admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-06T21:00:24.297999+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-06 21:00:28 +00:00
parent d5e8a94a27
commit 23ced37ffd
17 changed files with 920 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-487xx/CVE-2023-48703.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-48703",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T20:15:47.343",
"lastModified": "2024-03-06T20:15:47.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "RobotsAndPencils go-saml, a SAML client library written in Go, contains an authentication bypass vulnerability in all known versions. This is due to how the `xmlsec1` command line tool is called internally to verify the signature of SAML assertions. When `xmlsec1` is used without defining the enabled key data, the origin of the public key for the signature verification is, unfortunately, not restricted. That means an attacker can sign the SAML assertions themselves and provide the required public key (e.g. an RSA key) directly embedded in the SAML token. Projects still using RobotsAndPencils/go-saml should move to another SAML library or alternatively remove support for SAML from their projects. The vulnerability can likely temporarily be fixed by forking the go-saml project and adding the command line argument `--enabled-key-data` and specifying a value such as `x509` or `raw-x509-cert` when calling the `xmlsec1` binary in the verify function. Please note that this workaround must be carefully tested before it can be used."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-121_go-saml__archived_/",
"source": "security-advisories@github.com"
}
]
}

24
CVE-2024/CVE-2024-21xx/CVE-2024-2173.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-2173",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-03-06T19:15:08.973",
"lastModified": "2024-03-06T19:15:08.973",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://issues.chromium.org/issues/325893559",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2024/CVE-2024-21xx/CVE-2024-2174.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-2174",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-03-06T19:15:09.037",
"lastModified": "2024-03-06T19:15:09.037",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://issues.chromium.org/issues/325866363",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2024/CVE-2024-21xx/CVE-2024-2176.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-2176",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-03-06T19:15:09.090",
"lastModified": "2024-03-06T19:15:09.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://issues.chromium.org/issues/325936438",
"source": "chrome-cve-admin@google.com"
}
]
}

63
CVE-2024/CVE-2024-247xx/CVE-2024-24766.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-24766",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T19:15:07.290",
"lastModified": "2024-03-06T19:15:07.290",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "CasaOS-UserService provides user management functionalities to CasaOS. Starting in version 0.4.4.3 and prior to version 0.4.7, the Casa OS Login page disclosed the username enumeration vulnerability in the login page. An attacker can enumerate the CasaOS username using the application response. If the username is incorrect application gives the error `**User does not exist**`. If the password is incorrect application gives the error `**Invalid password**`. Version 0.4.7 fixes this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-204"
}
]
}
],
"references": [
{
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/c75063d7ca5800948e9c09c0a6efe9809b5d39f7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c967-2652-gfjm",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-251xx/CVE-2024-25111.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-25111",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T19:15:07.510",
"lastModified": "2024-03-06T19:15:07.510",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunked, encoded HTTP Message. This bug is fixed in Squid version 6.8. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. There is no workaround for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-674"
}
]
}
],
"references": [
{
"url": "http://www.squid-cache.org/Versions/v6/SQUID-2024_1.patch",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-72c2-c3wm-8qxc",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-272xx/CVE-2024-27287.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-27287",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T19:15:07.723",
