admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-17T22:00:20.536722+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-17 22:03:54 +00:00
parent 6c85b36176
commit 78240f22f6
655 changed files with 6527 additions and 2181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2019/CVE-2019-169xx/CVE-2019-16905.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-16905", "id": "CVE-2019-16905",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2019-10-09T20:15:23.503", "published": "2019-10-09T20:15:23.503",
"lastModified": "2024-11-21T04:31:18.910", "lastModified": "2025-04-17T21:15:45.120",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -179,14 +179,6 @@
} }
], ],
"references": [ "references": [
{
"url": "https://0day.life/exploits/0day-1009.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{ {
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1153537", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1153537",
"source": "cve@mitre.org", "source": "cve@mitre.org",

4
CVE-2020/CVE-2020-367xx/CVE-2020-36789.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36789", "id": "CVE-2020-36789",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:42.743", "published": "2025-04-17T18:15:42.743",
"lastModified": "2025-04-17T18:15:42.743", "lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

32
CVE-2021/CVE-2021-469xx/CVE-2021-46900.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-46900", "id": "CVE-2021-46900",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-31T05:15:08.040", "published": "2023-12-31T05:15:08.040",
"lastModified": "2024-11-21T06:34:53.330", "lastModified": "2025-04-17T20:15:21.370",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-327" "value": "CWE-327"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
} }
], ],
"configurations": [ "configurations": [

4
CVE-2021/CVE-2021-476xx/CVE-2021-47668.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47668", "id": "CVE-2021-47668",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:43.623", "published": "2025-04-17T18:15:43.623",
"lastModified": "2025-04-17T19:15:51.200", "lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2021/CVE-2021-476xx/CVE-2021-47669.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47669", "id": "CVE-2021-47669",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:43.730", "published": "2025-04-17T18:15:43.730",
"lastModified": "2025-04-17T19:15:51.363", "lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2021/CVE-2021-476xx/CVE-2021-47670.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47670", "id": "CVE-2021-47670",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:43.833", "published": "2025-04-17T18:15:43.833",
"lastModified": "2025-04-17T19:15:51.510", "lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

41
CVE-2021/CVE-2021-476xx/CVE-2021-47671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-47671", "id": "CVE-2021-47671",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-17T18:15:43.933", "published": "2025-04-17T18:15:43.933",
"lastModified": "2025-04-17T18:15:43.933", "lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -11,7 +11,42 @@
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path\n\nIn es58x_rx_err_msg(), if can->do_set_mode() fails, the function\ndirectly returns without calling netif_rx(skb). This means that the\nskb previously allocated by alloc_can_err_skb() is not freed. In other\nterms, this is a memory leak.\n\nThis patch simply removes the return statement in the error branch and\nlet the function continue.\n\nIssue was found with GCC -fanalyzer, please follow the link below for\ndetails." "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path\n\nIn es58x_rx_err_msg(), if can->do_set_mode() fails, the function\ndirectly returns without calling netif_rx(skb). This means that the\nskb previously allocated by alloc_can_err_skb() is not freed. In other\nterms, this is a memory leak.\n\nThis patch simply removes the return statement in the error branch and\nlet the function continue.\n\nIssue was found with GCC -fanalyzer, please follow the link below for\ndetails."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/4f389e1276a5389c92cef860c9fde8e1c802a871", "url": "https://git.kernel.org/stable/c/4f389e1276a5389c92cef860c9fde8e1c802a871",

4
CVE-2022/CVE-2022-263xx/CVE-2022-26323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26323", "id": "CVE-2022-26323",
"sourceIdentifier": "security@opentext.com", "sourceIdentifier": "security@opentext.com",
"published": "2025-04-17T15:15:45.547", "published": "2025-04-17T15:15:45.547",
"lastModified": "2025-04-17T15:15:45.547", "lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

32
CVE-2022/CVE-2022-425xx/CVE-2022-42505.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42505", "id": "CVE-2022-42505",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:22.747", "published": "2022-12-16T16:15:22.747",
"lastModified": "2024-11-21T07:25:05.747", "lastModified": "2025-04-17T21:15:45.450",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42506.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42506", "id": "CVE-2022-42506",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:22.793", "published": "2022-12-16T16:15:22.793",
"lastModified": "2024-11-21T07:25:05.873", "lastModified": "2025-04-17T21:15:45.597",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42507.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42507", "id": "CVE-2022-42507",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:22.840", "published": "2022-12-16T16:15:22.840",
"lastModified": "2024-11-21T07:25:06.007", "lastModified": "2025-04-17T21:15:45.747",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42508.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42508", "id": "CVE-2022-42508",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:22.887", "published": "2022-12-16T16:15:22.887",
"lastModified": "2024-11-21T07:25:06.140", "lastModified": "2025-04-17T21:15:45.897",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42514.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42514", "id": "CVE-2022-42514",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.170", "published": "2022-12-16T16:15:23.170",
"lastModified": "2024-11-21T07:25:06.870", "lastModified": "2025-04-17T20:15:23.273",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42515.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42515", "id": "CVE-2022-42515",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.220", "published": "2022-12-16T16:15:23.220",
"lastModified": "2024-11-21T07:25:06.993", "lastModified": "2025-04-17T20:15:23.503",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42516.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42516", "id": "CVE-2022-42516",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.267", "published": "2022-12-16T16:15:23.267",
"lastModified": "2024-11-21T07:25:07.120", "lastModified": "2025-04-17T20:15:23.683",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42517.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42517", "id": "CVE-2022-42517",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.310", "published": "2022-12-16T16:15:23.310",
"lastModified": "2024-11-21T07:25:07.240", "lastModified": "2025-04-17T20:15:23.840",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42518.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42518", "id": "CVE-2022-42518",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.357", "published": "2022-12-16T16:15:23.357",
"lastModified": "2024-11-21T07:25:07.373", "lastModified": "2025-04-17T20:15:24.020",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42519.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42519", "id": "CVE-2022-42519",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.407", "published": "2022-12-16T16:15:23.407",
"lastModified": "2024-11-21T07:25:07.510", "lastModified": "2025-04-17T20:15:24.197",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42520.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42520", "id": "CVE-2022-42520",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.450", "published": "2022-12-16T16:15:23.450",
"lastModified": "2024-11-21T07:25:07.647", "lastModified": "2025-04-17T20:15:24.357",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-416" "value": "CWE-416"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42521.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42521", "id": "CVE-2022-42521",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.507", "published": "2022-12-16T16:15:23.507",
"lastModified": "2024-11-21T07:25:07.773", "lastModified": "2025-04-17T20:15:24.537",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42522.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42522", "id": "CVE-2022-42522",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.580", "published": "2022-12-16T16:15:23.580",
"lastModified": "2024-11-21T07:25:07.900", "lastModified": "2025-04-17T20:15:24.707",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42523.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42523", "id": "CVE-2022-42523",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.627", "published": "2022-12-16T16:15:23.627",
"lastModified": "2024-11-21T07:25:08.017", "lastModified": "2025-04-17T20:15:24.867",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42524.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42524", "id": "CVE-2022-42524",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.673", "published": "2022-12-16T16:15:23.673",
"lastModified": "2024-11-21T07:25:08.133", "lastModified": "2025-04-17T20:15:25.033",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42526.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42526", "id": "CVE-2022-42526",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.763", "published": "2022-12-16T16:15:23.763",
"lastModified": "2024-11-21T07:25:08.380", "lastModified": "2025-04-17T20:15:25.190",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-787" "value": "CWE-787"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42531.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42531", "id": "CVE-2022-42531",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.950", "published": "2022-12-16T16:15:23.950",
"lastModified": "2024-11-21T07:25:08.973", "lastModified": "2025-04-17T20:15:25.360",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-770" "value": "CWE-770"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-425xx/CVE-2022-42532.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42532", "id": "CVE-2022-42532",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:23.997", "published": "2022-12-16T16:15:23.997",
"lastModified": "2024-11-21T07:25:09.107", "lastModified": "2025-04-17T20:15:25.520",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 0.8, "exploitabilityScore": 0.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2022/CVE-2022-464xx/CVE-2022-46487.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46487", "id": "CVE-2022-46487",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-30T03:15:08.233", "published": "2023-12-30T03:15:08.233",
"lastModified": "2024-11-21T07:30:38.080", "lastModified": "2025-04-17T20:15:25.697",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-665" "value": "CWE-665"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-665"
}
]
} }
], ],
"configurations": [ "configurations": [

