admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-22 01:00:32 +00:00
parent e2d83bfec6
commit d51f0f8864
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
4 changed files with 118 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2024/32xxx/CVE-2024-32358.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function."
"value": "An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function, a different vulnerability than CVE-2024-43033."
}
]
},

61
2024/42xxx/CVE-2024-42056.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-42056",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-42056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into sent data. Credentials for users with \"Use\" permissions can be discovered (by an authenticated attacker) via the /api/resources endpoint. The earliest affected version is 3.18.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://docs.retool.com/releases",
"refsource": "MISC",
"name": "https://docs.retool.com/releases"
},
{
"refsource": "CONFIRM",
"name": "https://docs.retool.com/disclosures/cve-2024-42056",
"url": "https://docs.retool.com/disclosures/cve-2024-42056"
}
]
}

144
2024/42xxx/CVE-2024-42143.json
View File

@ -5,154 +5,14 @@
"CVE_data_meta": {
"ID": "CVE-2024-42143",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix out-of-bounds fsid access\n\nArnd Bergmann sent a patch to fsdevel, he says:\n\n\"orangefs_statfs() copies two consecutive fields of the superblock into\nthe statfs structure, which triggers a warning from the string fortification\nhelpers\"\n\nJan Kara suggested an alternate way to do the patch to make it more readable.\n\nI ran both ideas through xfstests and both seem fine. This patch\nis based on Jan Kara's suggestion."
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "b90176a95537"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.19.318",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.280",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.222",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.163",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.98",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.39",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.9",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b90176a9553775e23966650e445b1866e62e4924",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b90176a9553775e23966650e445b1866e62e4924"
},
{
"url": "https://git.kernel.org/stable/c/556edaa27c27db24a0f34c78cebef90e5bb6e167",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/556edaa27c27db24a0f34c78cebef90e5bb6e167"
},
{
"url": "https://git.kernel.org/stable/c/1617249e24bd04c8047956afb43feec4876d1715",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/1617249e24bd04c8047956afb43feec4876d1715"
},
{
"url": "https://git.kernel.org/stable/c/137a06dc0ff8b2d2069c2345d015ef0fa71df1ed",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/137a06dc0ff8b2d2069c2345d015ef0fa71df1ed"
},
{
"url": "https://git.kernel.org/stable/c/74159d409da82269311a60256aad8ae8753da450",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/74159d409da82269311a60256aad8ae8753da450"
},
{
"url": "https://git.kernel.org/stable/c/6a3cacf6d3cf0278aa90392aef2fc3fe2717a047",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6a3cacf6d3cf0278aa90392aef2fc3fe2717a047"
},
{
"url": "https://git.kernel.org/stable/c/de8a5f7b71800a11fbaffc8ddacf08ead78afcc5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/de8a5f7b71800a11fbaffc8ddacf08ead78afcc5"
},
{
"url": "https://git.kernel.org/stable/c/53e4efa470d5fc6a96662d2d3322cfc925818517",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/53e4efa470d5fc6a96662d2d3322cfc925818517"
}
]
},
"generator": {
"engine": "bippy-c9c4e1df01b2"
}
}

66
2024/43xxx/CVE-2024-43033.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43033",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-43033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "JPress through 5.1.1 on Windows has an arbitrary file upload vulnerability that could cause arbitrary code execution via ::$DATA to AttachmentController, such as a .jsp::$DATA file to io.jpress.web.commons.controller.AttachmentController#upload. NOTE: this is unrelated to the attack vector for CVE-2024-32358."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/JPressProjects/jpress/issues/188",
"refsource": "MISC",
"name": "https://github.com/JPressProjects/jpress/issues/188"
},
{
"refsource": "MISC",
"name": "https://cwe.mitre.org/data/definitions/69.html",
"url": "https://cwe.mitre.org/data/definitions/69.html"
},
{
"refsource": "MISC",
"name": "https://github.com/lazy-forever/CVE-Reference/tree/main/2024/43033",
"url": "https://github.com/lazy-forever/CVE-Reference/tree/main/2024/43033"
}
]
}