"lastModified": "2024-03-06T19:15:07.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves unsanitized data with `Content-Type: text/html; charset=UTF-8`, allowing a remote authenticated user to inject arbitrary web script and exfiltrate session cookies via Cross-Site scripting. It is possible for a malicious authenticated user to inject arbitrary Javascript in configuration files using a POST request to the /edit endpoint, the configuration parameter allows to specify the file to write. To trigger the XSS vulnerability, the victim must visit the page` /edit?configuration=[xss file]`. Abusing this vulnerability a malicious actor could perform operations on the dashboard on the behalf of a logged user, access sensitive information, create, edit and delete configuration files and flash firmware on managed boards.\nIn addition to this, cookies are not correctly secured, allowing the exfiltration of session cookie values. Version 2024.2.2 contains a patch for this issue.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/esphome/esphome/commit/37d2b3c7977a4ccbec59726ca7549cb776661455",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/esphome/esphome/security/advisories/GHSA-9p43-hj5j-96h5",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-272xx/CVE-2024-27288.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-27288",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T19:15:07.933",
"lastModified": "2024-03-06T19:15:07.933",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.10.1-lts, users can use Burp to obtain unauthorized access to the console page. The vulnerability has been fixed in v1.10.1-lts. There are no known workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/1Panel-dev/1Panel/releases/tag/v1.10.1-lts",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-26w3-q4j8-4xjp",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-272xx/CVE-2024-27289.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-27289",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T19:15:08.140",
"lastModified": "2024-03-06T19:15:08.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do not use the simple protocol or do not place a minus directly before a placeholder.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-273xx/CVE-2024-27302.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-27302",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T19:15:08.330",
"lastModified": "2024-03-06T19:15:08.330",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "go-zero is a web and rpc framework. Go-zero allows user to specify a CORS Filter with a configurable allows param - which is an array of domains allowed in CORS policy. However, the `isOriginAllowed` uses `strings.HasSuffix` to check the origin, which leads to bypass via a malicious domain. This vulnerability is capable of breaking CORS policy and thus allowing any page to make requests and/or retrieve data on behalf of other users. Version 1.4.4 fixes this issue.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://github.com/zeromicro/go-zero/commit/d9d79e930dff6218a873f4f02115df61c38b15db",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/zeromicro/go-zero/security/advisories/GHSA-fgxv-gw55-r5fq",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2024/CVE-2024-273xx/CVE-2024-27303.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2024-27303",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T19:15:08.553",
"lastModified": "2024-03-06T19:15:08.553",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the `.nsh` installer script. NSExec by default searches the current directory of where the installer is located before searching `PATH`. This means that if an attacker can place a malicious executable file named cmd.exe in the same folder as the installer, the installer will run the malicious file. Version 24.13.2 fixes this issue. No known workaround exists. The code executes at the installer-level before the app is present on the system, so there's no way to check if it exists in a current installer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
},
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://github.com/electron-userland/electron-builder/commit/8f4acff3c2d45c1cb07779bb3fe79644408ee387",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/electron-userland/electron-builder/pull/8059",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/electron-userland/electron-builder/security/advisories/GHSA-r4pf-3v7r-hh55",
"source": "security-advisories@github.com"
}
]
}

79
CVE-2024/CVE-2024-273xx/CVE-2024-27304.json Normal file
View File

@ -0,0 +1,79 @@
{
"id": "CVE-2024-27304",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T19:15:08.767",
"lastModified": "2024-03-06T19:15:08.767",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/jackc/pgproto3/commit/945c2126f6db8f3bea7eeebe307c01fe92bca007",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jackc/pgproto3/security/advisories/GHSA-7jwh-3vrq-q3m8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2024/CVE-2024-273xx/CVE-2024-27307.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2024-27307",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T20:15:47.537",
