From ed1685369a192443620eb50f4e4c96bca8668f2d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 25 Apr 2024 18:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/25xxx/CVE-2018-25102.json | 18 ++++ 2023/5xxx/CVE-2023-5403.json | 157 ++++----------------------------- 2024/22xxx/CVE-2024-22391.json | 5 -- 2024/25xxx/CVE-2024-25569.json | 5 -- 2024/25xxx/CVE-2024-25700.json | 78 +--------------- 2024/28xxx/CVE-2024-28834.json | 97 ++++++++++---------- 2024/28xxx/CVE-2024-28835.json | 45 ---------- 2024/2xxx/CVE-2024-2700.json | 20 ----- 2024/2xxx/CVE-2024-2905.json | 116 +++++++++++++++++++++++- 2024/2xxx/CVE-2024-2947.json | 61 ++----------- 2024/32xxx/CVE-2024-32481.json | 91 ++++++++++++++++++- 2024/32xxx/CVE-2024-32645.json | 76 +++++++++++++++- 2024/32xxx/CVE-2024-32646.json | 76 +++++++++++++++- 2024/32xxx/CVE-2024-32647.json | 81 ++++++++++++++++- 2024/32xxx/CVE-2024-32648.json | 86 +++++++++++++++++- 2024/32xxx/CVE-2024-32649.json | 76 +++++++++++++++- 2024/3xxx/CVE-2024-3019.json | 40 --------- 2024/3xxx/CVE-2024-3446.json | 40 --------- 2024/3xxx/CVE-2024-3508.json | 78 +++++++++++++++- 2024/3xxx/CVE-2024-3567.json | 40 --------- 2024/3xxx/CVE-2024-3622.json | 85 +++++++++++++++++- 2024/3xxx/CVE-2024-3623.json | 85 +++++++++++++++++- 2024/3xxx/CVE-2024-3624.json | 85 +++++++++++++++++- 2024/3xxx/CVE-2024-3625.json | 85 +++++++++++++++++- 2024/4xxx/CVE-2024-4200.json | 18 ++++ 2024/4xxx/CVE-2024-4201.json | 18 ++++ 2024/4xxx/CVE-2024-4202.json | 18 ++++ 2024/4xxx/CVE-2024-4203.json | 18 ++++ 2024/4xxx/CVE-2024-4204.json | 18 ++++ 2024/4xxx/CVE-2024-4205.json | 18 ++++ 2024/4xxx/CVE-2024-4206.json | 18 ++++ 2024/4xxx/CVE-2024-4207.json | 18 ++++ 2024/4xxx/CVE-2024-4208.json | 18 ++++ 2024/4xxx/CVE-2024-4209.json | 18 ++++ 34 files changed, 1248 insertions(+), 558 deletions(-) create mode 100644 2018/25xxx/CVE-2018-25102.json create mode 100644 2024/4xxx/CVE-2024-4200.json create mode 100644 2024/4xxx/CVE-2024-4201.json create mode 100644 2024/4xxx/CVE-2024-4202.json create mode 100644 2024/4xxx/CVE-2024-4203.json create mode 100644 2024/4xxx/CVE-2024-4204.json create mode 100644 2024/4xxx/CVE-2024-4205.json create mode 100644 2024/4xxx/CVE-2024-4206.json create mode 100644 2024/4xxx/CVE-2024-4207.json create mode 100644 2024/4xxx/CVE-2024-4208.json create mode 100644 2024/4xxx/CVE-2024-4209.json diff --git a/2018/25xxx/CVE-2018-25102.json b/2018/25xxx/CVE-2018-25102.json new file mode 100644 index 00000000000..f0ab3374cad --- /dev/null +++ b/2018/25xxx/CVE-2018-25102.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-25102", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/5xxx/CVE-2023-5403.json b/2023/5xxx/CVE-2023-5403.json index 6f0e67d598d..ccbc6f77ec6 100644 --- a/2023/5xxx/CVE-2023-5403.json +++ b/2023/5xxx/CVE-2023-5403.json @@ -40,148 +40,29 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF1", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "510.2 HF14", - "status": "unaffected" - } - ], - "lessThanOrEqual": "510.2 HF13", - "status": "unaffected", - "version": "510.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.2", + "version_value": "520.2 TCU4" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "511.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "510.1", + "version_value": "510.2 HF13" }, { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "changes": [ - { - "at": "520.2 TCU4 HF2", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.2 TCU4", - "status": "unaffected", - "version": "520.2", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "520.1 TCU5", - "status": "unaffected" - } - ], - "lessThanOrEqual": "520.1 TCU4", - "status": "unaffected", - "version": "520.1", - "versionType": "semver" - }, - { - "changes": [ - { - "at": "511.5 TCU4 HF4", - "status": "unaffected" - } - ], - "lessThanOrEqual": "511.5 TCU4 HF3", - "status": "unaffected", - "version": "520.2 TCU4 HFR2", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } + "version_affected": "<=", + "version_name": "520.1", + "version_value": "520.1 TCU4" + }, + { + "version_affected": "<=", + "version_name": "511.1", + "version_value": "511.5 TCU4 HF3" + }, + { + "version_affected": "<=", + "version_name": "520.2 TCU4 HFR2", + "version_value": "511.5 TCU4 HF3" } ] } diff --git a/2024/22xxx/CVE-2024-22391.json b/2024/22xxx/CVE-2024-22391.json index f3cd5d11837..4dd33dc0fbd 100644 --- a/2024/22xxx/CVE-2024-22391.json +++ b/2024/22xxx/CVE-2024-22391.json @@ -58,11 +58,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1924", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1924" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1924", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1924" } ] }, diff --git a/2024/25xxx/CVE-2024-25569.json b/2024/25xxx/CVE-2024-25569.json index caa2c4f130b..d0299aa7b25 100644 --- a/2024/25xxx/CVE-2024-25569.json +++ b/2024/25xxx/CVE-2024-25569.json @@ -58,11 +58,6 @@ "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1944", "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1944" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1944", - "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1944" } ] }, diff --git a/2024/25xxx/CVE-2024-25700.json b/2024/25xxx/CVE-2024-25700.json index e59cf51a49a..7f75dd237ed 100644 --- a/2024/25xxx/CVE-2024-25700.json +++ b/2024/25xxx/CVE-2024-25700.json @@ -5,87 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2024-25700", "ASSIGNER": "psirt@esri.com", - "STATE": "PUBLIC" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Web App Builder versions <= 11.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in a web map link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser. The privileges required to execute this attack are high.\u00a0" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", - "cweId": "CWE-79" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Esri", - "product": { - "product_data": [ - { - "product_name": "ArcGIS Enterprise", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "all", - "version_value": "<=11.1" - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/", - "refsource": "MISC", - "name": "https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/" - } - ] - }, - "generator": { - "engine": "Vulnogram 0.1.0-dev" - }, - "source": { - "defect": [ - "BUG-000160599" - ], - "discovery": "UNKNOWN" - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 4.8, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" + "value": "** REJECT ** \nThis CVE ID has been rejected or withdrawn by its CVE Numbering Authority because this item is scheduled to be patched at a future time." } ] } diff --git a/2024/28xxx/CVE-2024-28834.json b/2024/28xxx/CVE-2024-28834.json index 90470045d41..999f3f28e48 100644 --- a/2024/28xxx/CVE-2024-28834.json +++ b/2024/28xxx/CVE-2024-28834.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "gnutls", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "3.8.4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -95,6 +70,48 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.6.16-5.el8_6.4", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.6.16-7.el8_8.3", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9", "version": { @@ -158,26 +175,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -194,6 +191,16 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2024:1879" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:1997", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:1997" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:2044", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2024:2044" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-28834", "refsource": "MISC", diff --git a/2024/28xxx/CVE-2024-28835.json b/2024/28xxx/CVE-2024-28835.json index ce4f965b95b..a782e67aff7 100644 --- a/2024/28xxx/CVE-2024-28835.json +++ b/2024/28xxx/CVE-2024-28835.json @@ -31,31 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "gnutls", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "3.8.4", - "status": "unaffected" - } - ] - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -136,26 +111,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/2xxx/CVE-2024-2700.json b/2024/2xxx/CVE-2024-2700.json index 2f04b2fc2eb..df6364a144c 100644 --- a/2024/2xxx/CVE-2024-2700.json +++ b/2024/2xxx/CVE-2024-2700.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "upstream", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { diff --git a/2024/2xxx/CVE-2024-2905.json b/2024/2xxx/CVE-2024-2905.json index 47aa64ceb50..2de09103714 100644 --- a/2024/2xxx/CVE-2024-2905.json +++ b/2024/2xxx/CVE-2024-2905.json @@ -1,17 +1,125 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-2905", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incorrect Permission Assignment for Critical Resource", + "cweId": "CWE-732" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-2905", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-2905" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271585", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2271585" + }, + { + "url": "https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6", + "refsource": "MISC", + "name": "https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6" + } + ] + }, + "work_around": [ + { + "lang": "en", + "value": "If you need to apply the fix immediately, you can run the following commands, using credentials that have administrator access to an OpenShift cluster:\n\n# List current permissions for all nodes\nfor node in $( oc get nodes -oname) ; do echo $node ; oc debug $node -- bash -c \"ls -alhZ /host/etc/*shadow*\"; done\n\n# Set correct permissions\nfor node in $( oc get nodes -oname) ; do echo $node ; oc debug $node -- chmod --verbose 0000 /host/etc/shadow /host/etc/gshadow /host/etc/shadow- /host/etc/gshadow-; done\n\nAs a precaution, we recommend rotating all user credentials stored in those files." