From d86a38782e327cc2e866d66ce28cf13d76018395 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 20 Feb 2024 22:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/29xxx/CVE-2021-29038.json | 56 +++++++++++-- 2021/29xxx/CVE-2021-29050.json | 56 +++++++++++-- 2023/46xxx/CVE-2023-46967.json | 56 +++++++++++-- 2023/47xxx/CVE-2023-47422.json | 56 +++++++++++-- 2023/6xxx/CVE-2023-6936.json | 140 ++++++++++++++++++++++++++++++++- 2024/1xxx/CVE-2024-1691.json | 18 +++++ 2024/1xxx/CVE-2024-1692.json | 18 +++++ 2024/1xxx/CVE-2024-1693.json | 18 +++++ 2024/23xxx/CVE-2024-23591.json | 2 +- 2024/23xxx/CVE-2024-23830.json | 86 +++++++++++++++++++- 2024/25xxx/CVE-2024-25428.json | 56 +++++++++++-- 2024/26xxx/CVE-2024-26136.json | 81 ++++++++++++++++++- 2024/26xxx/CVE-2024-26140.json | 100 ++++++++++++++++++++++- 13 files changed, 696 insertions(+), 47 deletions(-) create mode 100644 2024/1xxx/CVE-2024-1691.json create mode 100644 2024/1xxx/CVE-2024-1692.json create mode 100644 2024/1xxx/CVE-2024-1693.json diff --git a/2021/29xxx/CVE-2021-29038.json b/2021/29xxx/CVE-2021-29038.json index fda5d775775..3746b004b47 100644 --- a/2021/29xxx/CVE-2021-29038.json +++ b/2021/29xxx/CVE-2021-29038.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-29038", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-29038", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Liferay Portal 7.2.0 through 7.3.5, and older unsupported versions, and Liferay DXP 7.3 before fix pack 1, 7.2 before fix pack 17, and older unsupported versions does not obfuscate password reminder answers on the page, which allows attackers to use man-in-the-middle or shoulder surfing attacks to steal user's password reminder answers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-29038", + "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-29038" } ] } diff --git a/2021/29xxx/CVE-2021-29050.json b/2021/29xxx/CVE-2021-29050.json index f31d06fc4e8..b7bd169f99e 100644 --- a/2021/29xxx/CVE-2021-29050.json +++ b/2021/29xxx/CVE-2021-29050.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-29050", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-29050", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-Site Request Forgery (CSRF) vulnerability in the terms of use page in Liferay Portal before 7.3.6, and Liferay DXP 7.3 before service pack 1, 7.2 before fix pack 11 allows remote attackers to accept the site's terms of use via social engineering and enticing the user to visit a malicious page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-29050", + "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-29050" } ] } diff --git a/2023/46xxx/CVE-2023-46967.json b/2023/46xxx/CVE-2023-46967.json index 1c8556254cf..f01da0ac6a2 100644 --- a/2023/46xxx/CVE-2023-46967.json +++ b/2023/46xxx/CVE-2023-46967.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-46967", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-46967", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.sonarsource.com/blog/pitfalls-of-desanitization-leaking-customer-data-from-osticket/", + "url": "https://www.sonarsource.com/blog/pitfalls-of-desanitization-leaking-customer-data-from-osticket/" } ] } diff --git a/2023/47xxx/CVE-2023-47422.json b/2023/47xxx/CVE-2023-47422.json index 31b698fdcb9..40c242483e7 100644 --- a/2023/47xxx/CVE-2023-47422.json +++ b/2023/47xxx/CVE-2023-47422.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-47422", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-47422", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, Tenda AX9 V1 V22.03.01.46, and Tenda AX12 V1 V22.03.01.46 allows attackers to bypass authentication on any endpoint via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/xiaobye-ctf/My-CVE/tree/main/Tenda/CVE-2023-47422", + "url": "https://github.com/xiaobye-ctf/My-CVE/tree/main/Tenda/CVE-2023-47422" } ] } diff --git a/2023/6xxx/CVE-2023-6936.json b/2023/6xxx/CVE-2023-6936.json index 64c6456e7d8..4ae35dd4ed6 100644 --- a/2023/6xxx/CVE-2023-6936.json +++ b/2023/6xxx/CVE-2023-6936.json @@ -1,17 +1,149 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-6936", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "facts@wolfssl.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wolfSSL", + "product": { + "product_data": [ + { + "product_name": "wolfSSL", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "5.6.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/wolfSSL/wolfssl/pull/6949/", + "refsource": "MISC", + "name": "https://github.com/wolfSSL/wolfssl/pull/6949/" + }, + { + "url": "https://www.wolfssl.com/docs/security-vulnerabilities/", + "refsource": "MISC", + "name": "https://www.wolfssl.com/docs/security-vulnerabilities/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "configuration": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "To be vulnerable, wolfSSL callback functionality (which includes handshake and timeout callback functionality) must must be enabled with:
CFLAGS=\"-DWOLFSSL_CALLBACKS\"

This option is disabled by default. The default configuration of wolfSSL is not vulnerable." + } + ], + "value": "To be vulnerable, wolfSSL callback functionality (which includes handshake and timeout callback functionality) must must be enabled with:\nCFLAGS=\"-DWOLFSSL_CALLBACKS\"\n\nThis option is disabled by default. The default configuration of wolfSSL is not vulnerable." + } + ], + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "
  • Do not build wolfSSL with WOLFSSL_CALLBACKS defined
    • " + } + ], + "value": " * Do not build wolfSSL with WOLFSSL_CALLBACKS defined\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "

    The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949/

    " + } + ], + "value": "The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949/ https://github.com/wolfSSL/wolfssl/pull/6949/ \n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Lucca Hirschi (Inria, LORIA)" + }, + { + "lang": "en", + "value": "Steve Kremer (Inria, LORIA)" + }, + { + "lang": "en", + "value": "Max Ammann (Trail of Bits)" + }, + { + "lang": "en", + "value": "tlspuffin" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/1xxx/CVE-2024-1691.json b/2024/1xxx/CVE-2024-1691.json new file mode 100644 index 00000000000..3b7c08ab3af --- /dev/null +++ b/2024/1xxx/CVE-2024-1691.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-1691", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/1xxx/CVE-2024-1692.json b/2024/1xxx/CVE-2024-1692.json new file mode 100644 index 00000000000..18b578da44d --- /dev/null +++ b/2024/1xxx/CVE-2024-1692.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-1692", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/1xxx/CVE-2024-1693.json b/2024/1xxx/CVE-2024-1693.json new file mode 100644 index 00000000000..67b6bf7fd46 --- /dev/null +++ b/2024/1xxx/CVE-2024-1693.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-1693", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/23xxx/CVE-2024-23591.json b/2024/23xxx/CVE-2024-23591.json index 05fa404d0e8..111f7cbc6c3 100644 --- a/2024/23xxx/CVE-2024-23591.json +++ b/2024/23xxx/CVE-2024-23591.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow \n\nan attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting.\n\n" + "value": "ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow \n\nan attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting.\u00a0The server\u2019s NIST SP\n800-193-compliant Platform Firmware Resiliency (PFR) security subsystem\nsignificantly mitigates this issue." } ] }, diff --git a/2024/23xxx/CVE-2024-23830.json b/2024/23xxx/CVE-2024-23830.json index a9d7de073c2..fb45c7446b6 100644 --- a/2024/23xxx/CVE-2024-23830.json +++ b/2024/23xxx/CVE-2024-23830.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23830", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "MantisBT is an open source issue tracker. Prior to version 2.26.1, an unauthenticated attacker who knows a user's email address and username can hijack the user's account by poisoning the link in the password reset notification message. A patch is available in version 2.26.1. As a workaround, define `$g_path` as appropriate in `config_inc.php`." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mantisbt", + "product": { + "product_data": [ + { + "product_name": "mantisbt", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 2.26.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-mcqj-7p29-9528", + "refsource": "MISC", + "name": "https://github.com/mantisbt/mantisbt/security/advisories/GHSA-mcqj-7p29-9528" + }, + { + "url": "https://github.com/mantisbt/mantisbt/commit/7055731d09ff12b2781410a372f790172e279744", + "refsource": "MISC", + "name": "https://github.com/mantisbt/mantisbt/commit/7055731d09ff12b2781410a372f790172e279744" + }, + { + "url": "https://mantisbt.org/bugs/view.php?id=19381", + "refsource": "MISC", + "name": "https://mantisbt.org/bugs/view.php?id=19381" + } + ] + }, + "source": { + "advisory": "GHSA-mcqj-7p29-9528", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", + "version": "3.1" } ] } diff --git a/2024/25xxx/CVE-2024-25428.json b/2024/25xxx/CVE-2024-25428.json index 4705b6b7eb0..7c8763d906c 100644 --- a/2024/25xxx/CVE-2024-25428.json +++ b/2024/25xxx/CVE-2024-25428.