"lastModified": "2024-03-06T20:15:47.537",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "JSONata is a JSON query and transformation language. Starting in version 1.4.0 and prior to version 1.8.7 and 2.0.4, a malicious expression can use the transform operator to override properties on the `Object` constructor and prototype. This may lead to denial of service, remote code execution or other unexpected behavior in applications that evaluate user-provided JSONata expressions. This issue has been fixed in JSONata versions 1.8.7 and 2.0.4. Applications that evaluate user-provided expressions should update ASAP to prevent exploitation. As a workaround, one may apply the patch manually."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"references": [
{
"url": "https://github.com/jsonata-js/jsonata/commit/1d579dbe99c19fbe509f5ba2c6db7959b0d456d1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jsonata-js/jsonata/commit/335d38f6278e96c908b24183f1c9c90afc8ae00c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jsonata-js/jsonata/commit/c907b5e517bb718015fcbd993d742ba6202f2be2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jsonata-js/jsonata/releases/tag/v2.0.4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jsonata-js/jsonata/security/advisories/GHSA-fqg8-vfv7-8fj8",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2024/CVE-2024-273xx/CVE-2024-27308.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2024-27308",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T20:15:47.730",
"lastModified": "2024-03-06T20:15:47.730",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. For some applications, invalid tokens may be ignored or cause a warning or a crash. On the other hand, for applications that store pointers in the tokens, this vulnerability may result in a use-after-free. For users of Tokio, this vulnerability is serious and can result in a use-after-free in Tokio. The vulnerability is Windows-specific, and can only happen if you are using named pipes. Other IO resources are not affected. This vulnerability has been fixed in mio v0.8.11. All versions of mio between v0.7.2 and v0.8.10 are vulnerable. Tokio is vulnerable when you are using a vulnerable version of mio AND you are using at least Tokio v1.30.0. Versions of Tokio prior to v1.30.0 will ignore invalid tokens, so they are not vulnerable. Vulnerable libraries that use mio can work around this issue by detecting and ignoring invalid tokens."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
},
{
"lang": "en",
"value": "CWE-672"
}
]
}
],
"references": [
{
"url": "https://github.com/tokio-rs/mio/commit/90d4fe00df870acd3d38f3dc4face9aacab8fbb9",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tokio-rs/mio/pull/1760",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tokio-rs/mio/security/advisories/GHSA-r8w9-5wcg-vfj7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tokio-rs/tokio/issues/6369",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-279xx/CVE-2024-27915.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-27915",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T20:15:47.930",
"lastModified": "2024-03-06T20:15:47.930",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sulu is a PHP content management system. Starting in verson 2.2.0 and prior to version 2.4.17 and 2.5.13, access to pages is granted regardless of role permissions for webspaces which have a security system configured and permission check enabled. Webspaces without do not have this issue. The problem is patched in versions 2.4.17 and 2.5.13. Some workarounds are available. One may apply the patch to `vendor/symfony/security-http/HttpUtils.php` manually or avoid installing `symfony/security-http` versions greater equal than `v5.4.30` or `v6.3.6`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/sulu/sulu/commit/ec9c3f99e15336dc4f6877f512300f231c17c6da",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/sulu/sulu/security/advisories/GHSA-jr83-m233-gg6p",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2024/CVE-2024-279xx/CVE-2024-27917.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2024-27917",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-06T20:15:48.120",
"lastModified": "2024-03-06T20:15:48.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform based on Symfony Framework and Vue. The Symfony Session Handler pops the Session Cookie and assigns it to the Response. Since Shopware 6.5.8.0, the 404 pages are cached to improve the performance of 404 pages. So the cached Response which contains a Session Cookie when the Browser accessing the 404 page, has no cookies yet. The Symfony Session Handler is in use, when no explicit Session configuration has been done. When Redis is in use for Sessions using the PHP Redis extension, this exploiting code is not used. Shopware version 6.5.8.7 contains a patch for this issue. As a workaround, use Redis for Sessions, as this does not trigger the exploit code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-524"
