admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-08 22:00:34 +00:00
parent 5ee05b0ca8
commit df89f3a4b9
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
5 changed files with 334 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
2024/3xxx/CVE-2024-3653.json
View File

@ -35,6 +35,82 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.1.0",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.2.33-1.SP1_redhat_00001.1.el8eap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.2.33-1.SP1_redhat_00001.1.el9eap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.2.33-1.SP1_redhat_00001.1.el7eap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 8",
"version": {
@ -204,19 +280,6 @@
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"version": {
@ -308,6 +371,26 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:4392"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5143",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5143"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5144",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5144"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5145",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5145"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5147",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5147"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3653",
"refsource": "MISC",

109
2024/5xxx/CVE-2024-5971.json
View File

@ -48,6 +48,82 @@
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.1.0",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.2.33-1.SP1_redhat_00001.1.el8eap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.2.33-1.SP1_redhat_00001.1.el9eap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.2.33-1.SP1_redhat_00001.1.el7eap",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 8",
"version": {
@ -152,19 +228,6 @@
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"version": {
@ -235,6 +298,26 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:4884"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5143",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5143"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5144",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5144"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5145",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5145"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:5147",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:5147"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-5971",
"refsource": "MISC",

110
2024/7xxx/CVE-2024-7557.json
View File

@ -1,17 +1,119 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7557",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege escalation across models within the same namespace. When deploying AI models, the UI provides the option to protect models with authentication. However, credentials from one model can be used to access other models and APIs within the same namespace. The exposed ServiceAccount tokens, visible in the UI, can be utilized with oc --token={token} to exploit the elevated view privileges associated with the ServiceAccount, leading to unauthorized access to additional resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift AI (RHOAI)",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat OpenShift Data Science (RHODS)",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-7557",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2024-7557"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303094",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2303094"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Adam Bellusci (RedHat) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
}
]
}

18
2024/7xxx/CVE-2024-7631.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7631",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7632.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7632",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}