142
CVE-2022/CVE-2022-493xx/CVE-2022-49382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49382", "id": "CVE-2022-49382",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:14.823", "published": "2025-02-26T07:01:14.823",
"lastModified": "2025-02-26T07:01:14.823", "lastModified": "2025-04-17T20:43:37.670",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: soc: rockchip: Se ha corregido la p\u00e9rdida de recuento de referencias en rockchip_grf_init. of_find_matching_node_and_match devuelve un puntero de nodo con el recuento de referencias incrementado. Deber\u00edamos usar of_node_put() en \u00e9l cuando haya terminado. Se ha a\u00f1adido el error of_node_put() que falta para evitar la p\u00e9rdida de recuento de referencias." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: soc: rockchip: Se ha corregido la p\u00e9rdida de recuento de referencias en rockchip_grf_init. of_find_matching_node_and_match devuelve un puntero de nodo con el recuento de referencias incrementado. Deber\u00edamos usar of_node_put() en \u00e9l cuando haya terminado. Se ha a\u00f1adido el error of_node_put() que falta para evitar la p\u00e9rdida de recuento de referencias."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.11",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "FF98449F-152A-4015-820F-25898203A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.122",
"matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/042571fe1d171773655ad706715ecc865913d9a4", "url": "https://git.kernel.org/stable/c/042571fe1d171773655ad706715ecc865913d9a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/28133325526b92921f3269fdf97a20d90b92b217", "url": "https://git.kernel.org/stable/c/28133325526b92921f3269fdf97a20d90b92b217",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/5b3e990f85eb034faa461e691e719e8ce9e2a3c8", "url": "https://git.kernel.org/stable/c/5b3e990f85eb034faa461e691e719e8ce9e2a3c8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/69a30b2ed620c2206cbbd1e9c112e4fc584e02bd", "url": "https://git.kernel.org/stable/c/69a30b2ed620c2206cbbd1e9c112e4fc584e02bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8f64e84924604bb969ee1fbc4b8d7d09b9214889", "url": "https://git.kernel.org/stable/c/8f64e84924604bb969ee1fbc4b8d7d09b9214889",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9b59588d8be91c96bfb0371e912ceb4f16315dbf", "url": "https://git.kernel.org/stable/c/9b59588d8be91c96bfb0371e912ceb4f16315dbf",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/aab25b669cb9fd3698c2631be4435f4fe92d9e59", "url": "https://git.kernel.org/stable/c/aab25b669cb9fd3698c2631be4435f4fe92d9e59",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/d5422f323858cad3ac3581075f9a3a5e0d41c0d8", "url": "https://git.kernel.org/stable/c/d5422f323858cad3ac3581075f9a3a5e0d41c0d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

94
CVE-2022/CVE-2022-493xx/CVE-2022-49384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49384", "id": "CVE-2022-49384",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.007", "published": "2025-02-26T07:01:15.007",
"lastModified": "2025-02-26T07:01:15.007", "lastModified": "2025-04-17T20:46:22.857",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md: se corrige la doble liberaci\u00f3n de io_acct_set bioset Ahora io_acct_set est\u00e1 asignado y libre en la personalidad. Elimine los c\u00f3digos que liberan io_acct_set en md_free y md_stop." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md: se corrige la doble liberaci\u00f3n de io_acct_set bioset Ahora io_acct_set est\u00e1 asignado y libre en la personalidad. Elimine los c\u00f3digos que liberan io_acct_set en md_free y md_stop."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.17",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "AF862C56-763E-4CF4-815B-F3DE178BA5BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16.3",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "F4B0E194-E4BB-42EF-AD72-E601CF20599D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/36a2fc44c574a59ee3b5e2cb327182f227b2b07e", "url": "https://git.kernel.org/stable/c/36a2fc44c574a59ee3b5e2cb327182f227b2b07e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/42b805af102471f53e3c7867b8c2b502ea4eef7e", "url": "https://git.kernel.org/stable/c/42b805af102471f53e3c7867b8c2b502ea4eef7e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ea7d7bd90079d96f9c86bdaf0b106e0cd2a70661", "url": "https://git.kernel.org/stable/c/ea7d7bd90079d96f9c86bdaf0b106e0cd2a70661",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f99d5b5dc8a42c807b5f1176b925aa45d61962ab", "url": "https://git.kernel.org/stable/c/f99d5b5dc8a42c807b5f1176b925aa45d61962ab",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

106
CVE-2022/CVE-2022-493xx/CVE-2022-49386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49386", "id": "CVE-2022-49386",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.233", "published": "2025-02-26T07:01:15.233",
"lastModified": "2025-02-26T07:01:15.233", "lastModified": "2025-04-17T20:46:32.953",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,27 +15,117 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: ti: am65-cpsw-nuss: Se corrigen algunas fugas de refcount of_get_child_by_name() devuelve un puntero de nodo con refcount incrementado, deber\u00edamos usar of_node_put() en \u00e9l cuando ya no lo necesitemos. am65_cpsw_init_cpts() y am65_cpsw_nuss_probe() no liberan el refcount en caso de error. Agregue of_node_put() faltante para evitar la fuga de refcount." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet: ti: am65-cpsw-nuss: Se corrigen algunas fugas de refcount of_get_child_by_name() devuelve un puntero de nodo con refcount incrementado, deber\u00edamos usar of_node_put() en \u00e9l cuando ya no lo necesitemos. am65_cpsw_init_cpts() y am65_cpsw_nuss_probe() no liberan el refcount en caso de error. Agregue of_node_put() faltante para evitar la fuga de refcount."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.7",
"versionEndExcluding": "5.10.122",
"matchCriteriaId": "B3847246-7313-4AED-A858-E8131022F58E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/2e44f21c384503562713b7d3b673c40bed20af3d", "url": "https://git.kernel.org/stable/c/2e44f21c384503562713b7d3b673c40bed20af3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/5dd89d2fc438457811cbbec07999ce0d80051ff5", "url": "https://git.kernel.org/stable/c/5dd89d2fc438457811cbbec07999ce0d80051ff5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/78aca10a16f001c9f49f1cc4dadfee8d444bb173", "url": "https://git.kernel.org/stable/c/78aca10a16f001c9f49f1cc4dadfee8d444bb173",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a4b7ef3b159805ba6be061d0cd2403d84b9b0063", "url": "https://git.kernel.org/stable/c/a4b7ef3b159805ba6be061d0cd2403d84b9b0063",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f7ba2cc57f404d2d9f26fb85bd3833d35a477829", "url": "https://git.kernel.org/stable/c/f7ba2cc57f404d2d9f26fb85bd3833d35a477829",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

82
CVE-2022/CVE-2022-493xx/CVE-2022-49387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49387", "id": "CVE-2022-49387",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.343", "published": "2025-02-26T07:01:15.343",
"lastModified": "2025-02-26T07:01:15.343", "lastModified": "2025-04-17T20:46:46.433",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: watchdog: rzg2l_wdt: soluciona el problema de desbordamiento de 32 bits El valor de timer_cycle_us puede ser 0 debido al desbordamiento de 32 bits. Por ejemplo: si asignamos el valor del contador \"0xfff\" para calcular maxval. Este parche soluciona este problema a\u00f1adiendo ULL a 1024, de modo que se promueva a 64 bits. Este parche tambi\u00e9n soluciona el mensaje de advertencia, 'watchdog: Invalid min and max timeout values, resetting to 0!'." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: watchdog: rzg2l_wdt: soluciona el problema de desbordamiento de 32 bits El valor de timer_cycle_us puede ser 0 debido al desbordamiento de 32 bits. Por ejemplo: si asignamos el valor del contador \"0xfff\" para calcular maxval. Este parche soluciona este problema a\u00f1adiendo ULL a 1024, de modo que se promueva a 64 bits. Este parche tambi\u00e9n soluciona el mensaje de advertencia, 'watchdog: Invalid min and max timeout values, resetting to 0!'."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "A5433C40-FA2E-4DDC-BBD9-8C7F577788FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/b95a47667d34e76c2c9013f8e3b1e5039a5a0b76", "url": "https://git.kernel.org/stable/c/b95a47667d34e76c2c9013f8e3b1e5039a5a0b76",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/e07b9fa0dc32b492de85528caaf9f0c605d8424f", "url": "https://git.kernel.org/stable/c/e07b9fa0dc32b492de85528caaf9f0c605d8424f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ea2949df22a533cdf75e4583c00b1ce94cd5a83b", "url": "https://git.kernel.org/stable/c/ea2949df22a533cdf75e4583c00b1ce94cd5a83b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

