From 8d89132b8d6946b6f54bd2a067233cb6830b1d74 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 4 Mar 2024 21:00:29 +0000 Subject: [PATCH] Auto-Update: 2024-03-04T21:00:25.955254+00:00 --- CVE-2021/CVE-2021-471xx/CVE-2021-47104.json | 48 ++++++++++++ CVE-2021/CVE-2021-471xx/CVE-2021-47105.json | 24 ++++++ CVE-2021/CVE-2021-471xx/CVE-2021-47106.json | 24 ++++++ CVE-2021/CVE-2021-471xx/CVE-2021-47107.json | 24 ++++++ CVE-2021/CVE-2021-471xx/CVE-2021-47108.json | 24 ++++++ CVE-2023/CVE-2023-323xx/CVE-2023-32331.json | 59 +++++++++++++++ CVE-2023/CVE-2023-35xx/CVE-2023-3509.json | 75 ++++++++++++++++++- CVE-2023/CVE-2023-48xx/CVE-2023-4895.json | 75 ++++++++++++++++++- CVE-2023/CVE-2023-60xx/CVE-2023-6068.json | 55 ++++++++++++++ CVE-2023/CVE-2023-64xx/CVE-2023-6477.json | 75 ++++++++++++++++++- CVE-2023/CVE-2023-65xx/CVE-2023-6564.json | 67 ++++++++++++++++- CVE-2023/CVE-2023-67xx/CVE-2023-6736.json | 77 ++++++++++++++++++- CVE-2023/CVE-2023-68xx/CVE-2023-6840.json | 83 ++++++++++++++++++++- CVE-2024/CVE-2024-04xx/CVE-2024-0410.json | 75 ++++++++++++++++++- CVE-2024/CVE-2024-08xx/CVE-2024-0861.json | 75 ++++++++++++++++++- CVE-2024/CVE-2024-10xx/CVE-2024-1066.json | 77 ++++++++++++++++++- CVE-2024/CVE-2024-12xx/CVE-2024-1250.json | 58 +++++++++++++- CVE-2024/CVE-2024-14xx/CVE-2024-1451.json | 61 ++++++++++++++- CVE-2024/CVE-2024-15xx/CVE-2024-1525.json | 70 ++++++++++++++++- CVE-2024/CVE-2024-18xx/CVE-2024-1820.json | 2 +- CVE-2024/CVE-2024-18xx/CVE-2024-1821.json | 2 +- CVE-2024/CVE-2024-18xx/CVE-2024-1826.json | 2 +- CVE-2024/CVE-2024-18xx/CVE-2024-1827.json | 2 +- CVE-2024/CVE-2024-18xx/CVE-2024-1828.json | 2 +- CVE-2024/CVE-2024-18xx/CVE-2024-1829.json | 2 +- CVE-2024/CVE-2024-18xx/CVE-2024-1830.json | 2 +- CVE-2024/CVE-2024-20xx/CVE-2024-2048.json | 55 ++++++++++++++ CVE-2024/CVE-2024-278xx/CVE-2024-27889.json | 55 ++++++++++++++ README.md | 63 ++++++++-------- 29 files changed, 1232 insertions(+), 81 deletions(-) create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47104.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47105.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47106.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47107.json create mode 100644 CVE-2021/CVE-2021-471xx/CVE-2021-47108.json create mode 100644 CVE-2023/CVE-2023-323xx/CVE-2023-32331.json create mode 100644 CVE-2023/CVE-2023-60xx/CVE-2023-6068.json create mode 100644 CVE-2024/CVE-2024-20xx/CVE-2024-2048.json create mode 100644 CVE-2024/CVE-2024-278xx/CVE-2024-27889.json diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47104.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47104.json new file mode 100644 index 00000000000..2a07575c9e2 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47104.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2021-47104", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-04T19:15:18.643", + "lastModified": "2024-03-04T19:15:18.643", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/qib: Fix memory leak in qib_user_sdma_queue_pkts()\n\nThe wrong goto label was used for the error case and missed cleanup of the\npkt allocation.\n\nAddresses-Coverity-ID: 1493352 (\"Resource leak\")" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0aaec9c5f60754b56f84460ea439b8c5e91f4caa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1ced0a3015a95c6a6db45e37250912c4c86697ab", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/76b648063eb36c72dfc0a6896de8a0a7d2c7841c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/79dcbd8176152b860028b62f81a635d987365752", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7cf6466e00a77b0a914b7b2c28a1fc7947d55e59", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/aefcc25f3a0cd28a87d11d41d30419a12cd26a34", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bee90911e0138c76ee67458ac0d58b38a3190f65", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d53456492b5d02033c73dfa0f3b94c86337791ba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47105.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47105.json new file mode 100644 index 00000000000..6020280fa6f --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47105.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47105", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-04T19:15:18.707", + "lastModified": "2024-03-04T19:15:18.707", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: xsk: return xsk buffers back to pool when cleaning the ring\n\nCurrently we only NULL the xdp_buff pointer in the internal SW ring but\nwe never give it back to the xsk buffer pool. This means that buffers\ncan be leaked out of the buff pool and never be used again.\n\nAdd missing xsk_buff_free() call to the routine that is supposed to\nclean the entries that are left in the ring so that these buffers in the\numem can be used by other sockets.\n\nAlso, only go through the space that is actually left to be cleaned\ninstead of a whole ring." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/ad6d20da2cfbe14b7b1200d15f39e65988b0b9e8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/afe8a3ba85ec2a6b6849367e25c06a2f8e0ddd05", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47106.