admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-12-18 00:17:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-12-16T11:00:48.631145+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-12-16 11:04:13 +00:00
parent 199d6d616a
commit 1c6037bb10
4 changed files with 163 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2024/CVE-2024-123xx/CVE-2024-12362.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-12362",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-16T10:15:05.097",
"lastModified": "2024-12-16T10:15:05.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in InvoicePlane up to 1.6.1. It has been classified as problematic. This affects the function download of the file invoices.php. The manipulation of the argument invoice leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.2-beta-1 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/InvoicePlane/InvoicePlane/pull/1127",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/InvoicePlane/InvoicePlane/releases/tag/v1.6.2-beta-1",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.288537",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.288537",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.459908",
"source": "cna@vuldb.com"
}
]
}

4
CVE-2024/CVE-2024-536xx/CVE-2024-53677.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-53677",
"sourceIdentifier": "security@apache.org",
"published": "2024-12-11T16:15:14.593",
"lastModified": "2024-12-12T16:15:55.177",
"lastModified": "2024-12-16T10:15:06.330",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "File upload logic is flawed vulnerability in Apache Struts.\n\nThis issue affects Apache Struts: from 2.0.0 before 6.4.0.\n\nUsers are recommended to upgrade to version 6.4.0, which fixes the issue.\n\nYou can find more details in\u00a0 https://cwiki.apache.org/confluence/display/WW/S2-067"
"value": "File upload logic is flawed vulnerability in Apache Struts.\n\nThis issue affects Apache Struts: from 2.0.0 before 6.4.0.\n\nUsers are recommended to upgrade to version 6.4.0\u00a0migrate to the new file upload mechanism https://struts.apache.org/core-developers/file-upload .\n\nYou can find more details in\u00a0 https://cwiki.apache.org/confluence/display/WW/S2-067"
},
{
"lang": "es",

23
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-16T09:00:32.963337+00:00
2024-12-16T11:00:48.631145+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-16T08:15:05.513000+00:00
2024-12-16T10:15:06.330000+00:00
```
### Last Data Feed Release
@ -33,30 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
273909
273910
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `1`
- [CVE-2024-12641](CVE-2024/CVE-2024-126xx/CVE-2024-12641.json) (`2024-12-16T07:15:05.787`)
- [CVE-2024-12642](CVE-2024/CVE-2024-126xx/CVE-2024-12642.json) (`2024-12-16T07:15:06.023`)
- [CVE-2024-12643](CVE-2024/CVE-2024-126xx/CVE-2024-12643.json) (`2024-12-16T07:15:06.217`)
- [CVE-2024-12644](CVE-2024/CVE-2024-126xx/CVE-2024-12644.json) (`2024-12-16T07:15:06.387`)