161
CVE-2022/CVE-2022-493xx/CVE-2022-49389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49389", "id": "CVE-2022-49389",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.527", "published": "2025-02-26T07:01:15.527",
"lastModified": "2025-02-26T07:01:15.527", "lastModified": "2025-04-17T20:47:02.810",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,43 +15,180 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: usbip: se corrige una p\u00e9rdida de recuento de referencias en stub_probe(). Se llama a usb_get_dev() en stub_device_alloc(). Cuando stub_probe() falla despu\u00e9s de eso, se debe llamar a usb_put_dev() para liberar la referencia. Corrija esto moviendo usb_put_dev() a la gesti\u00f3n de la ruta de error sdev_free. Encuentre esto mediante la revisi\u00f3n del c\u00f3digo." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: usbip: se corrige una p\u00e9rdida de recuento de referencias en stub_probe(). Se llama a usb_get_dev() en stub_device_alloc(). Cuando stub_probe() falla despu\u00e9s de eso, se debe llamar a usb_put_dev() para liberar la referencia. Corrija esto moviendo usb_put_dev() a la gesti\u00f3n de la ruta de error sdev_free. Encuentre esto mediante la revisi\u00f3n del c\u00f3digo."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16.58",
"versionEndExcluding": "3.17",
"matchCriteriaId": "C1981AEB-4867-4AB9-8168-BAB8D6567131"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18.110",
"versionEndExcluding": "4.9.318",
"matchCriteriaId": "176B105C-69C3-48BA-9FEE-EDA73C23AD32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.122",
"matchCriteriaId": "1B42AA01-44D8-4572-95E6-FF8E374CF9C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "FC042EE3-4864-4325-BE0B-4BCDBF11AA61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/11c65408bd0ba1d9cd1307caa38169292de9cdfb", "url": "https://git.kernel.org/stable/c/11c65408bd0ba1d9cd1307caa38169292de9cdfb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/247d3809e45a34d9e1a3a2bb7012e31ed8b46031", "url": "https://git.kernel.org/stable/c/247d3809e45a34d9e1a3a2bb7012e31ed8b46031",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/2f0ae93ec33c8456cdfbf7876b80403a6318ebce", "url": "https://git.kernel.org/stable/c/2f0ae93ec33c8456cdfbf7876b80403a6318ebce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/51422046be504515eb5a591adf0f424b62f46804", "url": "https://git.kernel.org/stable/c/51422046be504515eb5a591adf0f424b62f46804",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/6bafee2f18af5e5ac125e42960bc65496d0e56a0", "url": "https://git.kernel.org/stable/c/6bafee2f18af5e5ac125e42960bc65496d0e56a0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8afb048800919d0ab10c57983940eba956339f21", "url": "https://git.kernel.org/stable/c/8afb048800919d0ab10c57983940eba956339f21",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9ec4cbf1cc55d126759051acfe328d489c5d6e60", "url": "https://git.kernel.org/stable/c/9ec4cbf1cc55d126759051acfe328d489c5d6e60",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/bcbb795a9e78180d74c6ab21518da87e803dfdce", "url": "https://git.kernel.org/stable/c/bcbb795a9e78180d74c6ab21518da87e803dfdce",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f20d2d3b3364ce6525c050a8b6b4c54c8c19674d", "url": "https://git.kernel.org/stable/c/f20d2d3b3364ce6525c050a8b6b4c54c8c19674d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

70
CVE-2022/CVE-2022-493xx/CVE-2022-49391.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49391", "id": "CVE-2022-49391",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.713", "published": "2025-02-26T07:01:15.713",
"lastModified": "2025-02-26T07:01:15.713", "lastModified": "2025-04-17T20:47:41.367",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,15 +15,75 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: remoteproc: mtk_scp: Se corrige una posible doble liberaci\u00f3n: 'scp->rproc' se asigna mediante devm_rproc_alloc(), por lo que no es necesario liberarlo expl\u00edcitamente en la funci\u00f3n de eliminaci\u00f3n." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: remoteproc: mtk_scp: Se corrige una posible doble liberaci\u00f3n: 'scp->rproc' se asigna mediante devm_rproc_alloc(), por lo que no es necesario liberarlo expl\u00edcitamente en la funci\u00f3n de eliminaci\u00f3n."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/adc02700236613b344a947a897fc2741d52a43b9", "url": "https://git.kernel.org/stable/c/adc02700236613b344a947a897fc2741d52a43b9",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/eac3e5b1c12f85732e60f5f8b985444d273866bb", "url": "https://git.kernel.org/stable/c/eac3e5b1c12f85732e60f5f8b985444d273866bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

94
CVE-2022/CVE-2022-493xx/CVE-2022-49392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49392", "id": "CVE-2022-49392",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:15.803", "published": "2025-02-26T07:01:15.803",
"lastModified": "2025-02-26T07:01:15.803", "lastModified": "2025-04-17T20:48:19.663",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: 8250_aspeed_vuart: Se solucion\u00f3 una posible desreferenciaci\u00f3n de NULL en aspeed_vuart_probe. platform_get_resource() puede fallar y devolver NULL, por lo que deber\u00edamos verificar mejor su valor de retorno para evitar una desreferenciaci\u00f3n de puntero NULL." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: 8250_aspeed_vuart: Se solucion\u00f3 una posible desreferenciaci\u00f3n de NULL en aspeed_vuart_probe. platform_get_resource() puede fallar y devolver NULL, por lo que deber\u00edamos verificar mejor su valor de retorno para evitar una desreferenciaci\u00f3n de puntero NULL."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.47",
"matchCriteriaId": "98F36895-C3DC-4DC5-A1C6-F68015C3F425"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.15",
"matchCriteriaId": "53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.4",
"matchCriteriaId": "FA6D643C-6D6A-4821-8A8D-B5776B8F0103"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0e0fd55719fa081de6f9e5d9e6cef48efb04d34a", "url": "https://git.kernel.org/stable/c/0e0fd55719fa081de6f9e5d9e6cef48efb04d34a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/90a6b6fc52bfdcfe9698454bf5bea26112abbcd1", "url": "https://git.kernel.org/stable/c/90a6b6fc52bfdcfe9698454bf5bea26112abbcd1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/923d34ce069e8e51a4d003caa6b66a8cd6ecd0ed", "url": "https://git.kernel.org/stable/c/923d34ce069e8e51a4d003caa6b66a8cd6ecd0ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/d5f1275f101e0e8a172d300d897f5a12e87e3485", "url": "https://git.kernel.org/stable/c/d5f1275f101e0e8a172d300d897f5a12e87e3485",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

154
CVE-2022/CVE-2022-493xx/CVE-2022-49395.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49395", "id": "CVE-2022-49395",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:16.080", "published": "2025-02-26T07:01:16.080",
"lastModified": "2025-02-26T07:01:16.080", "lastModified": "2025-04-17T20:48:39.660",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,43 +15,173 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: um: Se corrige la lectura fuera de los l\u00edmites en la configuraci\u00f3n de LDT syscall_stub_data() espera que el par\u00e1metro data_count sea el n\u00famero de longs, no bytes. ===================================================================== ERROR: KASAN: stack-out-of-bounds in syscall_stub_data+0x70/0xe0 Read of size 128 at addr 000000006411f6f0 by task swapper/1 CPU: 0 PID: 1 Comm: swapper Not tainted 5.18.0+ #18 Call Trace: show_stack.cold+0x166/0x2a7 __dump_stack+0x3a/0x43 dump_stack_lvl+0x1f/0x27 print_report.cold+0xdb/0xf81 kasan_report+0x119/0x1f0 kasan_check_range+0x3a3/0x440 memcpy+0x52/0x140 syscall_stub_data+0x70/0xe0 write_ldt_entry+0xac/0x190 init_new_ldt+0x515/0x960 init_new_context+0x2c4/0x4d0 mm_init.constprop.0+0x5ed/0x760 mm_alloc+0x118/0x170 0x60033f48 do_one_initcall+0x1d7/0x860 0x60003e7b kernel_init+0x6e/0x3d4 new_thread_handler+0x1e7/0x2c0 The buggy address belongs to stack of task swapper/1 and is located at offset 64 in frame: init_new_ldt+0x0/0x960 This frame has 2 objects: [32, 40) 'addr' [64, 80) 'desc' ==================================================================" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: um: Se corrige la lectura fuera de los l\u00edmites en la configuraci\u00f3n de LDT syscall_stub_data() espera que el par\u00e1metro data_count sea el n\u00famero de longs, no bytes. ===================================================================== ERROR: KASAN: stack-out-of-bounds in syscall_stub_data+0x70/0xe0 Read of size 128 at addr 000000006411f6f0 by task swapper/1 CPU: 0 PID: 1 Comm: swapper Not tainted 5.18.0+ #18 Call Trace: show_stack.cold+0x166/0x2a7 __dump_stack+0x3a/0x43 dump_stack_lvl+0x1f/0x27 print_report.cold+0xdb/0xf81 kasan_report+0x119/0x1f0 kasan_check_range+0x3a3/0x440 memcpy+0x52/0x140 syscall_stub_data+0x70/0xe0 write_ldt_entry+0xac/0x190 init_new_ldt+0x515/0x960 init_new_context+0x2c4/0x4d0 mm_init.constprop.0+0x5ed/0x760 mm_alloc+0x118/0x170 0x60033f48 do_one_initcall+0x1d7/0x860 0x60003e7b kernel_init+0x6e/0x3d4 new_thread_handler+0x1e7/0x2c0 The buggy address belongs to stack of task swapper/1 and is located at offset 64 in frame: init_new_ldt+0x0/0x960 This frame has 2 objects: [32, 40) 'addr' [64, 80) 'desc' =================================================================="
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.15",
"versionEndExcluding": "4.9.318",
"matchCriteriaId": "0DED0F6A-FC03-4637-B95D-CCE9C053BD2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.121",
"matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/10995a382271254bd276627ec74136da4a23c4a6", "url": "https://git.kernel.org/stable/c/10995a382271254bd276627ec74136da4a23c4a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/24ca648bf5f72ed8878cf09b5d4431935779681e", "url": "https://git.kernel.org/stable/c/24ca648bf5f72ed8878cf09b5d4431935779681e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/2a4a62a14be1947fa945c5c11ebf67326381a568", "url": "https://git.kernel.org/stable/c/2a4a62a14be1947fa945c5c11ebf67326381a568",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/3549ab4b962cf619e8c55484a0d870a34b3f845f", "url": "https://git.kernel.org/stable/c/3549ab4b962cf619e8c55484a0d870a34b3f845f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/668ca34a428d6ffc0f99a1a6a9b661a288d4183b", "url": "https://git.kernel.org/stable/c/668ca34a428d6ffc0f99a1a6a9b661a288d4183b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/91e5ba2af2d729d5126aefd5aa3eadc69b8426e5", "url": "https://git.kernel.org/stable/c/91e5ba2af2d729d5126aefd5aa3eadc69b8426e5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/9caad70819aef3431abaf73ba5163b55b161aba0", "url": "https://git.kernel.org/stable/c/9caad70819aef3431abaf73ba5163b55b161aba0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/cf0dabc37446c5ee538ae7b4c467ab0e53fa5463", "url": "https://git.kernel.org/stable/c/cf0dabc37446c5ee538ae7b4c467ab0e53fa5463",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ef1dc929a1e5fa1b2d842256db9fb8710d3be910", "url": "https://git.kernel.org/stable/c/ef1dc929a1e5fa1b2d842256db9fb8710d3be910",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

