admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-14 18:00:36 +00:00
parent 08077002a2
commit c73ac66d09
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
10 changed files with 123 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2021/4xxx/CVE-2021-4201.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"DATE_PUBLIC": "2021-12-07T12:00:00.000Z",
"ID": "CVE-2021-4201",
"STATE": "PUBLIC",

2
2022/0xxx/CVE-2022-0143.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"DATE_PUBLIC": "2022-09-19T17:38:00.000Z",
"ID": "CVE-2022-0143",
"STATE": "PUBLIC",

2
2022/24xxx/CVE-2022-24669.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"DATE_PUBLIC": "2022-10-20T15:33:00.000Z",
"ID": "CVE-2022-24669",
"STATE": "PUBLIC",

2
2022/24xxx/CVE-2022-24670.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"DATE_PUBLIC": "2022-10-20T15:33:00.000Z",
"ID": "CVE-2022-24670",
"STATE": "PUBLIC",

4
2022/3xxx/CVE-2022-3748.json
View File

@ -4,14 +4,14 @@
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-3748",
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass.This issue affects Access Management: from 6.5.0 through 7.2.0.\n\n"
"value": "Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass.\u00a0This issue affects Access Management: from 6.5.0 through 7.2.0."
}
]
},

4
2023/0xxx/CVE-2023-0339.json
View File

@ -4,14 +4,14 @@
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-0339",
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1"
"value": "Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass.\u00a0This issue affects Access Management Web Policy Agent: all versions up to 5.10.1"
}
]
},

14
2023/0xxx/CVE-2023-0511.json
View File

@ -4,14 +4,14 @@
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-0511",
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1"
"value": "Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass.\u00a0This issue affects Access Management Java Policy Agent: all versions up to 5.10.1"
}
]
},
@ -55,15 +55,15 @@
},
"references": {
"reference_data": [
{
"url": "https://backstage.forgerock.com/knowledge/kb/article/a21576868",
"refsource": "MISC",
"name": "https://backstage.forgerock.com/knowledge/kb/article/a21576868"
},
{
"url": "https://backstage.forgerock.com/downloads/browse/am/featured/java-agents",
"refsource": "MISC",
"name": "https://backstage.forgerock.com/downloads/browse/am/featured/java-agents"
},
{
"url": "https://backstage.forgerock.com/knowledge/kb/article/a21576868",
"refsource": "MISC",
"name": "https://backstage.forgerock.com/knowledge/kb/article/a21576868"
}
]
},

4
2023/0xxx/CVE-2023-0582.json
View File

@ -4,14 +4,14 @@
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-0582",
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass.\n\nThis issue affects access management: before 7.3.0, before 7.2.1, before 7.1.4, through 7.0.2.\n\n"
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass.\n\nThis issue affects access management: before 7.3.0, before 7.2.1, before 7.1.4, through 7.0.2."
}
]
},

2
2023/1xxx/CVE-2023-1656.json
View File

@ -4,7 +4,7 @@
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-1656",
"ASSIGNER": "psirt@forgerock.com",
"ASSIGNER": "responsible-disclosure@pingidentity.com",
"STATE": "PUBLIC"
},
"description": {

109
2025/3xxx/CVE-2025-3585.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3585",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /upload/ of the component JSP Parser. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in westboy CicadasCMS 1.0 entdeckt. Sie wurde als kritisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei /upload/ der Komponente JSP Parser. Durch das Manipulieren des Arguments File mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted Upload",
"cweId": "CWE-434"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "westboy",
"product": {
"product_data": [
{
"product_name": "CicadasCMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.304641",
"refsource": "MISC",
"name": "https://vuldb.com/?id.304641"
},
{
"url": "https://vuldb.com/?ctiid.304641",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.304641"
},
{
"url": "https://vuldb.com/?submit.549981",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.549981"
},
{
"url": "https://github.com/Bae-ke/cve/issues/1",
"refsource": "MISC",
"name": "https://github.com/Bae-ke/cve/issues/1"
}
]
},
"credits": [
{
"lang": "en",
"value": "keke (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}