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47106.json new file mode 100644 index 00000000000..24b42bb6d70 --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47106.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47106", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-04T19:15:18.750", + "lastModified": "2024-03-04T19:15:18.750", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy()\n\nWe need to use list_for_each_entry_safe() iterator\nbecause we can not access @catchall after kfree_rcu() call.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in nft_set_catchall_destroy net/netfilter/nf_tables_api.c:4486 [inline]\nBUG: KASAN: use-after-free in nft_set_destroy net/netfilter/nf_tables_api.c:4504 [inline]\nBUG: KASAN: use-after-free in nft_set_destroy+0x3fd/0x4f0 net/netfilter/nf_tables_api.c:4493\nRead of size 8 at addr ffff8880716e5b80 by task syz-executor.3/8871\n\nCPU: 1 PID: 8871 Comm: syz-executor.3 Not tainted 5.16.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x2ed mm/kasan/report.c:247\n __kasan_report mm/kasan/report.c:433 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:450\n nft_set_catchall_destroy net/netfilter/nf_tables_api.c:4486 [inline]\n nft_set_destroy net/netfilter/nf_tables_api.c:4504 [inline]\n nft_set_destroy+0x3fd/0x4f0 net/netfilter/nf_tables_api.c:4493\n __nft_release_table+0x79f/0xcd0 net/netfilter/nf_tables_api.c:9626\n nft_rcv_nl_event+0x4f8/0x670 net/netfilter/nf_tables_api.c:9688\n notifier_call_chain+0xb5/0x200 kernel/notifier.c:83\n blocking_notifier_call_chain kernel/notifier.c:318 [inline]\n blocking_notifier_call_chain+0x67/0x90 kernel/notifier.c:306\n netlink_release+0xcb6/0x1dd0 net/netlink/af_netlink.c:788\n __sock_release+0xcd/0x280 net/socket.c:649\n sock_close+0x18/0x20 net/socket.c:1314\n __fput+0x286/0x9f0 fs/file_table.c:280\n task_work_run+0xdd/0x1a0 kernel/task_work.c:164\n tracehook_notify_resume include/linux/tracehook.h:189 [inline]\n exit_to_user_mode_loop kernel/entry/common.c:175 [inline]\n exit_to_user_mode_prepare+0x27e/0x290 kernel/entry/common.c:207\n __syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]\n syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300\n do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f75fbf28adb\nCode: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44\nRSP: 002b:00007ffd8da7ec10 EFLAGS: 00000293 ORIG_RAX: 0000000000000003\nRAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f75fbf28adb\nRDX: 00007f75fc08e828 RSI: ffffffffffffffff RDI: 0000000000000003\nRBP: 00007f75fc08a960 R08: 0000000000000000 R09: 00007f75fc08e830\nR10: 00007ffd8da7ed10 R11: 0000000000000293 R12: 00000000002067c3\nR13: 00007ffd8da7ed10 R14: 00007f75fc088f60 R15: 0000000000000032\n \n\nAllocated by task 8886:\n kasan_save_stack+0x1e/0x50 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:46 [inline]\n set_alloc_info mm/kasan/common.c:434 [inline]\n ____kasan_kmalloc mm/kasan/common.c:513 [inline]\n ____kasan_kmalloc mm/kasan/common.c:472 [inline]\n __kasan_kmalloc+0xa6/0xd0 mm/kasan/common.c:522\n kasan_kmalloc include/linux/kasan.h:269 [inline]\n kmem_cache_alloc_trace+0x1ea/0x4a0 mm/slab.c:3575\n kmalloc include/linux/slab.h:590 [inline]\n nft_setelem_catchall_insert net/netfilter/nf_tables_api.c:5544 [inline]\n nft_setelem_insert net/netfilter/nf_tables_api.c:5562 [inline]\n nft_add_set_elem+0x232e/0x2f40 net/netfilter/nf_tables_api.c:5936\n nf_tables_newsetelem+0x6ff/0xbb0 net/netfilter/nf_tables_api.c:6032\n nfnetlink_rcv_batch+0x1710/0x25f0 net/netfilter/nfnetlink.c:513\n nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:634 [inline]\n nfnetlink_rcv+0x3af/0x420 net/netfilter/nfnetlink.c:652\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0f7d9b31ce7abdbb29bf018131ac920c9f698518", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9d558e5f0d6fdd0a568f73dceb0b40c4f5012e5a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47107.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47107.json new file mode 100644 index 00000000000..583aa41ee2e --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47107.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47107", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-04T19:15:18.793", + "lastModified": "2024-03-04T19:15:18.793", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix READDIR buffer overflow\n\nIf a client sends a READDIR count argument that is too small (say,\nzero), then the buffer size calculation in the new init_dirlist\nhelper functions results in an underflow, allowing the XDR stream\nfunctions to write beyond the actual buffer.\n\nThis calculation has always been suspect. NFSD has never sanity-\nchecked the READDIR count argument, but the old entry encoders\nmanaged the problem correctly.\n\nWith the commits below, entry encoding changed, exposing the\nunderflow to the pointer arithmetic in xdr_reserve_space().