admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-09-27 00:00:34 +00:00
parent 5ce978ece5
commit bab7eb4ed1
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
7 changed files with 295 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
2024/1xxx/CVE-2024-1394.json
View File

@ -172,6 +172,20 @@
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:101-2.el8_10",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
@ -220,12 +234,6 @@
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
@ -579,7 +587,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.25.5-13.1.rhaos4.12.git76343da.el8",
"version": "0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -593,7 +601,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.25.0-2.2.el8",
"version": "0:1.25.0-2.2.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -607,7 +615,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.14.0-7.1.rhaos4.12.el8",
"version": "0:2.14.0-5.2.rhaos4.12.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -621,7 +629,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9",
"version": "0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -635,7 +643,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.2.0-7.2.rhaos4.12.el9",
"version": "3:4.4.1-2.1.rhaos4.12.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -663,7 +671,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.9.4-3.2.rhaos4.12.el8",
"version": "2:1.9.4-3.2.rhaos4.12.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -684,7 +692,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:1.29.1-2.2.rhaos4.13.el9",
"version": "1:1.29.1-2.2.rhaos4.13.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -754,7 +762,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el9",
"version": "0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -768,7 +776,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-6.2.rhaos4.13.el9",
"version": "3:4.4.1-5.2.rhaos4.13.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -796,7 +804,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.11.2-2.2.rhaos4.13.el8",
"version": "2:1.11.2-2.2.rhaos4.13.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -887,7 +895,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el9",
"version": "0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1041,7 +1049,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el8",
"version": "0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1125,7 +1133,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-11.4.rhaos4.14.el8",
"version": "3:4.4.1-11.4.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1153,7 +1161,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.11.2-10.4.rhaos4.14.el8",
"version": "2:1.11.2-10.4.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1286,7 +1294,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el8",
"version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1300,7 +1308,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el8",
"version": "0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1328,7 +1336,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4:1.1.12-1.1.rhaos4.15.el9",
"version": "4:1.1.12-1.1.rhaos4.15.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -2092,6 +2100,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5634"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:7262",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:7262"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-1394",
"refsource": "MISC",

100
2024/4xxx/CVE-2024-4099.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-4099",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@gitlab.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. An AI feature was found to read unsanitized content in a way that could have allowed an attacker to hide prompt injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116: Improper Encoding or Escaping of Output",
"cweId": "CWE-116"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GitLab",
"product": {
"product_data": [
{
"product_name": "GitLab",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.0",
"version_value": "17.2.8"
},
{
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3.4"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/457798",
"refsource": "MISC",
"name": "https://gitlab.com/gitlab-org/gitlab/-/issues/457798"
},
{
"url": "https://hackerone.com/reports/2459597",
"refsource": "MISC",
"name": "https://hackerone.com/reports/2459597"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to versions 17.2.8, 17.3.4, 17.4.1 or above."
}
],
"credits": [
{
"lang": "en",
"value": "Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
}
]
}

95
2024/8xxx/CVE-2024-8974.json
View File

@ -1,17 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8974",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@gitlab.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-684: Incorrect Provision of Specified Functionality",
"cweId": "CWE-684"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GitLab",
"product": {
"product_data": [
{
"product_name": "GitLab",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.6",
"version_value": "17.2.8"
},
{
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3.4"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/482843",
"refsource": "MISC",
"name": "https://gitlab.com/gitlab-org/gitlab/-/issues/482843"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to version 17.4.1, 17.3.4, 17.2.8."
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability has been discovered internally by GitLab team member [Lukas Eipert](https://gitlab.com/leipert)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW"
}
]
}

18
2024/9xxx/CVE-2024-9269.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9269",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9270.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9270",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9271.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9271",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/9xxx/CVE-2024-9272.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9272",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}