- [CVE-2024-12645](CVE-2024/CVE-2024-126xx/CVE-2024-12645.json) (`2024-12-16T07:15:06.560`)
- [CVE-2024-12646](CVE-2024/CVE-2024-126xx/CVE-2024-12646.json) (`2024-12-16T07:15:06.737`)
- [CVE-2024-48872](CVE-2024/CVE-2024-488xx/CVE-2024-48872.json) (`2024-12-16T08:15:04.950`)
- [CVE-2024-54083](CVE-2024/CVE-2024-540xx/CVE-2024-54083.json) (`2024-12-16T08:15:05.317`)
- [CVE-2024-54682](CVE-2024/CVE-2024-546xx/CVE-2024-54682.json) (`2024-12-16T08:15:05.513`)
- [CVE-2024-9678](CVE-2024/CVE-2024-96xx/CVE-2024-9678.json) (`2024-12-16T07:15:06.917`)
- [CVE-2024-9679](CVE-2024/CVE-2024-96xx/CVE-2024-9679.json) (`2024-12-16T07:15:07.107`)
- [CVE-2024-12362](CVE-2024/CVE-2024-123xx/CVE-2024-12362.json) (`2024-12-16T10:15:05.097`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
- [CVE-2024-53677](CVE-2024/CVE-2024-536xx/CVE-2024-53677.json) (`2024-12-16T10:15:06.330`)
## Download and Usage

25
_state.csv
View File

@ -244704,6 +244704,7 @@ CVE-2024-12358,0,0,c693e0849f917c8e8b82ecbabaa009531cb87832861cfd247370c207501db
CVE-2024-12359,0,0,c89d1a1aa75e792ebb41728457dc48f1f26a200ebabc2671ae04aee3d706d446,2024-12-10T23:34:02.110000
CVE-2024-1236,0,0,98cf8c8d0d2027d41420e47ce0e54a62c55b6c82b55779fb1975380b5e094f29,2024-11-21T08:50:07.797000
CVE-2024-12360,0,0,9c92ce0fa75af6038fb90116f61bca41613e1dcad55daccb6d63b1c2c6eac745,2024-12-10T23:33:47.773000
CVE-2024-12362,1,1,96e15c2faa2bd6e0d657897006f5afbf531e277c4e36a7600a72ca925ed55ef4,2024-12-16T10:15:05.097000
CVE-2024-12363,0,0,8bf95d170f6881f24ef42d227f38a0cf0a0a8682e2906a9aa2aaa1e3f316a356,2024-12-11T10:15:07.260000
CVE-2024-12369,0,0,5b7cc273eb06dd7ee2a2ae3818321c32759b57238bbfe6b2aea54c3bd6ee2b32,2024-12-09T21:15:08.203000
CVE-2024-1237,0,0,7608b762d209f55f10a23dbde634d086adad1d6240344714ec7de5c458d836b6,2024-11-21T08:50:07.910000
@ -244787,12 +244788,12 @@ CVE-2024-12628,0,0,ac808889130fae56b4e45ff31e222138f9e55a8e7c6187e647f824762405f
CVE-2024-1263,0,0,1ded99eb7dd7c25043d30fb557b1a5799a79150045deb56dc782cc48f4b0c898,2024-11-21T08:50:11.303000
CVE-2024-12632,0,0,b2981d9ae0d79f88557270498f7d8919df56f26fc08631dba371165f9d0f4233,2024-12-13T21:15:09.317000
CVE-2024-1264,0,0,0a400b50d7c5417af4540851d66c40fe9607cfb1bbd030ca37354551feca3778,2024-11-21T08:50:11.460000
CVE-2024-12641,1,1,3ec4149ab7d3a9d03454ba86a1540a2777a6b2dc13331b9db9f83518d1b987fe,2024-12-16T07:15:05.787000
CVE-2024-12642,1,1,5808efc466dd9e76a6b2fdd56acc2b4a99ac312a55996200c5393be689fe27de,2024-12-16T07:15:06.023000
CVE-2024-12643,1,1,acf4cd766d01c6cf5b9b6a3307ecbdbdd1fb53520f0548c5600f3a769f431ead,2024-12-16T07:15:06.217000
CVE-2024-12644,1,1,4fe46a77976cb26c8db1a8817f8d60588d7d627c677def113b1f0c3da34da101,2024-12-16T07:15:06.387000
CVE-2024-12645,1,1,e2bf7e02fc7f9b197fb94f8f3f7739958eb1e7eb714f268785ecfdf27c30d30a,2024-12-16T07:15:06.560000
CVE-2024-12646,1,1,edf55cca2f63c5514783a7adeb1b585499807b56f798173f78bff573d5a90371,2024-12-16T07:15:06.737000
CVE-2024-12641,0,0,3ec4149ab7d3a9d03454ba86a1540a2777a6b2dc13331b9db9f83518d1b987fe,2024-12-16T07:15:05.787000