\n\nModern NFS clients attempt to retrieve as much data as possible\nfor each READDIR request. Also, we have no unit tests that\nexercise the behavior of READDIR at the lower bound of @count\nvalues. Thus this case was missed during testing." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/53b1119a6e5028b125f431a0116ba73510d82a72", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eabc0aab98e5218ceecd82069b0d6fdfff5ee885", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-471xx/CVE-2021-47108.json b/CVE-2021/CVE-2021-471xx/CVE-2021-47108.json new file mode 100644 index 00000000000..871ac87e89b --- /dev/null +++ b/CVE-2021/CVE-2021-471xx/CVE-2021-47108.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-47108", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-04T19:15:18.837", + "lastModified": "2024-03-04T19:15:18.837", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf\n\nIn commit 41ca9caaae0b\n(\"drm/mediatek: hdmi: Add check for CEA modes only\") a check\nfor CEA modes was added to function mtk_hdmi_bridge_mode_valid()\nin order to address possible issues on MT8167;\nmoreover, with commit c91026a938c2\n(\"drm/mediatek: hdmi: Add optional limit on maximal HDMI mode clock\")\nanother similar check was introduced.\n\nUnfortunately though, at the time of writing, MT8173 does not provide\nany mtk_hdmi_conf structure and this is crashing the kernel with NULL\npointer upon entering mtk_hdmi_bridge_mode_valid(), which happens as\nsoon as a HDMI cable gets plugged in.\n\nTo fix this regression, add a NULL pointer check for hdmi->conf in the\nsaid function, restoring HDMI functionality and avoiding NULL pointer\nkernel panics." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3b8e19a0aa3933a785be9f1541afd8d398c4ec69", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/71d07ebc5000b9c1d140e99e7493b0bafa954776", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32331.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32331.json new file mode 100644 index 00000000000..1375828489a --- /dev/null +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32331.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32331", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-03-04T19:15:18.893", + "lastModified": "2024-03-04T19:15:18.893", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254979", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7011443", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3509.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3509.json index 87950490d7a..0c71c2f5e13 100644 --- a/CVE-2023/CVE-2023-35xx/CVE-2023-3509.json +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3509.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3509", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-21T23:15:08.223", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:59:58.357", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,14 +80,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionEndIncluding": "16.7.6", + "matchCriteriaId": "0A04F244-8B1C-451C-9C0F-86885410FBD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.8.0", + "versionEndIncluding": "16.8.3", + "matchCriteriaId": "E0A7B883-EFAA-456B-AB89-9FEF5BED60CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "06CEE568-A6C1-4C8A-8786-B561643668AB" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416945", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link", + "Permissions Required" + ] }, { "url": "https://hackerone.com/reports/2037814", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4895.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4895.json index 9a46c739361..85885817179 100644 --- a/CVE-2023/CVE-2023-48xx/CVE-2023-4895.json +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4895.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4895", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-22T01:15:07.780", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:15:42.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,14 +80,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "12.0", + "versionEndIncluding": "16.76", + "matchCriteriaId": "C33D3245-F0DB-408F-8E54-4CEE331BDF88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.8", + "versionEndExcluding": "16.8.3", + "matchCriteriaId": "C2172309-EFB1-4A6E-A65F-A4286273C09B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "1E374890-90FC-4DC5-8C0B-87CC99B4A4D7" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/424766", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://hackerone.com/reports/2134787", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6068.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6068.json new file mode 100644 index 00000000000..0f2b5f722c2 --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6068.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6068", + "sourceIdentifier": "psirt@arista.com", + "published": "2024-03-04T20:15:50.267", + "lastModified": "2024-03-04T20:15:50.267", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL\u2019s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@arista.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@arista.