94
CVE-2022/CVE-2022-494xx/CVE-2022-49400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49400", "id": "CVE-2022-49400",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:16.570", "published": "2025-02-26T07:01:16.570",
"lastModified": "2025-02-26T07:01:16.570", "lastModified": "2025-04-17T20:49:08.000",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,23 +15,103 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md: No establezca mddev private en NULL en raid0 pers->free En el proceso de detenci\u00f3n normal, hace lo siguiente: do_md_stop | __md_stop (pers->free(); mddev->private=NULL) | md_free (free mddev) __md_stop establece mddev->private en NULL despu\u00e9s de pers->free. El dispositivo raid se detendr\u00e1 y la memoria mddev estar\u00e1 libre. Pero en reshape, no libera el mddev y mddev se seguir\u00e1 usando en el nuevo raid. En reshape, primero establece mddev->private en new_pers y luego ejecuta old_pers->free(). Ahora raid0 establece mddev->private en NULL en raid0_free. El nuevo raid ya no puede funcionar. Entrar\u00e1 en p\u00e1nico cuando desreferencia mddev->private debido a la desreferencia del puntero NULL. Puede entrar en p\u00e1nico de esta manera: [63010.814972] \u00a1ERROR del kernel en drivers/md/raid10.c:928! [63010.819778] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [63010.825011] CPU: 3 PID: 44437 Comm: md0_resync Kdump: loaded Not tainted 5.14.0-86.el9.x86_64 #1 [63010.833789] Hardware name: Dell Inc. PowerEdge R6415/07YXFK, BIOS 1.15.0 09/11/2020 [63010.841440] RIP: 0010:raise_barrier+0x161/0x170 [raid10] [63010.865508] RSP: 0018:ffffc312408bbc10 EFLAGS: 00010246 [63010.870734] RAX: 0000000000000000 RBX: ffffa00bf7d39800 RCX: 0000000000000000 [63010.877866] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa00bf7d39800 [63010.884999] RBP: 0000000000000000 R08: fffffa4945e74400 R09: 0000000000000000 [63010.892132] R10: ffffa00eed02f798 R11: 0000000000000000 R12: ffffa00bbc435200 [63010.899266] R13: ffffa00bf7d39800 R14: 0000000000000400 R15: 0000000000000003 [63010.906399] FS: 0000000000000000(0000) GS:ffffa00eed000000(0000) knlGS:0000000000000000 [63010.914485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [63010.920229] CR2: 00007f5cfbe99828 CR3: 0000000105efe000 CR4: 00000000003506e0 [63010.927363] Call Trace: [63010.929822] ? bio_reset+0xe/0x40 [63010.933144] ? raid10_alloc_init_r10buf+0x60/0xa0 [raid10] [63010.938629] raid10_sync_request+0x756/0x1610 [raid10] [63010.943770] md_do_sync.cold+0x3e4/0x94c [63010.947698] md_thread+0xab/0x160 [63010.951024] ? md_write_inc+0x50/0x50 [63010.954688] kthread+0x149/0x170 [63010.957923] ? set_kthread_struct+0x40/0x40 [63010.962107] ret_from_fork+0x22/0x30 Eliminar el c\u00f3digo que establece mddev->private en NULL en raid0 puede solucionar el problema." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md: No establezca mddev private en NULL en raid0 pers->free En el proceso de detenci\u00f3n normal, hace lo siguiente: do_md_stop | __md_stop (pers->free(); mddev->private=NULL) | md_free (free mddev) __md_stop establece mddev->private en NULL despu\u00e9s de pers->free. El dispositivo raid se detendr\u00e1 y la memoria mddev estar\u00e1 libre. Pero en reshape, no libera el mddev y mddev se seguir\u00e1 usando en el nuevo raid. En reshape, primero establece mddev->private en new_pers y luego ejecuta old_pers->free(). Ahora raid0 establece mddev->private en NULL en raid0_free. El nuevo raid ya no puede funcionar. Entrar\u00e1 en p\u00e1nico cuando desreferencia mddev->private debido a la desreferencia del puntero NULL. Puede entrar en p\u00e1nico de esta manera: [63010.814972] \u00a1ERROR del kernel en drivers/md/raid10.c:928! [63010.819778] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [63010.825011] CPU: 3 PID: 44437 Comm: md0_resync Kdump: loaded Not tainted 5.14.0-86.el9.x86_64 #1 [63010.833789] Hardware name: Dell Inc. PowerEdge R6415/07YXFK, BIOS 1.15.0 09/11/2020 [63010.841440] RIP: 0010:raise_barrier+0x161/0x170 [raid10] [63010.865508] RSP: 0018:ffffc312408bbc10 EFLAGS: 00010246 [63010.870734] RAX: 0000000000000000 RBX: ffffa00bf7d39800 RCX: 0000000000000000 [63010.877866] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa00bf7d39800 [63010.884999] RBP: 0000000000000000 R08: fffffa4945e74400 R09: 0000000000000000 [63010.892132] R10: ffffa00eed02f798 R11: 0000000000000000 R12: ffffa00bbc435200 [63010.899266] R13: ffffa00bf7d39800 R14: 0000000000000400 R15: 0000000000000003 [63010.906399] FS: 0000000000000000(0000) GS:ffffa00eed000000(0000) knlGS:0000000000000000 [63010.914485] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [63010.920229] CR2: 00007f5cfbe99828 CR3: 0000000105efe000 CR4: 00000000003506e0 [63010.927363] Call Trace: [63010.929822] ? bio_reset+0xe/0x40 [63010.933144] ? raid10_alloc_init_r10buf+0x60/0xa0 [raid10] [63010.938629] raid10_sync_request+0x756/0x1610 [raid10] [63010.943770] md_do_sync.cold+0x3e4/0x94c [63010.947698] md_thread+0xab/0x160 [63010.951024] ? md_write_inc+0x50/0x50 [63010.954688] kthread+0x149/0x170 [63010.957923] ? set_kthread_struct+0x40/0x40 [63010.962107] ret_from_fork+0x22/0x30 Eliminar el c\u00f3digo que establece mddev->private en NULL en raid0 puede solucionar el problema."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.17",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "AF862C56-763E-4CF4-815B-F3DE178BA5BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16.3",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "F4B0E194-E4BB-42EF-AD72-E601CF20599D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/0f2571ad7a30ff6b33cde142439f9378669f8b4f", "url": "https://git.kernel.org/stable/c/0f2571ad7a30ff6b33cde142439f9378669f8b4f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/7da3454a65f8a56e65dfb44fa0ccac08cbc2f5a1", "url": "https://git.kernel.org/stable/c/7da3454a65f8a56e65dfb44fa0ccac08cbc2f5a1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/b7a51df785031cc49caf1c59766ca89cfa97b54b", "url": "https://git.kernel.org/stable/c/b7a51df785031cc49caf1c59766ca89cfa97b54b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f63fd1e0e0fc158023cc67ea6a07e278019061ba", "url": "https://git.kernel.org/stable/c/f63fd1e0e0fc158023cc67ea6a07e278019061ba",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

82
CVE-2022/CVE-2022-494xx/CVE-2022-49403.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49403", "id": "CVE-2022-49403",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:16.847", "published": "2025-02-26T07:01:16.847",
"lastModified": "2025-02-26T07:01:16.847", "lastModified": "2025-04-17T20:28:43.913",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: lib/string_helpers: se ha corregido el problema de no a\u00f1adir strarray a la lista de recursos del dispositivo. Se a\u00f1ade el strarray asignado a la lista de recursos del dispositivo. Esto es imprescindible para liberar autom\u00e1ticamente strarray cuando el dispositivo desaparece. Sin esta correcci\u00f3n, tenemos una p\u00e9rdida de memoria en los pocos controladores que utilizan devm_kasprintf_strarray()." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: lib/string_helpers: se ha corregido el problema de no a\u00f1adir strarray a la lista de recursos del dispositivo. Se a\u00f1ade el strarray asignado a la lista de recursos del dispositivo. Esto es imprescindible para liberar autom\u00e1ticamente strarray cuando el dispositivo desaparece. Sin esta correcci\u00f3n, tenemos una p\u00e9rdida de memoria en los pocos controladores que utilizan devm_kasprintf_strarray()."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "C48ED8B1-C02B-4764-9298-070E29EF1F88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/a152eb42fcecfe41239c3c6695342f3a128593e7", "url": "https://git.kernel.org/stable/c/a152eb42fcecfe41239c3c6695342f3a128593e7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/bf29edab0c9ff3d2633b8306a67d04c357e2a385", "url": "https://git.kernel.org/stable/c/bf29edab0c9ff3d2633b8306a67d04c357e2a385",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/cd290a9839cee2f6641558877e707bd373c8f6f1", "url": "https://git.kernel.org/stable/c/cd290a9839cee2f6641558877e707bd373c8f6f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

