Auto-Update: 2024-02-19T17:01:10.767432+00:00

2025-07-11 16:13:34 +00:00 · 2024-02-19 17:01:14 +00:00 · 2024-02-19 17:01:14 +00:00 · 076e351ad7
commit 076e351ad7
parent 2ebf4d0127
3 changed files with 124 additions and 5 deletions
--- a/CVE-2024/CVE-2024-256xx/CVE-2024-25623.json
+++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25623.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-25623",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2024-02-19T16:15:51.847",
+  "lastModified": "2024-02-19T16:15:51.847",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.2.7, 4.1.15, 4.0.15, and 3.5.19, when fetching remote statuses, Mastodon doesn't check that the response from the remote server has a `Content-Type` header value of the Activity Streams media type, which allows a threat actor to upload a crafted Activity Streams document to a remote server and make a Mastodon server fetch it, if the remote server accepts arbitrary user uploads. The vulnerability allows a threat actor to impersonate an account on a remote server that satisfies all of the following properties: allows the attacker to register an account; accepts arbitrary user-uploaded documents and places them on the same domain as the ActivityPub actors; and serves user-uploaded document in response to requests with an `Accept` header value of the Activity Streams media type. Versions 4.2.7, 4.1.15, 4.0.15, and 3.5.19 contain a fix for this issue."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 4.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-434"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/mastodon/mastodon/commit/9fee5e852669e26f970e278021302e1a203fc022",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-jhrq-qvrm-qr36",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-256xx/CVE-2024-25625.json
+++ b/CVE-2024/CVE-2024-256xx/CVE-2024-25625.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-25625",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2024-02-19T16:15:52.060",
+  "lastModified": "2024-02-19T16:15:52.060",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. A potential security vulnerability has been discovered in `pimcore/admin-ui-classic-bundle` prior to version 1.3.4. The vulnerability involves a Host Header Injection in the `invitationLinkAction` function of the UserController, specifically in the way `$loginUrl` trusts user input.  The host header from incoming HTTP requests is used unsafely when generating URLs. An attacker can manipulate the HTTP host header in requests to the /admin/user/invitationlink endpoint, resulting in the generation of URLs with the attacker's domain. In fact, if a host header is injected in the POST request, the $loginURL parameter is constructed with this unvalidated host header. It is then used to send an invitation email to the provided user. This vulnerability can be used to perform phishing attacks by making the URLs in the invitation links emails point to an attacker-controlled domain. Version 1.3.4 contains a patch for the vulnerability. The maintainers recommend validating the host header and ensuring it matches the application's domain. It would also be beneficial to use a default trusted host or hostname if the incoming host header is not recognized or is absent."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.7,
+        "impactScore": 5.8
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/pimcore/admin-ui-classic-bundle/commit/b9fee9d383fc73dbd5e1d98dbb0ff3266d6b5a82",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-3qpq-6w89-f7mx",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-02-19T15:02:15.175041+00:00
+2024-02-19T17:01:10.767432+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-02-19T13:15:07.740000+00:00
+2024-02-19T16:15:52.060000+00:00
 ```

 ### Last Data Feed Release
@ -29,14 +29,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-238880
+238882
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

-* [CVE-2024-1597](CVE-2024/CVE-2024-15xx/CVE-2024-1597.json) (`2024-02-19T13:15:07.740`)
+* [CVE-2024-25623](CVE-2024/CVE-2024-256xx/CVE-2024-25623.json) (`2024-02-19T16:15:51.847`)
+* [CVE-2024-25625](CVE-2024/CVE-2024-256xx/CVE-2024-25625.json) (`2024-02-19T16:15:52.060`)


 ### CVEs modified in the last Commit