admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-01-21 17:01:03 +00:00
parent 90fe758e62
commit d45b9f8526
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
6 changed files with 248 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
2024/45xxx/CVE-2024-45687.json
View File

@ -1,18 +1,139 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-45687",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@payara.fish",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in Payara Platform Payara Server (Grizzly, REST Management Interface modules), Payara Platform Payara Micro (Grizzly modules) allows Manipulating State, Identity Spoofing.This issue affects Payara Server: from 4.1.151 through 4.1.2.191.51, from 5.20.0 through 5.70.0, from 5.2020.2 through 5.2022.5, from 6.2022.1 through 6.2024.12, from 6.0.0 through 6.21.0; Payara Micro: from 4.1.152 through 4.1.2.191.51, from 5.20.0 through 5.70.0, from 5.2020.2 through 5.2022.5, from 6.2022.1 through 6.2024.12, from 6.0.0 through 6.21.0."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
"cweId": "CWE-113"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Payara Platform",
"product": {
"product_data": [
{
"product_name": "Payara Server",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "4.1.151",
"version_value": "4.1.2.191.51"
},
{
"version_affected": "<=",
"version_name": "5.20.0",
"version_value": "5.70.0"
},
{
"version_affected": "<=",
"version_name": "5.2020.2",
"version_value": "5.2022.5"
},
{
"version_affected": "<=",
"version_name": "6.2022.1",
"version_value": "6.2024.12"
},
{
"version_affected": "<=",
"version_name": "6.0.0",
"version_value": "6.21.0"
}
]
}
},
{
"product_name": "Payara Micro",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "4.1.152",
"version_value": "4.1.2.191.51"
},
{
"version_affected": "<=",
"version_name": "5.20.0",
"version_value": "5.70.0"
},
{
"version_affected": "<=",
"version_name": "5.2020.2",
"version_value": "5.2022.5"
},
{
"version_affected": "<=",
"version_name": "6.2022.1",
"version_value": "6.2024.12"
},
{
"version_affected": "<=",
"version_name": "6.0.0",
"version_value": "6.21.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.22.0.html",
"refsource": "MISC",
"name": "https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.22.0.html"
},
{
"url": "https://docs.payara.fish/enterprise/docs/5.71.0/Release%20Notes/Release%20Notes%205.71.0.html",
"refsource": "MISC",
"name": "https://docs.payara.fish/enterprise/docs/5.71.0/Release%20Notes/Release%20Notes%205.71.0.html"
},
{
"url": "https://docs.payara.fish/community/docs/6.2025.1/Release%20Notes/Release%20Notes%206.2025.1.html",
"refsource": "MISC",
"name": "https://docs.payara.fish/community/docs/6.2025.1/Release%20Notes/Release%20Notes%206.2025.1.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UPSTREAM"
},
"credits": [
{
"lang": "en",
"value": "Ben Kallus"
}
]
}

56
2024/57xxx/CVE-2024-57036.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/luckysmallbird/Totolink-A810R-Vulnerability-1/blob/main/3.md",
"refsource": "MISC",
"name": "https://github.com/luckysmallbird/Totolink-A810R-Vulnerability-1/blob/main/3.md"
}
]
}

18
2025/0xxx/CVE-2025-0621.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0621",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0622.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0622",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/0xxx/CVE-2025-0623.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-0623",
"ASSIGNER": "security@watchguard.com",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
}

18
2025/0xxx/CVE-2025-0624.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0624",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}