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-25428", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-25428", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via the status parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/wuweiit/mushroom/issues/19", + "refsource": "MISC", + "name": "https://github.com/wuweiit/mushroom/issues/19" } ] } diff --git a/2024/26xxx/CVE-2024-26136.json b/2024/26xxx/CVE-2024-26136.json index 2662810dc06..25e14ef817e 100644 --- a/2024/26xxx/CVE-2024-26136.json +++ b/2024/26xxx/CVE-2024-26136.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-26136", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "kedi ElectronCord is a bot management tool for Discord. Commit aaaeaf4e6c99893827b2eea4dd02f755e1e24041 exposes an account access token in the `config.json` file. Malicious actors could potentially exploit this vulnerability to gain unauthorized access to sensitive information or perform malicious actions on behalf of the repository owner. As of time of publication, it is unknown whether the owner of the repository has rotated the token or taken other mitigation steps aside from informing users of the situation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "kedi", + "product": { + "product_data": [ + { + "product_name": "ElectronCord", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "= aaaeaf4e6c99893827b2eea4dd02f755e1e24041" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/kedi/ElectronCord/security/advisories/GHSA-ppwc-5vwp-mhw8", + "refsource": "MISC", + "name": "https://github.com/kedi/ElectronCord/security/advisories/GHSA-ppwc-5vwp-mhw8" + }, + { + "url": "https://github.com/kedi/ElectronCord/commit/aaaeaf4e6c99893827b2eea4dd02f755e1e24041", + "refsource": "MISC", + "name": "https://github.com/kedi/ElectronCord/commit/aaaeaf4e6c99893827b2eea4dd02f755e1e24041" + } + ] + }, + "source": { + "advisory": "GHSA-ppwc-5vwp-mhw8", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/26xxx/CVE-2024-26140.json b/2024/26xxx/CVE-2024-26140.json index 8a3726b7410..d712b72ac97 100644 --- a/2024/26xxx/CVE-2024-26140.json +++ b/2024/26xxx/CVE-2024-26140.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-26140", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "com.yetanalytics/lrs is the Yet Analytics Core LRS Library. Prior to version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS, a maliciously crafted xAPI statement could be used to perform script or other tag injection in the LRS Statement Browser. The problem is patched in version 1.2.17 of the LRS library and version 0.7.5 of SQL LRS. No known workarounds exist." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "yetanalytics", + "product": { + "product_data": [ + { + "product_name": "lrs", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.7.5" + }, + { + "version_affected": "=", + "version_value": "< 1.2.17" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/yetanalytics/lrs/security/advisories/GHSA-7rw2-3hhp-rc46", + "refsource": "MISC", + "name": "https://github.com/yetanalytics/lrs/security/advisories/GHSA-7rw2-3hhp-rc46" + }, + { + "url": "https://github.com/yetanalytics/lrs/commit/d7f4883bc2252337d25e8bba2c7f9d172f5b0621", + "refsource": "MISC", + "name": "https://github.com/yetanalytics/lrs/commit/d7f4883bc2252337d25e8bba2c7f9d172f5b0621" + }, + { + "url": "https://clojars.org/com.yetanalytics/lrs/versions/1.2.17", + "refsource": "MISC", + "name": "https://clojars.org/com.yetanalytics/lrs/versions/1.2.17" + }, + { + "url": "https://github.com/yetanalytics/lrs/releases/tag/v1.2.17", + "refsource": "MISC", + "name": "https://github.com/yetanalytics/lrs/releases/tag/v1.2.17" + }, + { + "url": "https://github.com/yetanalytics/lrsql/releases/tag/v0.7.5", + "refsource": "MISC", + "name": "https://github.com/yetanalytics/lrsql/releases/tag/v0.7.5" + } + ] + }, + "source": { + "advisory": "GHSA-7rw2-3hhp-rc46", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L", + "version": "3.1" } ] }