admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-03-07 17:00:33 +00:00
parent ac0ed57f0e
commit ff6905a988
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
11 changed files with 274 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2023/1xxx/CVE-2023-1192.json
View File

@ -164,9 +164,9 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2154178"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=98bea253aa28ad8be2ce565a9ca21beb4a9419e5",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d527f51331cace562393a8038d870b3e9916686f",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=98bea253aa28ad8be2ce565a9ca21beb4a9419e5"
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d527f51331cace562393a8038d870b3e9916686f"
}
]
},

5
2023/48xxx/CVE-2023-48725.json
View File

@ -67,6 +67,11 @@
"url": "https://kb.netgear.com/000066037/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-the-RAX30-PSV-2023-0160",
"refsource": "MISC",
"name": "https://kb.netgear.com/000066037/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-the-RAX30-PSV-2023-0160"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1887",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1887"
}
]
},

127
2024/1xxx/CVE-2024-1351.json
View File

@ -1,17 +1,136 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-1351",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@mongodb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result in untrusted connections to succeed. This may effectively reduce the security guarantees provided by TLS and open connections that should have been closed due to failing certificate validation. This issue affects MongoDB Server v7.0 versions prior to and including 7.0.5, MongoDB Server v6.0 versions prior to and including 6.0.13, MongoDB Server v5.0 versions prior to and including 5.0.24 and MongoDB Server v4.4 versions prior to and including 4.4.28.\n\nRequired Configuration : A server process will allow incoming connections to skip peer certificate validation if the server process was started with TLS enabled (net.tls.mode set to allowTLS, preferTLS, or requireTLS) and without a net.tls.CAFile configured.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation",
"cweId": "CWE-295"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc",
"product": {
"product_data": [
{
"product_name": "MongoDB Server",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "7.0",
"version_value": "7.0.5"
},
{
"version_affected": "<=",
"version_name": "6.0",
"version_value": "6.0.13"
},
{
"version_affected": "<=",
"version_name": "5.0",
"version_value": "5.0.24 "
},
{
"version_affected": "<=",
"version_name": "4.4",
"version_value": "4.4.28"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://jira.mongodb.org/browse/SERVER-72839",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-72839"
},
{
"url": "https://www.mongodb.com/docs/v5.0/release-notes/5.0/#5.0.25---february-28--2024",
"refsource": "MISC",
"name": "https://www.mongodb.com/docs/v5.0/release-notes/5.0/#5.0.25---february-28--2024"
},
{
"url": "https://www.mongodb.com/docs/v6.0/release-notes/6.0/#6.0.14---feb-28--2024",
"refsource": "MISC",
"name": "https://www.mongodb.com/docs/v6.0/release-notes/6.0/#6.0.14---feb-28--2024"
},
{
"url": "https://www.mongodb.com/docs/manual/release-notes/7.0/#7.0.6---feb-28--2024",
"refsource": "MISC",
"name": "https://www.mongodb.com/docs/manual/release-notes/7.0/#7.0.6---feb-28--2024"
},
{
"url": "https://www.mongodb.com/docs/manual/release-notes/4.4/#4.4.29---february-28--2024",
"refsource": "MISC",
"name": "https://www.mongodb.com/docs/manual/release-notes/4.4/#4.4.29---february-28--2024"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "INTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A server process will allow incoming connections to skip peer certificate validation if the server process was started with TLS enabled (net.tls.mode set to allowTLS, preferTLS, or requireTLS) and without a net.tls.CAFile configured.<br>"
}
],
"value": "A server process will allow incoming connections to skip peer certificate validation if the server process was started with TLS enabled (net.tls.mode set to allowTLS, preferTLS, or requireTLS) and without a net.tls.CAFile configured.\n"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

18
2024/2xxx/CVE-2024-2281.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2281",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2282.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2282",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2283.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2283",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2284.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2284",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2285.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2285",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2286.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2286",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2287.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2287",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/2xxx/CVE-2024-2288.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-2288",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}