154
CVE-2022/CVE-2022-494xx/CVE-2022-49404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49404", "id": "CVE-2022-49404",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:16.937", "published": "2025-02-26T07:01:16.937",
"lastModified": "2025-02-26T07:01:16.937", "lastModified": "2025-04-17T20:28:49.200",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,43 +15,173 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/hfi1: Se corrigen posibles errores de desbordamiento de multiplicaci\u00f3n de enteros Al multiplicar diferentes tipos, es posible que se produzca un desbordamiento incluso cuando se almacena el resultado en un tipo m\u00e1s grande. Esto se debe a que la conversi\u00f3n se realiza despu\u00e9s de la multiplicaci\u00f3n. Por lo tanto, es posible que se produzca un desbordamiento aritm\u00e9tico y, por lo tanto, un valor incorrecto. Corrija una instancia de esto en el c\u00e1lculo del retraso entre paquetes. Solucione asegur\u00e1ndose de que uno de los operandos sea u64, lo que promover\u00e1 el otro a u64 y tambi\u00e9n garantizar\u00e1 que no haya desbordamiento." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/hfi1: Se corrigen posibles errores de desbordamiento de multiplicaci\u00f3n de enteros Al multiplicar diferentes tipos, es posible que se produzca un desbordamiento incluso cuando se almacena el resultado en un tipo m\u00e1s grande. Esto se debe a que la conversi\u00f3n se realiza despu\u00e9s de la multiplicaci\u00f3n. Por lo tanto, es posible que se produzca un desbordamiento aritm\u00e9tico y, por lo tanto, un valor incorrecto. Corrija una instancia de esto en el c\u00e1lculo del retraso entre paquetes. Solucione asegur\u00e1ndose de que uno de los operandos sea u64, lo que promover\u00e1 el otro a u64 y tambi\u00e9n garantizar\u00e1 que no haya desbordamiento."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.3",
"versionEndExcluding": "4.9.318",
"matchCriteriaId": "F1C012DB-8F29-4B2B-BD28-40BDE97C3304"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.283",
"matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.121",
"matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/06039d8afefdbac05bcea5f397188407eba2996d", "url": "https://git.kernel.org/stable/c/06039d8afefdbac05bcea5f397188407eba2996d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/252f4afd4557a2e7075f793a5c80fe6dd9e9ee4a", "url": "https://git.kernel.org/stable/c/252f4afd4557a2e7075f793a5c80fe6dd9e9ee4a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/31dca00d0cc9f4133320d72eb7e3720badc6d6e6", "url": "https://git.kernel.org/stable/c/31dca00d0cc9f4133320d72eb7e3720badc6d6e6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/3f09ec80f115d2875d747ed28adc1773037e0f8b", "url": "https://git.kernel.org/stable/c/3f09ec80f115d2875d747ed28adc1773037e0f8b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/79c164e61f818054cd6012e9035701840d895c51", "url": "https://git.kernel.org/stable/c/79c164e61f818054cd6012e9035701840d895c51",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/8858284dd74906fa00f04f0252c75df4893a7959", "url": "https://git.kernel.org/stable/c/8858284dd74906fa00f04f0252c75df4893a7959",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/a89cb7ddf6a89bab6012e19da38b7cdb26175c19", "url": "https://git.kernel.org/stable/c/a89cb7ddf6a89bab6012e19da38b7cdb26175c19",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ef5ab2e48a5f9960e2352332b7cdb7064bb49032", "url": "https://git.kernel.org/stable/c/ef5ab2e48a5f9960e2352332b7cdb7064bb49032",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f93e91a0372c922c20d5bee260b0f43b4b8a1bee", "url": "https://git.kernel.org/stable/c/f93e91a0372c922c20d5bee260b0f43b4b8a1bee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

82
CVE-2022/CVE-2022-494xx/CVE-2022-49406.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49406", "id": "CVE-2022-49406",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.123", "published": "2025-02-26T07:01:17.123",
"lastModified": "2025-02-26T07:01:17.123", "lastModified": "2025-04-17T20:29:18.050",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: block: Fix potential deadlock in blk_ia_range_sysfs_show() Cuando se lee, un atributo sysfs ya est\u00e1 protegido contra la eliminaci\u00f3n con el contador de referencia activo del nodo kobject. Como resultado, en blk_ia_range_sysfs_show(), no es necesario tomar el bloqueo sysfs de la cola al leer el valor de un atributo de rango. El uso del bloqueo de cola sysfs en esta funci\u00f3n crea una posible situaci\u00f3n de bloqueo con la eliminaci\u00f3n del disco, algo que un lockdep se\u00f1ala con un splat cuando se elimina el dispositivo: [ 760.703551] Posible escenario de bloqueo inseguro: [ 760.703551] [ 760.703554] CPU0 CPU1 [ 760.703556] ---- ---- [ 760.703558] lock(&q->sysfs_lock); [ 760.703565] lock(kn->active#385); [ 760.703573] lock(&q->sysfs_lock); [ 760.703579] lock(kn->active#385); [ 760.703587] [ 760.703587] *** DEADLOCK *** Solve this by removing the mutex_lock()/mutex_unlock() calls from blk_ia_range_sysfs_show(). " "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: block: Fix potential deadlock in blk_ia_range_sysfs_show() Cuando se lee, un atributo sysfs ya est\u00e1 protegido contra la eliminaci\u00f3n con el contador de referencia activo del nodo kobject. Como resultado, en blk_ia_range_sysfs_show(), no es necesario tomar el bloqueo sysfs de la cola al leer el valor de un atributo de rango. El uso del bloqueo de cola sysfs en esta funci\u00f3n crea una posible situaci\u00f3n de bloqueo con la eliminaci\u00f3n del disco, algo que un lockdep se\u00f1ala con un splat cuando se elimina el dispositivo: [ 760.703551] Posible escenario de bloqueo inseguro: [ 760.703551] [ 760.703554] CPU0 CPU1 [ 760.703556] ---- ---- [ 760.703558] lock(&q->sysfs_lock); [ 760.703565] lock(kn->active#385); [ 760.703573] lock(&q->sysfs_lock); [ 760.703579] lock(kn->active#385); [ 760.703587] [ 760.703587] *** DEADLOCK *** Solve this by removing the mutex_lock()/mutex_unlock() calls from blk_ia_range_sysfs_show(). "
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/41e46b3c2aa24f755b2ae9ec4ce931ba5f0d8532", "url": "https://git.kernel.org/stable/c/41e46b3c2aa24f755b2ae9ec4ce931ba5f0d8532",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/717b078bc745ba9a262abebed9806a17e8bbb77b", "url": "https://git.kernel.org/stable/c/717b078bc745ba9a262abebed9806a17e8bbb77b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/dc107c805cde709866b59867ef72b9390199205e", "url": "https://git.kernel.org/stable/c/dc107c805cde709866b59867ef72b9390199205e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

82
CVE-2022/CVE-2022-494xx/CVE-2022-49408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49408", "id": "CVE-2022-49408",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.323", "published": "2025-02-26T07:01:17.323",
"lastModified": "2025-02-26T07:01:17.323", "lastModified": "2025-04-17T20:29:52.707",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,19 +15,89 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: se corrige la p\u00e9rdida de memoria en parse_apply_sb_mount_options() Si el procesamiento de las opciones de montaje en disco falla despu\u00e9s de que se haya asignado memoria en ext4_fs_context, por ejemplo, s_qf_names, entonces se produce una p\u00e9rdida de memoria. Corrija esto llamando a ext4_fc_free() en lugar de kfree() directamente. Reproductor: mkfs.ext4 -F /dev/vdc tune2fs /dev/vdc -E mount_opts=usrjquota=file echo clear > /sys/kernel/debug/kmemleak mount /dev/vdc /vdc echo scan > /sys/kernel/debug/kmemleak sleep 5 echo scan > /sys/kernel/debug/kmemleak cat /sys/kernel/debug/kmemleak" "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: se corrige la p\u00e9rdida de memoria en parse_apply_sb_mount_options() Si el procesamiento de las opciones de montaje en disco falla despu\u00e9s de que se haya asignado memoria en ext4_fs_context, por ejemplo, s_qf_names, entonces se produce una p\u00e9rdida de memoria. Corrija esto llamando a ext4_fc_free() en lugar de kfree() directamente. Reproductor: mkfs.ext4 -F /dev/vdc tune2fs /dev/vdc -E mount_opts=usrjquota=file echo clear > /sys/kernel/debug/kmemleak mount /dev/vdc /vdc echo scan > /sys/kernel/debug/kmemleak sleep 5 echo scan > /sys/kernel/debug/kmemleak cat /sys/kernel/debug/kmemleak"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "C48ED8B1-C02B-4764-9298-070E29EF1F88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/9ea3e6168948189cec31d0678d2b55b395f88491", "url": "https://git.kernel.org/stable/c/9ea3e6168948189cec31d0678d2b55b395f88491",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/c069db76ed7b681c69159f44be96d2137e9ca989", "url": "https://git.kernel.org/stable/c/c069db76ed7b681c69159f44be96d2137e9ca989",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f92ded66e9d0aa20b883a2a5183973abc8f41815", "url": "https://git.kernel.org/stable/c/f92ded66e9d0aa20b883a2a5183973abc8f41815",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