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/2xxx/CVE-2024-2947.json b/2024/2xxx/CVE-2024-2947.json index 55ab1d1f6c5..5b45cb6904e 100644 --- a/2024/2xxx/CVE-2024-2947.json +++ b/2024/2xxx/CVE-2024-2947.json @@ -31,37 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "cockpit", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "314", - "status": "unaffected" - } - ] - } - }, - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -107,26 +76,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } @@ -143,11 +92,6 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2271614" }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQY2HGDJW2JY27ALTS4GEVZZJJ4XQ36/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQY2HGDJW2JY27ALTS4GEVZZJJ4XQ36/" - }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNG7GXOZI6QH3OIQJYAYDB3CRRGH37Q5/", "refsource": "MISC", @@ -157,6 +101,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N3Q5SDIFACAY4VHACN5MMCMT3A53A3FB/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N3Q5SDIFACAY4VHACN5MMCMT3A53A3FB/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQY2HGDJW2JY27ALTS4GEVZZJJ4XQ36/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQY2HGDJW2JY27ALTS4GEVZZJJ4XQ36/" } ] }, diff --git a/2024/32xxx/CVE-2024-32481.json b/2024/32xxx/CVE-2024-32481.json index c8de9b69945..cef53366ddb 100644 --- a/2024/32xxx/CVE-2024-32481.json +++ b/2024/32xxx/CVE-2024-32481.json @@ -1,17 +1,100 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-32481", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a `range` of the form `range(start, start + N)`, if `start` is negative, the execution will always revert. This issue is caused by an incorrect assertion inserted by the code generation of the range `stmt.parse_For_range()`. The issue arises when `start` is signed, instead of using `sle`, `le` is used and `start` is interpreted as an unsigned integer for the comparison. If it is a negative number, its 255th bit is set to `1` and is hence interpreted as a very large unsigned integer making the assertion always fail. Any contract having a `range(start, start + N)` where `start` is a signed integer with the possibility for `start` to be negative is affected. If a call goes through the loop while supplying a negative `start` the execution will revert. Version 0.4.0b1 fixes the issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-681: Incorrect Conversion between Numeric Types", + "cweId": "CWE-681" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "vyperlang", + "product": { + "product_data": [ + { + "product_name": "vyper", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 0.3.8, < 0.4.0b1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-ppx5-q359-pvwj", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-ppx5-q359-pvwj" + }, + { + "url": "https://github.com/vyperlang/vyper/commit/3de1415ee77a9244eb04bdb695e249d3ec9ed868", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/commit/3de1415ee77a9244eb04bdb695e249d3ec9ed868" + }, + { + "url": "https://github.com/vyperlang/vyper/commit/5319cfbe14951e007ccdb323257e5ada869b35d5", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/commit/5319cfbe14951e007ccdb323257e5ada869b35d5" + }, + { + "url": "https://github.com/vyperlang/vyper/blob/9136169468f317a53b4e7448389aa315f90b95ba/vyper/codegen/stmt.py#L286-L287", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/blob/9136169468f317a53b4e7448389aa315f90b95ba/vyper/codegen/stmt.py#L286-L287" + } + ] + }, + "source": { + "advisory": "GHSA-ppx5-q359-pvwj", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/32xxx/CVE-2024-32645.json b/2024/32xxx/CVE-2024-32645.json index fb316fbe502..6fd7ed5c18e 100644 --- a/2024/32xxx/CVE-2024-32645.json +++ b/2024/32xxx/CVE-2024-32645.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-32645", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when `raw_log` builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in production. The `build_IR` function of the `RawLog` class fails to properly unwrap the variables provided as topics. Consequently, incorrect values are logged as topics. As of time of publication, no fixed version is available." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "vyperlang", + "product": { + "product_data": [ + { + "product_name": "vyper", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 0.3.10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-xchq-w5r3-4wg3", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-xchq-w5r3-4wg3" + } + ] + }, + "source": { + "advisory": "GHSA-xchq-w5r3-4wg3", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/32xxx/CVE-2024-32646.json b/2024/32xxx/CVE-2024-32646.json index 3437f8c8521..52d7223ee7d 100644 --- a/2024/32xxx/CVE-2024-32646.json +++ b/2024/32xxx/CVE-2024-32646.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-32646", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `slice` builtin can result in a double eval vulnerability when the buffer argument is either `msg.data`, `self.code` or `
.code` and either the `start` or `length` arguments have side-effects. It can be easily triggered only with the versions `<0.3.4` as `0.3.4` introduced the unique symbol fence. No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions are available.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "vyperlang", + "product": { + "product_data": [ + { + "product_name": "vyper", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 0.3.10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-r56x-j438-vw5m", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-r56x-j438-vw5m" + } + ] + }, + "source": { + "advisory": "GHSA-r56x-j438-vw5m", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/32xxx/CVE-2024-32647.json b/2024/32xxx/CVE-2024-32647.json index 2dd2d51d984..b22c12ebc5e 100644 --- a/2024/32xxx/CVE-2024-32647.json +++ b/2024/32xxx/CVE-2024-32647.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-32647", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `create_from_blueprint` builtin can result in a double eval vulnerability when `raw_args=True` and the `args` argument has side-effects. It can be seen that the `_build_create_IR` function of the `create_from_blueprint` builtin doesn't cache the mentioned `args` argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions exist.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", + "cweId": "CWE-95" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "vyperlang", + "product": { + "product_data": [ + { + "product_name": "vyper", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 0.3.10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-3whq-64q2-qfj6", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-3whq-64q2-qfj6" + }, + { + "url": "https://github.com/vyperlang/vyper/blob/cedf7087e68e67c7bfbd47ae95dcb16b81ad2e02/vyper/builtins/functions.py#L1847", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/blob/cedf7087e68e67c7bfbd47ae95dcb16b81ad2e02/vyper/builtins/functions.py#L1847" + } + ] + }, + "source": { + "advisory": "GHSA-3whq-64q2-qfj6", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/32xxx/CVE-2024-32648.json b/2024/32xxx/CVE-2024-32648.json index c6c95c9a104..8b000a14408 100644 --- a/2024/32xxx/CVE-2024-32648.json +++ b/2024/32xxx/CVE-2024-32648.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-32648", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Prior to version 0.3.0, default functions don't respect nonreentrancy keys and the lock isn't emitted. No vulnerable production contracts were found. Additionally, using a lock on a `default` function is a very sparsely used pattern. As such, the impact is low. Version 0.3.0 contains a patch for the issue.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-667: Improper Locking", + "cweId": "CWE-667" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "vyperlang", + "product": { + "product_data": [ + { + "product_name": "vyper", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-m2v9-w374-5hj9", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-m2v9-w374-5hj9" + }, + { + "url": "https://github.com/vyperlang/vyper/issues/2455", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/issues/2455" + }, + { + "url": "https://github.com/vyperlang/vyper/commit/93287e5ac184b53b395c907d40701f721daf8177", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/commit/93287e5ac184b53b395c907d40701f721daf8177" + } + ] + }, + "source": { + "advisory": "GHSA-m2v9-w374-5hj9", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/32xxx/CVE-2024-32649.json b/2024/32xxx/CVE-2024-32649.json index d2d52b9a5d5..19b31077fb0 100644 --- a/2024/32xxx/CVE-2024-32649.json +++ b/2024/32xxx/CVE-2024-32649.