}
]
}
],
"references": [
{
"url": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e",
"source": "security-advisories@github.com"
}
]
}

52
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-03-06T19:00:32.423200+00:00
2024-03-06T21:00:24.297999+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-03-06T18:15:46.983000+00:00
2024-03-06T20:15:48.120000+00:00
```
### Last Data Feed Release
@ -29,45 +29,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
240696
240712
```
### CVEs added in the last Commit
Recently added CVEs: `31`
Recently added CVEs: `16`
* [CVE-2024-20338](CVE-2024/CVE-2024-203xx/CVE-2024-20338.json) (`2024-03-06T17:15:09.783`)
* [CVE-2024-20345](CVE-2024/CVE-2024-203xx/CVE-2024-20345.json) (`2024-03-06T17:15:09.973`)
* [CVE-2024-20346](CVE-2024/CVE-2024-203xx/CVE-2024-20346.json) (`2024-03-06T17:15:10.173`)
* [CVE-2024-28149](CVE-2024/CVE-2024-281xx/CVE-2024-28149.json) (`2024-03-06T17:15:10.450`)
* [CVE-2024-28150](CVE-2024/CVE-2024-281xx/CVE-2024-28150.json) (`2024-03-06T17:15:10.510`)
* [CVE-2024-28151](CVE-2024/CVE-2024-281xx/CVE-2024-28151.json) (`2024-03-06T17:15:10.570`)
* [CVE-2024-28152](CVE-2024/CVE-2024-281xx/CVE-2024-28152.json) (`2024-03-06T17:15:10.637`)
* [CVE-2024-28153](CVE-2024/CVE-2024-281xx/CVE-2024-28153.json) (`2024-03-06T17:15:10.687`)
* [CVE-2024-28154](CVE-2024/CVE-2024-281xx/CVE-2024-28154.json) (`2024-03-06T17:15:10.733`)
* [CVE-2024-28155](CVE-2024/CVE-2024-281xx/CVE-2024-28155.json) (`2024-03-06T17:15:10.787`)
* [CVE-2024-28156](CVE-2024/CVE-2024-281xx/CVE-2024-28156.json) (`2024-03-06T17:15:10.837`)
* [CVE-2024-28157](CVE-2024/CVE-2024-281xx/CVE-2024-28157.json) (`2024-03-06T17:15:10.890`)
* [CVE-2024-28158](CVE-2024/CVE-2024-281xx/CVE-2024-28158.json) (`2024-03-06T17:15:10.940`)
* [CVE-2024-28159](CVE-2024/CVE-2024-281xx/CVE-2024-28159.json) (`2024-03-06T17:15:10.987`)
* [CVE-2024-28160](CVE-2024/CVE-2024-281xx/CVE-2024-28160.json) (`2024-03-06T17:15:11.040`)
* [CVE-2024-28161](CVE-2024/CVE-2024-281xx/CVE-2024-28161.json) (`2024-03-06T17:15:11.090`)
* [CVE-2024-28162](CVE-2024/CVE-2024-281xx/CVE-2024-28162.json) (`2024-03-06T17:15:11.140`)
* [CVE-2024-28173](CVE-2024/CVE-2024-281xx/CVE-2024-28173.json) (`2024-03-06T17:15:11.190`)
* [CVE-2024-28174](CVE-2024/CVE-2024-281xx/CVE-2024-28174.json) (`2024-03-06T17:15:11.397`)
* [CVE-2024-2215](CVE-2024/CVE-2024-22xx/CVE-2024-2215.json) (`2024-03-06T17:15:11.593`)
* [CVE-2024-2216](CVE-2024/CVE-2024-22xx/CVE-2024-2216.json) (`2024-03-06T17:15:11.640`)
* [CVE-2024-20336](CVE-2024/CVE-2024-203xx/CVE-2024-20336.json) (`2024-03-06T17:15:09.397`)
* [CVE-2024-24761](CVE-2024/CVE-2024-247xx/CVE-2024-24761.json) (`2024-03-06T18:15:46.620`)
* [CVE-2024-24765](CVE-2024/CVE-2024-247xx/CVE-2024-24765.json) (`2024-03-06T18:15:46.807`)
* [CVE-2024-24767](CVE-2024/CVE-2024-247xx/CVE-2024-24767.json) (`2024-03-06T18:15:46.983`)
* [CVE-2023-48703](CVE-2023/CVE-2023-487xx/CVE-2023-48703.json) (`2024-03-06T20:15:47.343`)
* [CVE-2024-24766](CVE-2024/CVE-2024-247xx/CVE-2024-24766.json) (`2024-03-06T19:15:07.290`)
* [CVE-2024-25111](CVE-2024/CVE-2024-251xx/CVE-2024-25111.json) (`2024-03-06T19:15:07.510`)
* [CVE-2024-27287](CVE-2024/CVE-2024-272xx/CVE-2024-27287.json) (`2024-03-06T19:15:07.723`)
* [CVE-2024-27288](CVE-2024/CVE-2024-272xx/CVE-2024-27288.json) (`2024-03-06T19:15:07.933`)
* [CVE-2024-27289](CVE-2024/CVE-2024-272xx/CVE-2024-27289.json) (`2024-03-06T19:15:08.140`)
* [CVE-2024-27302](CVE-2024/CVE-2024-273xx/CVE-2024-27302.json) (`2024-03-06T19:15:08.330`)
* [CVE-2024-27303](CVE-2024/CVE-2024-273xx/CVE-2024-27303.json) (`2024-03-06T19:15:08.553`)
* [CVE-2024-27304](CVE-2024/CVE-2024-273xx/CVE-2024-27304.json) (`2024-03-06T19:15:08.767`)
* [CVE-2024-2173](CVE-2024/CVE-2024-21xx/CVE-2024-2173.json) (`2024-03-06T19:15:08.973`)
* [CVE-2024-2174](CVE-2024/CVE-2024-21xx/CVE-2024-2174.json) (`2024-03-06T19:15:09.037`)
* [CVE-2024-2176](CVE-2024/CVE-2024-21xx/CVE-2024-2176.json) (`2024-03-06T19:15:09.090`)
* [CVE-2024-27307](CVE-2024/CVE-2024-273xx/CVE-2024-27307.json) (`2024-03-06T20:15:47.537`)
* [CVE-2024-27308](CVE-2024/CVE-2024-273xx/CVE-2024-27308.json) (`2024-03-06T20:15:47.730`)
* [CVE-2024-27915](CVE-2024/CVE-2024-279xx/CVE-2024-27915.json) (`2024-03-06T20:15:47.930`)
* [CVE-2024-27917](CVE-2024/CVE-2024-279xx/CVE-2024-27917.json) (`2024-03-06T20:15:48.120`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
* [CVE-2024-1714](CVE-2024/CVE-2024-17xx/CVE-2024-1714.json) (`2024-03-06T17:15:08.577`)
## Download and Usage