admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/28xxx/CVE-2024-28752.json
CVE Team 02ae5fbb14
"-Synchronized-Data."
2024-06-10 17:00:52 +00:00

87 lines
2.9 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-28752",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)",
"cweId": "CWE-918"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache CXF",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.0.4, 3.6.3, 3.5.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt",
"refsource": "MISC",
"name": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/14/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/03/14/3"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240517-0001/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20240517-0001/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Tobias S. Fink"
}
]
}
Reference in New Issue View Git Blame Copy Permalink