa8 100644 --- a/2024/42xxx/CVE-2024-42628.json +++ b/2024/42xxx/CVE-2024-42628.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-42628", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-42628", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/edit/3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Kirtoc/cms/tree/main/5/readme.md", + "refsource": "MISC", + "name": "https://github.com/Kirtoc/cms/tree/main/5/readme.md" } ] } diff --git a/2024/42xxx/CVE-2024-42629.json b/2024/42xxx/CVE-2024-42629.json index 76d4e5115b7..d5cb8d417e6 100644 --- a/2024/42xxx/CVE-2024-42629.json +++ b/2024/42xxx/CVE-2024-42629.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-42629", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-42629", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Kirtoc/cms/tree/main/2/readme.md", + "refsource": "MISC", + "name": "https://github.com/Kirtoc/cms/tree/main/2/readme.md" } ] } diff --git a/2024/42xxx/CVE-2024-42630.json b/2024/42xxx/CVE-2024-42630.json index a46bc643974..af5bf879c2b 100644 --- a/2024/42xxx/CVE-2024-42630.json +++ b/2024/42xxx/CVE-2024-42630.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-42630", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-42630", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Kirtoc/cms/tree/main/10/readme.md", + "refsource": "MISC", + "name": "https://github.com/Kirtoc/cms/tree/main/10/readme.md" } ] } diff --git a/2024/42xxx/CVE-2024-42631.json b/2024/42xxx/CVE-2024-42631.json index a093f15ea29..3abb30ff227 100644 --- a/2024/42xxx/CVE-2024-42631.json +++ b/2024/42xxx/CVE-2024-42631.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-42631", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-42631", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/edit/1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Kirtoc/cms/tree/main/7/readme.md", + "refsource": "MISC", + "name": "https://github.com/Kirtoc/cms/tree/main/7/readme.md" } ] } diff --git a/2024/42xxx/CVE-2024-42632.json b/2024/42xxx/CVE-2024-42632.json index c349c8f45a7..fee4f7ce896 100644 --- a/2024/42xxx/CVE-2024-42632.json +++ b/2024/42xxx/CVE-2024-42632.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-42632", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-42632", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/add." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Kirtoc/cms/tree/main/1/readme.md", + "refsource": "MISC", + "name": "https://github.com/Kirtoc/cms/tree/main/1/readme.md" } ] } diff --git a/2024/4xxx/CVE-2024-4871.json b/2024/4xxx/CVE-2024-4871.json index 347bb66c284..3d244101b29 100644 --- a/2024/4xxx/CVE-2024-4871.json +++ b/2024/4xxx/CVE-2024-4871.json @@ -36,12 +36,342 @@ "product": { "product_data": [ { - "product_name": "Red Hat Satellite 6", + "product_name": "Red Hat Satellite 6.15 for RHEL 8", "version": { "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:4.3.14-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.9.1.8-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1:3.9.3.2-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:2.16.9-1.el8pc", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.39.15-1.el8pc", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:1.8.3-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:13.0.6-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:12.0.7-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:4.11.0.15-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.0.0-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:0.10.6-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:6.15.2-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:4.3.14-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.9.1.8-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "1:3.9.3.2-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:2.16.9-1.el8pc", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.39.15-1.el8pc", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:1.8.3-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:13.0.6-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:12.0.7-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:4.11.0.15-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.0.0-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:0.10.6-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:6.15.2-1.el8sat", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], "defaultStatus": "affected" } } @@ -56,6 +386,11 @@ }, "references": { "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHBA-2024:4589", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHBA-2024:4589" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-4871", "refsource": "MISC",