CVE-2024-12642,0,0,5808efc466dd9e76a6b2fdd56acc2b4a99ac312a55996200c5393be689fe27de,2024-12-16T07:15:06.023000
CVE-2024-12643,0,0,acf4cd766d01c6cf5b9b6a3307ecbdbdd1fb53520f0548c5600f3a769f431ead,2024-12-16T07:15:06.217000
CVE-2024-12644,0,0,4fe46a77976cb26c8db1a8817f8d60588d7d627c677def113b1f0c3da34da101,2024-12-16T07:15:06.387000
CVE-2024-12645,0,0,e2bf7e02fc7f9b197fb94f8f3f7739958eb1e7eb714f268785ecfdf27c30d30a,2024-12-16T07:15:06.560000
CVE-2024-12646,0,0,edf55cca2f63c5514783a7adeb1b585499807b56f798173f78bff573d5a90371,2024-12-16T07:15:06.737000
CVE-2024-1265,0,0,b39c324e3936d2b2eba136bb9fb37e8f905e9dd3fbb95d7d724d951e7512509f,2024-11-21T08:50:11.610000
CVE-2024-1266,0,0,2a4a1a9a97982898c100d9d9cb94e7da9ed50410ea3a8e686081520943168bc9,2024-11-21T08:50:11.767000
CVE-2024-1267,0,0,0747778ead3832a4ca40a6166ab0347567f6883def83eef1d70067a8b72b33c4,2024-11-21T08:50:11.937000
@ -266406,7 +266407,7 @@ CVE-2024-48868,0,0,2782ecb1470a758e28d05381e05356f80014eb1b4f591b7ba18f186159928
CVE-2024-4887,0,0,a0d0f9a8fb046d1d64dccc572def5193a849cd711291225c860f9ae76aeae91c,2024-11-21T09:43:47.697000
CVE-2024-48870,0,0,18a307d8f6128cb29a6984af9c786b2a3f86ad0eb48edcca47ed5bd77f7947c8,2024-11-05T19:34:38.287000
CVE-2024-48871,0,0,5d5a01d36a9cf590d21015dc1fb8d88b484f6420693898fd35b4436407272623,2024-12-06T18:15:25.267000
CVE-2024-48872,1,1,e0488ddfbbc97cfa53cf7ce570cabf334ccaf2abe7ec833ab649dfba44be6406,2024-12-16T08:15:04.950000
CVE-2024-48872,0,0,e0488ddfbbc97cfa53cf7ce570cabf334ccaf2abe7ec833ab649dfba44be6406,2024-12-16T08:15:04.950000
CVE-2024-48874,0,0,d4dab0701d320c08fdb5c4d13166c7fa76f47b4f8118adcdce9e1ede30e7393e,2024-12-10T19:44:16.093000
CVE-2024-48878,0,0,61df8c716ea1a9423d8f98d007fe741d86381fb579c3442ef6d827deee3b213c,2024-11-05T19:44:58.650000
CVE-2024-4888,0,0,133d57bae18b01966145fd4e4ce13e18e7959193dbb6b4323cb9d35593035efb,2024-11-21T09:43:47.830000
@ -269443,7 +269444,7 @@ CVE-2024-53673,0,0,998c285a4fe0e35cbecbdb698279013b408c1bb4163a1e69369fac314d145
CVE-2024-53674,0,0,f555b7f03d33cd061d1493d8fc99309d52915e66d5ae0672802dcf1d36a50f32,2024-12-12T19:49:49.800000
CVE-2024-53675,0,0,1183b1bd94841ad73311a268c8a0b2c37f3657514fc74825a9481690ca681ab0,2024-12-12T19:48:48.443000
CVE-2024-53676,0,0,9e5335d7636e62fb7cc2e79040736f3f5e3856b52ef7bfb0006141b3e5724acd,2024-12-11T16:49:45.783000
CVE-2024-53677,0,0,083151106e56d9fcc3b3875c7e2c6bbfb2ed7c011ac1692a0a8b085e71eb6ff7,2024-12-12T16:15:55.177000
CVE-2024-53677,0,1,b609243c036f17eeee5716ce5982790964aead13c9071ef1069dc5264f78d358,2024-12-16T10:15:06.330000
CVE-2024-5368,0,0,0267b73ce86fd5c42a4c0cf503f4bdead8427924f402a3554f435c1bc916f416,2024-11-21T09:47:30.877000
CVE-2024-5369,0,0,14abdfed4d5003ff16a96b2708e00658833baa1f8166ee56f5ba2dba896b20f5,2024-11-21T09:47:31.020000
CVE-2024-53691,0,0,09846e368cf7a07a1d919202728e77d0589572ed56c2c2f1bb03db07c3ec7fb0,2024-12-06T17:15:10.520000
@ -269703,7 +269704,7 @@ CVE-2024-54051,0,0,0b1f5c4d6a6660f6eca551d294b306144268ea170824a2e433c9ff96bee16
CVE-2024-5406,0,0,5db0f501f7c712d4bcce798425460b3472165eeef82fd225689429d234120e5b,2024-11-21T09:47:35.457000