130
CVE-2022/CVE-2022-494xx/CVE-2022-49410.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49410", "id": "CVE-2022-49410",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.517", "published": "2025-02-26T07:01:17.517",
"lastModified": "2025-02-26T07:01:17.517", "lastModified": "2025-04-17T20:31:34.340",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,35 +15,145 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: seguimiento: Se corrige la posible doble liberaci\u00f3n en create_var_ref() En create_var_ref(), se llama a init_var_ref() para inicializar los campos de la variable ref_field, que se asigna en la llamada de funci\u00f3n anterior a create_hist_field(). La funci\u00f3n init_var_ref() asigna los campos correspondientes, como ref_field->system, pero libera estos campos cuando la funci\u00f3n encuentra un error. El llamador luego llama a destroy_hist_field() para realizar la gesti\u00f3n de errores, que libera los campos y la variable misma. Esto da como resultado una doble liberaci\u00f3n de los campos que ya est\u00e1n liberados en la funci\u00f3n anterior. Corrija esto almacenando NULL en los campos correspondientes cuando se liberan en init_var_ref()." "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: seguimiento: Se corrige la posible doble liberaci\u00f3n en create_var_ref() En create_var_ref(), se llama a init_var_ref() para inicializar los campos de la variable ref_field, que se asigna en la llamada de funci\u00f3n anterior a create_hist_field(). La funci\u00f3n init_var_ref() asigna los campos correspondientes, como ref_field->system, pero libera estos campos cuando la funci\u00f3n encuentra un error. El llamador luego llama a destroy_hist_field() para realizar la gesti\u00f3n de errores, que libera los campos y la variable misma. Esto da como resultado una doble liberaci\u00f3n de los campos que ya est\u00e1n liberados en la funci\u00f3n anterior. Corrija esto almacenando NULL en los campos correspondientes cuando se liberan en init_var_ref()."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "4.19.247",
"matchCriteriaId": "1D618A3C-AEC5-4520-BBDB-002AC8CA3FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.198",
"matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.121",
"matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/058cb6d86b9789377216c936506b346aaa1eb581", "url": "https://git.kernel.org/stable/c/058cb6d86b9789377216c936506b346aaa1eb581",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/37443b3508b8cce6832f8d25cb4550b2f7801f50", "url": "https://git.kernel.org/stable/c/37443b3508b8cce6832f8d25cb4550b2f7801f50",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/4fdfb15e08598711dbf50daf56a33965232daf0e", "url": "https://git.kernel.org/stable/c/4fdfb15e08598711dbf50daf56a33965232daf0e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/99696a2592bca641eb88cc9a80c90e591afebd0f", "url": "https://git.kernel.org/stable/c/99696a2592bca641eb88cc9a80c90e591afebd0f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/bd83ff3bbfb003832481c9bff999d12385f396ae", "url": "https://git.kernel.org/stable/c/bd83ff3bbfb003832481c9bff999d12385f396ae",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/c27f744ceefadc7bbeb14233b6abc150ced617d2", "url": "https://git.kernel.org/stable/c/c27f744ceefadc7bbeb14233b6abc150ced617d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f8b383f83cb573152c577eca1ef101e89995b72a", "url": "https://git.kernel.org/stable/c/f8b383f83cb573152c577eca1ef101e89995b72a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

118
CVE-2022/CVE-2022-494xx/CVE-2022-49414.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-49414", "id": "CVE-2022-49414",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-02-26T07:01:17.890", "published": "2025-02-26T07:01:17.890",
"lastModified": "2025-02-26T07:01:17.890", "lastModified": "2025-04-17T20:35:12.403",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -15,31 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: se corrige la condici\u00f3n de ejecuci\u00f3n entre ext4_write y ext4_convert_inline_data Hulk Robot inform\u00f3 de un BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_generate_buddy:805: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free clusters kernel BUG at fs/ext4/ext4_jbd2.c:53! invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 0 PID: 25371 Comm: syz-executor.3 Not tainted 5.10.0+ #1 RIP: 0010:ext4_put_nojournal fs/ext4/ext4_jbd2.c:53 [inline] RIP: 0010:__ext4_journal_stop+0x10e/0x110 fs/ext4/ext4_jbd2.c:116 [...] Call Trace: ext4_write_inline_data_end+0x59a/0x730 fs/ext4/inline.c:795 generic_perform_write+0x279/0x3c0 mm/filemap.c:3344 ext4_buffered_write_iter+0x2e3/0x3d0 fs/ext4/file.c:270 ext4_file_write_iter+0x30a/0x11c0 fs/ext4/file.c:520 do_iter_readv_writev+0x339/0x3c0 fs/read_write.c:732 do_iter_write+0x107/0x430 fs/read_write.c:861 vfs_writev fs/read_write.c:934 [inline] do_pwritev+0x1e5/0x380 fs/read_write.c:1031 [...] ================================================================== Above issue may happen as follows: cpu1 cpu2 __________________________|__________________________ do_pwritev vfs_writev do_iter_write ext4_file_write_iter ext4_buffered_write_iter generic_perform_write ext4_da_write_begin vfs_fallocate ext4_fallocate ext4_convert_inline_data ext4_convert_inline_data_nolock ext4_destroy_inline_data_nolock clear EXT4_STATE_MAY_INLINE_DATA ext4_map_blocks ext4_ext_map_blocks ext4_mb_new_blocks ext4_mb_regular_allocator ext4_mb_good_group_nolock ext4_mb_init_group ext4_mb_init_cache ext4_mb_generate_buddy --> error ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA) ext4_restore_inline_data set EXT4_STATE_MAY_INLINE_DATA ext4_block_write_begin ext4_da_write_end ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA) ext4_write_inline_data_end handle=NULL ext4_journal_stop(handle) __ext4_journal_stop ext4_put_nojournal(handle) ref_cnt = (unsigned long)handle BUG_ON(ref_cnt == 0) ---> BUG_ON The lock held by ext4_convert_inline_data is xattr_sem, but the lock held by generic_perform_write is i_rwsem. Therefore, the two locks can be concurrent. To solve above issue, we add inode_lock() for ext4_convert_inline_data(). At the same time, move ext4_convert_inline_data() in front of ext4_punch_hole(), remove similar handling from ext4_punch_hole(). " "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: se corrige la condici\u00f3n de ejecuci\u00f3n entre ext4_write y ext4_convert_inline_data Hulk Robot inform\u00f3 de un BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_generate_buddy:805: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free clusters kernel BUG at fs/ext4/ext4_jbd2.c:53! invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 0 PID: 25371 Comm: syz-executor.3 Not tainted 5.10.0+ #1 RIP: 0010:ext4_put_nojournal fs/ext4/ext4_jbd2.c:53 [inline] RIP: 0010:__ext4_journal_stop+0x10e/0x110 fs/ext4/ext4_jbd2.c:116 [...] Call Trace: ext4_write_inline_data_end+0x59a/0x730 fs/ext4/inline.c:795 generic_perform_write+0x279/0x3c0 mm/filemap.c:3344 ext4_buffered_write_iter+0x2e3/0x3d0 fs/ext4/file.c:270 ext4_file_write_iter+0x30a/0x11c0 fs/ext4/file.c:520 do_iter_readv_writev+0x339/0x3c0 fs/read_write.c:732 do_iter_write+0x107/0x430 fs/read_write.c:861 vfs_writev fs/read_write.c:934 [inline] do_pwritev+0x1e5/0x380 fs/read_write.c:1031 [...] ================================================================== Above issue may happen as follows: cpu1 cpu2 __________________________|__________________________ do_pwritev vfs_writev do_iter_write ext4_file_write_iter ext4_buffered_write_iter generic_perform_write ext4_da_write_begin vfs_fallocate ext4_fallocate ext4_convert_inline_data ext4_convert_inline_data_nolock ext4_destroy_inline_data_nolock clear EXT4_STATE_MAY_INLINE_DATA ext4_map_blocks ext4_ext_map_blocks ext4_mb_new_blocks ext4_mb_regular_allocator ext4_mb_good_group_nolock ext4_mb_init_group ext4_mb_init_cache ext4_mb_generate_buddy --> error ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA) ext4_restore_inline_data set EXT4_STATE_MAY_INLINE_DATA ext4_block_write_begin ext4_da_write_end ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA) ext4_write_inline_data_end handle=NULL ext4_journal_stop(handle) __ext4_journal_stop ext4_put_nojournal(handle) ref_cnt = (unsigned long)handle BUG_ON(ref_cnt == 0) ---> BUG_ON The lock held by ext4_convert_inline_data is xattr_sem, but the lock held by generic_perform_write is i_rwsem. Therefore, the two locks can be concurrent. To solve above issue, we add inode_lock() for ext4_convert_inline_data(). At the same time, move ext4_convert_inline_data() in front of ext4_punch_hole(), remove similar handling from ext4_punch_hole(). "
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8",
"versionEndExcluding": "5.4.207",
"matchCriteriaId": "109BCDD7-33F8-40BE-B77A-E1C42BACBB08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.132",
"matchCriteriaId": "46CE9FE9-22E3-45CA-8B5F-190C2CAFC5CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.46",
"matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://git.kernel.org/stable/c/14602353b350950b551eccc6b46411aa3b12ffe2", "url": "https://git.kernel.org/stable/c/14602353b350950b551eccc6b46411aa3b12ffe2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/18881d7e517169193d9ef6c89c7f322e3e164277", "url": "https://git.kernel.org/stable/c/18881d7e517169193d9ef6c89c7f322e3e164277",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/725e00cb7039eae291890f1bb19bc867176745f6", "url": "https://git.kernel.org/stable/c/725e00cb7039eae291890f1bb19bc867176745f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/91f90b571f1a23f5b8a9c2b68a9aa5d6981a3c3d", "url": "https://git.kernel.org/stable/c/91f90b571f1a23f5b8a9c2b68a9aa5d6981a3c3d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/ccc6639f831bee91aa8b41c8a1cdd020ecfb9f32", "url": "https://git.kernel.org/stable/c/ccc6639f831bee91aa8b41c8a1cdd020ecfb9f32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://git.kernel.org/stable/c/f87c7a4b084afc13190cbb263538e444cb2b392a", "url": "https://git.kernel.org/stable/c/f87c7a4b084afc13190cbb263538e444cb2b392a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
} }
] ]
} }