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-32649", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `sqrt` builtin can result in double eval vulnerability when the argument has side-effects. It can be seen that the `build_IR` function of the `sqrt` builtin doesn't cache the argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions are available.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", + "cweId": "CWE-95" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "vyperlang", + "product": { + "product_data": [ + { + "product_name": "vyper", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 0.3.10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-5jrj-52x8-m64h", + "refsource": "MISC", + "name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-5jrj-52x8-m64h" + } + ] + }, + "source": { + "advisory": "GHSA-5jrj-52x8-m64h", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3019.json b/2024/3xxx/CVE-2024-3019.json index 49d10879595..a7455b0368a 100644 --- a/2024/3xxx/CVE-2024-3019.json +++ b/2024/3xxx/CVE-2024-3019.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "pcp", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -109,26 +89,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/3xxx/CVE-2024-3446.json b/2024/3xxx/CVE-2024-3446.json index 64c99dcf5da..2bc64423285 100644 --- a/2024/3xxx/CVE-2024-3446.json +++ b/2024/3xxx/CVE-2024-3446.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "qemu", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -128,26 +108,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/3xxx/CVE-2024-3508.json b/2024/3xxx/CVE-2024-3508.json index 2ba0eea5f6c..bbe90afaf36 100644 --- a/2024/3xxx/CVE-2024-3508.json +++ b/2024/3xxx/CVE-2024-3508.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3508", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in the JSON. To perform this verification, the uploaded file must first be decompressed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Trusted Profile Analyzer", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-3508", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-3508" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274109", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2274109" + } + ] + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3567.json b/2024/3xxx/CVE-2024-3567.json index 4c3b85e1963..949c9e69f70 100644 --- a/2024/3xxx/CVE-2024-3567.json +++ b/2024/3xxx/CVE-2024-3567.json @@ -31,26 +31,6 @@ "affects": { "vendor": { "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "qemu", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - }, { "vendor_name": "Red Hat", "product": { @@ -128,26 +108,6 @@ } ] } - }, - { - "vendor_name": "Fedora", - "product": { - "product_data": [ - { - "product_name": "Fedora", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "affected" - } - } - ] - } - } - ] - } } ] } diff --git a/2024/3xxx/CVE-2024-3622.json b/2024/3xxx/CVE-2024-3622.json index 6d95a8ecc19..bd04da08686 100644 --- a/2024/3xxx/CVE-2024-3622.json +++ b/2024/3xxx/CVE-2024-3622.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3622", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same secret key. This flaw allows a malicious actor to craft session cookies and as a consequence, it may lead to gaining access to the affected Quay instance." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Plaintext Storage of a Password", + "cweId": "CWE-256" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "mirror registry for Red Hat OpenShift", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-3622", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-3622" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274400", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2274400" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Red Hat would like to thank Solomon Roberts (BadgerOps.net works) for reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3623.json b/2024/3xxx/CVE-2024-3623.json index 5b453b78d5f..ef38e07e873 100644 --- a/2024/3xxx/CVE-2024-3623.json +++ b/2024/3xxx/CVE-2024-3623.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3623", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found when using mirror-registry to install Quay. It uses a default database secret key, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same database secret key. This flaw allows a malicious actor to access sensitive information from Quay's database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Plaintext Storage of a Password", + "cweId": "CWE-256" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "mirror registry for Red Hat OpenShift", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-3623", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-3623" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274404", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2274404" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Red Hat would like to thank Solomon Roberts (BadgerOps.net works) for reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3624.json b/2024/3xxx/CVE-2024-3624.json index 7e4388a99fd..7c95690ab05 100644 --- a/2024/3xxx/CVE-2024-3624.json +++ b/2024/3xxx/CVE-2024-3624.