CVE-2024-5407,0,0,e082637321598f3dc8c3c9e1760b81a1e1197c4d13cd58fed3245c37f0bb71c9,2024-11-21T09:47:35.567000
CVE-2024-5408,0,0,0b23a712a85d13fef48f02294d854672174790bd624dfee1416450ccef66434a,2024-11-21T09:47:35.690000
CVE-2024-54083,1,1,ab0c3e93b93d6d1fcd800037fd4adff6300f06f95c7d5b0be5ef071070f048c0,2024-12-16T08:15:05.317000
CVE-2024-54083,0,0,ab0c3e93b93d6d1fcd800037fd4adff6300f06f95c7d5b0be5ef071070f048c0,2024-12-16T08:15:05.317000
CVE-2024-5409,0,0,f7df79bf8c405f523130badde3800a80499e2a2f05cefac143617aad785ef5de,2024-11-21T09:47:35.810000
CVE-2024-54091,0,0,dc5c73da9eed4ea1b769bbbff881c5fabd4f746f0337a6f741715e6c55e58677,2024-12-12T14:15:22.953000
CVE-2024-54093,0,0,9b4c9fb3253eae2faddaa5bce4d624f7927535a01dc9c7aeeb4d509f723ada4e,2024-12-10T14:30:47.350000
@ -269992,7 +269993,7 @@ CVE-2024-54674,0,0,545e92efc26fab029b2ecd902e6764f6f53f740b5b32d49c4c8440f2592a5
CVE-2024-54675,0,0,14b4e742326580d47a2a009f3e3f65a46d84415cc785ea77b3a28630132c9018,2024-12-05T19:15:09.100000
CVE-2024-54679,0,0,381ad7e6890c67d9b6c47b47a43cd175dd5b1319ea7d6b78a90445a532dafd14,2024-12-06T15:15:09.693000
CVE-2024-5468,0,0,83f1a353a5b95b83c36aafd7fb0e880d8454855ef6bbd816a181cff50dcb4279,2024-11-21T09:47:44.527000
CVE-2024-54682,1,1,47c1e4bea5a44559550e8b3ac687261daadaa3d8113a6cea9c496aa4796df1ff,2024-12-16T08:15:05.513000
CVE-2024-54682,0,0,47c1e4bea5a44559550e8b3ac687261daadaa3d8113a6cea9c496aa4796df1ff,2024-12-16T08:15:05.513000
CVE-2024-5469,0,0,0593227e51e97383649ced684c68d7aaf013a250af5a8e55d437662843299556,2024-11-21T09:47:44.633000
CVE-2024-5470,0,0,b70339f8a022f56de8d4eb030bd8f5d3563ba0fc9c1634fd55ea697aee92ede9,2024-11-21T09:47:44.787000
CVE-2024-5471,0,0,631b7a50303d6f9a193814092037f29379ca6ca2282e0b67207306f8abcc9ba4,2024-11-21T09:47:44.903000
@ -273633,8 +273634,8 @@ CVE-2024-9674,0,0,dcc152f68b1f7c703678ea1798dc92c1fa87e3588d3559438d5c688c6e83e0
CVE-2024-9675,0,0,00d4dc2f1e7706c2dbe94ebff288188d87800560d2f4c32185d599f287de35c6,2024-12-13T18:15:22.507000
CVE-2024-9676,0,0,55ce7f789aec5de504d954da5f65516dc9f8543012f990f377ddbe582f64b41d,2024-11-26T09:15:06.820000
CVE-2024-9677,0,0,8ac7fd75efed77835a38e0d5d30fbebdcc1b6d67032d9bfdfc464e20115a7f11,2024-12-05T22:11:15.217000
CVE-2024-9678,1,1,fa6d086fd6e95da26cac32b6aa9f339d75c5064b7a3a161a053f194207e49135,2024-12-16T07:15:06.917000
CVE-2024-9679,1,1,97094acf2404026f659d9cc4cf6adeb9c62fac3d50ff539d7ace5622e4a33ea1,2024-12-16T07:15:07.107000
CVE-2024-9678,0,0,fa6d086fd6e95da26cac32b6aa9f339d75c5064b7a3a161a053f194207e49135,2024-12-16T07:15:06.917000
CVE-2024-9679,0,0,97094acf2404026f659d9cc4cf6adeb9c62fac3d50ff539d7ace5622e4a33ea1,2024-12-16T07:15:07.107000
CVE-2024-9680,0,0,b270ebb58405bce82b545a9823e949fa4790116b7a4834e574606834227d9216,2024-11-26T19:53:56.537000
CVE-2024-9681,0,0,2ae771a08ca769f211d8d385c4480401b1a952b5ea57b2588c5b5f84fbd4b358,2024-12-13T14:15:22.953000
CVE-2024-9682,0,0,6d690df5e8c227b34e224cce5647fb45a6c1d80990a723f81ebd7b281b388f5b,2024-11-19T15:47:07.517000

Can't render this file because it is too large.