12
CVE-2023/CVE-2023-234xx/CVE-2023-23443.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23443", "id": "CVE-2023-23443",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:08.883", "published": "2023-12-29T04:15:08.883",
"lastModified": "2024-11-21T07:46:12.430", "lastModified": "2025-04-17T21:15:46.160",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-843" "value": "CWE-843"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-312xx/CVE-2023-31292.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31292", "id": "CVE-2023-31292",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T02:15:44.983", "published": "2023-12-29T02:15:44.983",
"lastModified": "2024-11-21T08:01:44.307", "lastModified": "2025-04-17T21:15:46.297",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-287" "value": "CWE-287"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-313xx/CVE-2023-31300.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31300", "id": "CVE-2023-31300",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T06:15:43.633", "published": "2023-12-29T06:15:43.633",
"lastModified": "2024-11-21T08:01:45.447", "lastModified": "2025-04-17T21:15:46.467",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-319" "value": "CWE-319"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-348xx/CVE-2023-34829.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34829", "id": "CVE-2023-34829",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-28T03:15:07.587", "published": "2023-12-28T03:15:07.587",
"lastModified": "2024-11-21T08:07:35.777", "lastModified": "2025-04-17T21:15:46.723",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-319" "value": "CWE-319"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-506xx/CVE-2023-50651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50651", "id": "CVE-2023-50651",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-30T17:15:08.080", "published": "2023-12-30T17:15:08.080",
"lastModified": "2024-11-21T08:37:07.490", "lastModified": "2025-04-17T20:15:25.913",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-78" "value": "CWE-78"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-506xx/CVE-2023-50692.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50692", "id": "CVE-2023-50692",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-28T06:15:44.400", "published": "2023-12-28T06:15:44.400",
"lastModified": "2024-11-21T08:37:09.230", "lastModified": "2025-04-17T21:15:47.140",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-434" "value": "CWE-434"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-510xx/CVE-2023-51018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51018", "id": "CVE-2023-51018",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T19:15:09.587", "published": "2023-12-22T19:15:09.587",
"lastModified": "2024-11-21T08:37:42.717", "lastModified": "2025-04-17T21:15:47.410",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo" "value": "NVD-CWE-noinfo"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-510xx/CVE-2023-51075.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51075", "id": "CVE-2023-51075",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-27T21:15:08.300", "published": "2023-12-27T21:15:08.300",
"lastModified": "2024-11-21T08:37:48.420", "lastModified": "2025-04-17T21:15:47.590",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-835" "value": "CWE-835"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
} }
], ],
"configurations": [ "configurations": [

12
CVE-2023/CVE-2023-514xx/CVE-2023-51435.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51435", "id": "CVE-2023-51435",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:10.677", "published": "2023-12-29T04:15:10.677",
"lastModified": "2024-11-21T08:38:06.647", "lastModified": "2025-04-17T21:15:47.927",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-269" "value": "CWE-269"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
} }
], ],
"configurations": [ "configurations": [

32
CVE-2023/CVE-2023-522xx/CVE-2023-52265.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52265", "id": "CVE-2023-52265",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-30T23:15:42.620", "published": "2023-12-30T23:15:42.620",
"lastModified": "2024-11-21T08:39:29.217", "lastModified": "2025-04-17T20:15:26.133",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 2.3,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"configurations": [ "configurations": [

4
CVE-2023/CVE-2023-530xx/CVE-2023-53034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-53034", "id": "CVE-2023-53034",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-16T15:15:52.717", "published": "2025-04-16T15:15:52.717",
"lastModified": "2025-04-16T15:15:52.717", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

22
CVE-2023/CVE-2023-59xx/CVE-2023-5980.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5980", "id": "CVE-2023-5980",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-26T19:15:08.167", "published": "2023-12-26T19:15:08.167",
"lastModified": "2024-11-21T08:42:54.650", "lastModified": "2025-04-17T21:15:48.250",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.7, "exploitabilityScore": 1.7,
"impactScore": 2.7 "impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
} }
] ]
}, },

4
CVE-2024/CVE-2024-119xx/CVE-2024-11924.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11924", "id": "CVE-2024-11924",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-17T06:15:42.460", "published": "2025-04-17T06:15:42.460",
"lastModified": "2025-04-17T16:15:27.233", "lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-125xx/CVE-2024-12530.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-12530", "id": "CVE-2024-12530",
"sourceIdentifier": "security@opentext.com", "sourceIdentifier": "security@opentext.com",
"published": "2025-04-17T16:15:27.360", "published": "2025-04-17T16:15:27.360",
"lastModified": "2025-04-17T16:15:27.360", "lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-139xx/CVE-2024-13925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-13925", "id": "CVE-2024-13925",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-17T06:15:43.590", "published": "2025-04-17T06:15:43.590",
"lastModified": "2025-04-17T06:15:43.590", "lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-223xx/CVE-2024-22314.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22314", "id": "CVE-2024-22314",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-04-16T17:15:48.470", "published": "2025-04-16T17:15:48.470",
"lastModified": "2025-04-16T17:15:48.470", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

51
CVE-2024/CVE-2024-25xx/CVE-2024-2589.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2589", "id": "CVE-2024-2589",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.230", "published": "2024-03-18T14:15:11.230",
"lastModified": "2024-11-21T09:10:04.563", "lastModified": "2025-04-17T21:16:27.787",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2590", "id": "CVE-2024-2590",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.517", "published": "2024-03-18T14:15:11.517",
"lastModified": "2024-11-21T09:10:04.693", "lastModified": "2025-04-17T21:16:44.343",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2591", "id": "CVE-2024-2591",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.747", "published": "2024-03-18T14:15:11.747",
"lastModified": "2024-11-21T09:10:04.807", "lastModified": "2025-04-17T21:16:55.570",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2592.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2592", "id": "CVE-2024-2592",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:11.987", "published": "2024-03-18T14:15:11.987",
"lastModified": "2024-11-21T09:10:04.923", "lastModified": "2025-04-17T21:17:02.640",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.2 "impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2593.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2593", "id": "CVE-2024-2593",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.233", "published": "2024-03-18T14:15:12.233",
"lastModified": "2024-11-21T09:10:05.037", "lastModified": "2025-04-17T21:17:09.140",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2594.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2594", "id": "CVE-2024-2594",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.463", "published": "2024-03-18T14:15:12.463",
"lastModified": "2024-11-21T09:10:05.157", "lastModified": "2025-04-17T21:02:41.620",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2595.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2595", "id": "CVE-2024-2595",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.673", "published": "2024-03-18T14:15:12.673",
"lastModified": "2024-11-21T09:10:05.273", "lastModified": "2025-04-17T21:03:39.607",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2596.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2596", "id": "CVE-2024-2596",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:12.893", "published": "2024-03-18T14:15:12.893",
"lastModified": "2024-11-21T09:10:05.403", "lastModified": "2025-04-17T21:04:00.343",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2597", "id": "CVE-2024-2597",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.140", "published": "2024-03-18T14:15:13.140",
"lastModified": "2024-11-21T09:10:05.537", "lastModified": "2025-04-17T21:04:11.663",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2598.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2598", "id": "CVE-2024-2598",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.383", "published": "2024-03-18T14:15:13.383",
"lastModified": "2024-11-21T09:10:05.653", "lastModified": "2025-04-17T21:04:23.220",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 3.7 "impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2024/CVE-2024-25xx/CVE-2024-2599.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2599", "id": "CVE-2024-2599",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-03-18T14:15:13.643", "published": "2024-03-18T14:15:13.643",
"lastModified": "2024-11-21T09:10:05.773", "lastModified": "2025-04-17T21:05:00.977",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 3.1, "exploitabilityScore": 3.1,
"impactScore": 6.0 "impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
} }
] ]
}, },
@ -51,14 +71,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amss\\+\\+_project:amss\\+\\+:4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "7923653C-8517-4869-A02F-4DC8AA1DAB6B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amssplus-amss",
"source": "af854a3a-2127-422b-91ae-364da2661108" "source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2024/CVE-2024-400xx/CVE-2024-40068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40068", "id": "CVE-2024-40068",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.630", "published": "2025-04-16T17:15:48.630",
"lastModified": "2025-04-16T21:15:44.650", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

