mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-07 05:28:59 +00:00
33 lines
1.1 KiB
JSON
33 lines
1.1 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2024-56083",
|
||
|
|
"sourceIdentifier": "cve@mitre.org",
|
||
|
|
"published": "2024-12-16T03:15:04.650",
|
||
|
|
"lastModified": "2024-12-16T03:15:04.650",
|
||
|
|
"vulnStatus": "Received",
|
||
|
|
"cveTags": [],
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "Cognition Devin before 2024-12-12 provides write access to code by an attacker who discovers the https://vscode-randomly_generated_string.devinapps.com URL (aka the VSCode live share URL) for a specific \"Use Devin's Machine\" session. For example, this URL may be discovered if a customer posts a screenshot of a Devin session to social media, or publicly streams their Devin session."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {},
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "https://news.ycombinator.com/item?id=42420423",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://trust.cognition.ai",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://www.youtube.com/watch?v=927W6zzvV-c",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://x.com/cognition_labs/status/1867351521035530698",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|