Auto-Update: 2024-07-07T18:00:42.520950+00:00

This commit is contained in:
cad-safe-bot 2024-07-07 18:03:35 +00:00
parent 0daa3eaba8
commit 75a6d46b9f
3 changed files with 62 additions and 5 deletions

View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-6229",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-07-07T16:15:02.013",
"lastModified": "2024-07-07T16:15:02.013",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version. Users can upload files via URL, which allows the insertion of malicious JavaScript payloads. These payloads are stored on the server and executed whenever any user clicks on a link containing the payload, leading to potential data theft, session hijacking, and reputation damage."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/2ee71e9e-2cf5-41a4-8440-d75758018786",
"source": "security@huntr.dev"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-07-07T16:00:28.387567+00:00 2024-07-07T18:00:42.520950+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-07-07T15:15:09.923000+00:00 2024-07-07T16:15:02.013000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
255977 255978
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `1` Recently added CVEs: `1`
- [CVE-2024-40614](CVE-2024/CVE-2024-406xx/CVE-2024-40614.json) (`2024-07-07T15:15:09.923`) - [CVE-2024-6229](CVE-2024/CVE-2024-62xx/CVE-2024-6229.json) (`2024-07-07T16:15:02.013`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit

View File

@ -254315,7 +254315,7 @@ CVE-2024-40603,0,0,a59eb09c112c52f2f41fff991543251e420e8ed1adcc447fe75b7105e7759
CVE-2024-40604,0,0,06c9fcfeda33a92aaaf0864f242969e9767dfcef607901c977ee31765ab64188,2024-07-07T00:15:10.690000 CVE-2024-40604,0,0,06c9fcfeda33a92aaaf0864f242969e9767dfcef607901c977ee31765ab64188,2024-07-07T00:15:10.690000
CVE-2024-40605,0,0,63f2796aa96da63d2a64510dcc3ffc1fba4cca74f8258df71034a13d64b69abc,2024-07-07T00:15:10.770000 CVE-2024-40605,0,0,63f2796aa96da63d2a64510dcc3ffc1fba4cca74f8258df71034a13d64b69abc,2024-07-07T00:15:10.770000
CVE-2024-4061,0,0,731822e6f24cd811e7f06812f39ade81c9a66c6b1046f4d45903066a1f181f99,2024-05-21T12:37:59.687000 CVE-2024-4061,0,0,731822e6f24cd811e7f06812f39ade81c9a66c6b1046f4d45903066a1f181f99,2024-05-21T12:37:59.687000
CVE-2024-40614,1,1,a58e68ff975dc388908772a166ffcb41c50e83a7ba383078526a5a88e8f6baf7,2024-07-07T15:15:09.923000 CVE-2024-40614,0,0,a58e68ff975dc388908772a166ffcb41c50e83a7ba383078526a5a88e8f6baf7,2024-07-07T15:15:09.923000
CVE-2024-4062,0,0,7fcbe6e50148b9b5e05d3025a893191a4aca3bb309243ec182c3df8f6e2a0587,2024-06-04T19:20:29.007000 CVE-2024-4062,0,0,7fcbe6e50148b9b5e05d3025a893191a4aca3bb309243ec182c3df8f6e2a0587,2024-06-04T19:20:29.007000
CVE-2024-4063,0,0,10c24a204d439c4cd3340a486d9bc67fc982c548c71c2d3a385738d7e6499dc1,2024-06-04T19:20:29.120000 CVE-2024-4063,0,0,10c24a204d439c4cd3340a486d9bc67fc982c548c71c2d3a385738d7e6499dc1,2024-06-04T19:20:29.120000
CVE-2024-4064,0,0,0a357968458dd966b7a4969f86556627b0af0220edbb91249e767e6972ab2a17,2024-05-17T02:40:14.223000 CVE-2024-4064,0,0,0a357968458dd966b7a4969f86556627b0af0220edbb91249e767e6972ab2a17,2024-05-17T02:40:14.223000
@ -255866,6 +255866,7 @@ CVE-2024-6216,0,0,163aaa10da8fbd3f1a722ddf5828825abea50c90fd2d9b89c4bf2c73ab93f6
CVE-2024-6217,0,0,3711ed31aaa9f7586428ac093ba9118453625e92a316540d8e0c90d5655ba292,2024-06-21T11:22:01.687000 CVE-2024-6217,0,0,3711ed31aaa9f7586428ac093ba9118453625e92a316540d8e0c90d5655ba292,2024-06-21T11:22:01.687000
CVE-2024-6218,0,0,080145c08c5ffaf1b0f4fe61601c30772836ccbea26d111bc22bd57681c581e7,2024-06-21T15:15:16.547000 CVE-2024-6218,0,0,080145c08c5ffaf1b0f4fe61601c30772836ccbea26d111bc22bd57681c581e7,2024-06-21T15:15:16.547000
CVE-2024-6225,0,0,05da1495d7d116987721ea4d8dad783669e833db8afd42c6e9b9d7b36358250e,2024-06-24T19:21:28.450000 CVE-2024-6225,0,0,05da1495d7d116987721ea4d8dad783669e833db8afd42c6e9b9d7b36358250e,2024-06-24T19:21:28.450000
CVE-2024-6229,1,1,f1f054c8daa5ac2c46672d5a0f53c7a9d2a940a35470133039aaba3576e253b3,2024-07-07T16:15:02.013000
CVE-2024-6238,0,0,01bce4fcd5bf21099e3fa29fb7e34bf0d2a461d152d0ae3d9b913c1fb46d1451,2024-06-25T18:50:42.040000 CVE-2024-6238,0,0,01bce4fcd5bf21099e3fa29fb7e34bf0d2a461d152d0ae3d9b913c1fb46d1451,2024-06-25T18:50:42.040000
CVE-2024-6239,0,0,4d98a21d53ef2e5917897cadc254a12ee654ff1e3575a82a15151981272f61b5,2024-06-24T19:06:27.537000 CVE-2024-6239,0,0,4d98a21d53ef2e5917897cadc254a12ee654ff1e3575a82a15151981272f61b5,2024-06-24T19:06:27.537000
CVE-2024-6240,0,0,3ba60659d5977ed2c81ae70dc02c754f9eebbd14309190bebb86d2a019bd47a8,2024-06-24T19:10:38.983000 CVE-2024-6240,0,0,3ba60659d5977ed2c81ae70dc02c754f9eebbd14309190bebb86d2a019bd47a8,2024-06-24T19:10:38.983000

Can't render this file because it is too large.