45
CVE-2024/CVE-2024-400xx/CVE-2024-40069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40069", "id": "CVE-2024-40069",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.743", "published": "2025-04-16T17:15:48.743",
"lastModified": "2025-04-16T17:15:48.743", "lastModified": "2025-04-17T21:15:48.580",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -11,11 +11,50 @@
"value": "Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'." "value": "Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug7-XSS-firstname-lastname.md", "url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug7-XSS-firstname-lastname.md",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://github.com/DiliLearngent/BugReport/blob/main/php/Online-ID-Generator-System/bug7-XSS-firstname-lastname.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

4
CVE-2024/CVE-2024-400xx/CVE-2024-40070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40070", "id": "CVE-2024-40070",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.847", "published": "2025-04-16T17:15:48.847",
"lastModified": "2025-04-16T21:15:45.217", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-400xx/CVE-2024-40071.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40071", "id": "CVE-2024-40071",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:48.957", "published": "2025-04-16T17:15:48.957",
"lastModified": "2025-04-16T17:15:48.957", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-400xx/CVE-2024-40072.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40072", "id": "CVE-2024-40072",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:49.063", "published": "2025-04-16T17:15:49.063",
"lastModified": "2025-04-16T17:15:49.063", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-400xx/CVE-2024-40073.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40073", "id": "CVE-2024-40073",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:49.170", "published": "2025-04-16T17:15:49.170",
"lastModified": "2025-04-16T17:15:49.170", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-400xx/CVE-2024-40074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40074", "id": "CVE-2024-40074",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T17:15:49.270", "published": "2025-04-16T17:15:49.270",
"lastModified": "2025-04-16T17:15:49.270", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-401xx/CVE-2024-40124.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40124", "id": "CVE-2024-40124",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T17:15:31.853", "published": "2025-04-17T17:15:31.853",
"lastModified": "2025-04-17T17:15:31.853", "lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

56
CVE-2024/CVE-2024-421xx/CVE-2024-42177.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42177",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-04-17T20:15:26.513",
"lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL MyXalytics is affected by SSL\u2215TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Attackers can exploit the weakness in the ciphers to intercept and decrypt encrypted data, steal sensitive information, or inject malicious code into the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 2.6,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120504",
"source": "psirt@hcl.com"
}
]
}

4
CVE-2024/CVE-2024-533xx/CVE-2024-53303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53303", "id": "CVE-2024-53303",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T18:16:03.417", "published": "2025-04-16T18:16:03.417",
"lastModified": "2025-04-17T15:15:53.857", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-533xx/CVE-2024-53304.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53304", "id": "CVE-2024-53304",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T18:16:03.540", "published": "2025-04-16T18:16:03.540",
"lastModified": "2025-04-16T21:15:45.497", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-533xx/CVE-2024-53305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53305", "id": "CVE-2024-53305",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T18:16:03.657", "published": "2025-04-16T18:16:03.657",
"lastModified": "2025-04-16T21:15:45.643", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-539xx/CVE-2024-53924.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-53924", "id": "CVE-2024-53924",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T18:15:47.603", "published": "2025-04-17T18:15:47.603",
"lastModified": "2025-04-17T18:15:47.603", "lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-552xx/CVE-2024-55211.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55211", "id": "CVE-2024-55211",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T18:15:47.810", "published": "2025-04-17T18:15:47.810",
"lastModified": "2025-04-17T19:15:59.653", "lastModified": "2025-04-17T20:21:05.203",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

20
CVE-2024/CVE-2024-552xx/CVE-2024-55238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55238", "id": "CVE-2024-55238",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T16:15:27.780", "published": "2025-04-17T16:15:27.780",
"lastModified": "2025-04-17T16:15:27.780", "lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -35,6 +35,18 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904", "url": "https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904",
@ -47,6 +59,10 @@
{ {
"url": "https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4247", "url": "https://github.com/open-metadata/OpenMetadata/blob/98945cb2db87ebb325d3a72131f049abffcba345/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/CollectionDAO.java#L4247",
"source": "cve@mitre.org" "source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/javadk/68c597cdb94768dab31a3219c2ad9904",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
} }
] ]
} }

4
CVE-2024/CVE-2024-553xx/CVE-2024-55371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55371", "id": "CVE-2024-55371",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:45.790", "published": "2025-04-16T21:15:45.790",
"lastModified": "2025-04-17T14:15:25.700", "lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-553xx/CVE-2024-55372.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-55372", "id": "CVE-2024-55372",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-16T21:15:45.897", "published": "2025-04-16T21:15:45.897",
"lastModified": "2025-04-17T14:15:26.120", "lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-565xx/CVE-2024-56518.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56518", "id": "CVE-2024-56518",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2025-04-17T16:15:27.900", "published": "2025-04-17T16:15:27.900",
"lastModified": "2025-04-17T16:15:27.900", "lastModified": "2025-04-17T20:21:48.243",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

34
CVE-2024/CVE-2024-565xx/CVE-2024-56553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56553", "id": "CVE-2024-56553",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:14.073", "published": "2024-12-27T15:15:14.073",
"lastModified": "2025-01-15T18:35:51.337", "lastModified": "2025-04-17T21:15:48.740",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-565xx/CVE-2024-56572.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56572", "id": "CVE-2024-56572",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:16.210", "published": "2024-12-27T15:15:16.210",
"lastModified": "2025-01-14T15:46:25.400", "lastModified": "2025-04-17T21:15:48.907",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-566xx/CVE-2024-56643.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56643", "id": "CVE-2024-56643",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-27T15:15:24.040", "published": "2024-12-27T15:15:24.040",
"lastModified": "2025-01-06T17:14:41.813", "lastModified": "2025-04-17T21:15:49.070",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56710.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56710", "id": "CVE-2024-56710",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T09:15:05.970", "published": "2024-12-29T09:15:05.970",
"lastModified": "2025-01-06T17:13:00.090", "lastModified": "2025-04-17T21:15:49.263",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56712.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56712", "id": "CVE-2024-56712",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T09:15:06.250", "published": "2024-12-29T09:15:06.250",
"lastModified": "2025-01-06T17:11:48.987", "lastModified": "2025-04-17T21:15:49.417",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

4
CVE-2024/CVE-2024-567xx/CVE-2024-56736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56736", "id": "CVE-2024-56736",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2025-04-16T16:15:28.840", "published": "2025-04-16T16:15:28.840",
"lastModified": "2025-04-16T18:16:03.783", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

34
CVE-2024/CVE-2024-567xx/CVE-2024-56742.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56742", "id": "CVE-2024-56742",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:07.593", "published": "2024-12-29T12:15:07.593",
"lastModified": "2025-01-07T22:19:23.543", "lastModified": "2025-04-17T21:15:49.607",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56745.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56745", "id": "CVE-2024-56745",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:07.937", "published": "2024-12-29T12:15:07.937",
"lastModified": "2025-01-07T22:47:40.577", "lastModified": "2025-04-17T21:15:49.773",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56746", "id": "CVE-2024-56746",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:08.070", "published": "2024-12-29T12:15:08.070",
"lastModified": "2025-01-07T22:47:17.513", "lastModified": "2025-04-17T21:15:49.970",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56747.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56747", "id": "CVE-2024-56747",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:08.183", "published": "2024-12-29T12:15:08.183",
"lastModified": "2025-01-07T22:47:01.040", "lastModified": "2025-04-17T20:15:26.807",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

34
CVE-2024/CVE-2024-567xx/CVE-2024-56748.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-56748", "id": "CVE-2024-56748",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-29T12:15:08.303", "published": "2024-12-29T12:15:08.303",
"lastModified": "2025-01-06T17:07:33.423", "lastModified": "2025-04-17T21:15:50.173",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {
@ -36,6 +36,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
} }
] ]
}, },
@ -49,6 +69,16 @@
"value": "CWE-401" "value": "CWE-401"
} }
] ]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
} }
], ],
"configurations": [ "configurations": [

4
CVE-2024/CVE-2024-580xx/CVE-2024-58093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58093", "id": "CVE-2024-58093",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-16T15:15:53.220", "published": "2025-04-16T15:15:53.220",
"lastModified": "2025-04-16T15:15:53.220", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

4
CVE-2024/CVE-2024-580xx/CVE-2024-58094.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-58094", "id": "CVE-2024-58094",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2025-04-16T15:15:53.330", "published": "2025-04-16T15:15:53.330",
"lastModified": "2025-04-16T15:15:53.330", "lastModified": "2025-04-17T20:22:16.240",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"cveTags": [], "cveTags": [],
"descriptions": [ "descriptions": [
{ {

Some files were not shown because too many files have changed in this diff Show More