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3624", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Plaintext Storage of a Password", + "cweId": "CWE-256" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "mirror registry for Red Hat OpenShift", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-3624", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-3624" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274407", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2274407" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Red Hat would like to thank Solomon Roberts (BadgerOps.net works) for reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/3xxx/CVE-2024-3625.json b/2024/3xxx/CVE-2024-3625.json index c46acbbb41e..e13fe62b158 100644 --- a/2024/3xxx/CVE-2024-3625.json +++ b/2024/3xxx/CVE-2024-3625.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3625", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on Jinja's config.yaml file. This issue leaves the possibility of a malicious actor with access to this file to gain access to Quay's Redis instance." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Plaintext Storage of a Password", + "cweId": "CWE-256" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "mirror registry for Red Hat OpenShift", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-3625", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-3625" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274408", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2274408" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Red Hat would like to thank Solomon Roberts (BadgerOps.net works) for reporting this issue." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/4xxx/CVE-2024-4200.json b/2024/4xxx/CVE-2024-4200.json new file mode 100644 index 00000000000..f5f04fc1c7c --- /dev/null +++ b/2024/4xxx/CVE-2024-4200.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4200", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4201.json b/2024/4xxx/CVE-2024-4201.json new file mode 100644 index 00000000000..d6711503bed --- /dev/null +++ b/2024/4xxx/CVE-2024-4201.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4201", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4202.json b/2024/4xxx/CVE-2024-4202.json new file mode 100644 index 00000000000..35a68e9a42e --- /dev/null +++ b/2024/4xxx/CVE-2024-4202.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4202", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4203.json b/2024/4xxx/CVE-2024-4203.json new file mode 100644 index 00000000000..cbda7ec264c --- /dev/null +++ b/2024/4xxx/CVE-2024-4203.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4203", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4204.json b/2024/4xxx/CVE-2024-4204.json new file mode 100644 index 00000000000..b937b7d8133 --- /dev/null +++ b/2024/4xxx/CVE-2024-4204.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4204", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4205.json b/2024/4xxx/CVE-2024-4205.json new file mode 100644 index 00000000000..21685c4d65f --- /dev/null +++ b/2024/4xxx/CVE-2024-4205.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4205", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4206.json b/2024/4xxx/CVE-2024-4206.json new file mode 100644 index 00000000000..fb8e7e8a68d --- /dev/null +++ b/2024/4xxx/CVE-2024-4206.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4206", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4207.json b/2024/4xxx/CVE-2024-4207.json new file mode 100644 index 00000000000..4ac02612a02 --- /dev/null +++ b/2024/4xxx/CVE-2024-4207.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4207", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4208.json b/2024/4xxx/CVE-2024-4208.json new file mode 100644 index 00000000000..e8f6dc56fce --- /dev/null +++ b/2024/4xxx/CVE-2024-4208.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4208", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4209.json b/2024/4xxx/CVE-2024-4209.json new file mode 100644 index 00000000000..0184a41cba5 --- /dev/null +++ b/2024/4xxx/CVE-2024-4209.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-4209", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file