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-283" + } + ] + } + ], + "references": [ + { + "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19023-security-advisory-0091", + "source": "psirt@arista.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-64xx/CVE-2023-6477.json b/CVE-2023/CVE-2023-64xx/CVE-2023-6477.json index bb3f49253dd..5dca8b6d34d 100644 --- a/CVE-2023/CVE-2023-64xx/CVE-2023-6477.json +++ b/CVE-2023/CVE-2023-64xx/CVE-2023-6477.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6477", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-22T00:15:51.533", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:25:04.490", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.5 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,14 +80,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.5.0", + "versionEndExcluding": "16.7.6", + "matchCriteriaId": "B2558C81-DADC-475C-A06B-DB9048CE85FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.8.0", + "versionEndIncluding": "16.8.3", + "matchCriteriaId": "BF18D8E8-7406-46F4-BDDD-CC743A5C4D80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "1E374890-90FC-4DC5-8C0B-87CC99B4A4D7" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/433463", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://hackerone.com/reports/2270898", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6564.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6564.json index 21e01c42832..66689f350bf 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6564.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6564.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6564", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-08T12:15:55.767", - "lastModified": "2024-02-08T13:44:11.750", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:56:09.493", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,10 +80,41 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.4.3:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "6A759830-9D31-4AF5-912F-CA91D6023AD6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.5.3:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "D2A7EFB5-6D86-4034-99EF-78E95E32D155" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.6.1:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "598CF5D0-C052-4794-A66D-45BB6E002212" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Issue Tracking", + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6736.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6736.json index b55a2159d8b..40157789bc5 100644 --- a/CVE-2023/CVE-2023-67xx/CVE-2023-6736.json +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6736.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6736", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-07T22:15:09.043", - "lastModified": "2024-02-26T21:15:07.787", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:33:21.807", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,14 +80,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "11.3.0", + "versionEndExcluding": "16.7.6", + "matchCriteriaId": "0A393A71-3927-44F2-B9C6-7E33534F72C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.8.0", + "versionEndExcluding": "16.8.3", + "matchCriteriaId": "1920E538-FE0D-40A6-8EA3-667D9835DA8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "1E374890-90FC-4DC5-8C0B-87CC99B4A4D7" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/435036", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Issue Tracking", + "Permissions Required" + ] }, { "url": "https://hackerone.com/reports/2269023", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required", + "Technical Description" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6840.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6840.json index 2cfb36ace54..dfe5c1f3c72 100644 --- a/CVE-2023/CVE-2023-68xx/CVE-2023-6840.json +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6840.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6840", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-07T22:15:09.500", - "lastModified": "2024-02-08T03:29:33.180", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:52:05.890", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab EE affecting all versions from 16.4 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows a maintainer to change the name of a protected branch that bypasses the security policy added to block MR." + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en GitLab EE que afecta a todas las versiones desde 16.4 anterior a 16.6.7, 16.7 anterior a 16.7.5 y 16.8 anterior a 16.8.2 lo que permite a un fabricante cambiar el nombre de una rama protegida que omite la pol\u00edtica de seguridad agregada para bloquear MR." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.5 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -46,14 +80,55 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.4.0", + "versionEndExcluding": "16.6.7", + "matchCriteriaId": "5A1A9E0E-DFC2-4567-9218-6F7B9FE56F34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.5", + "matchCriteriaId": "8ECA9350-B77B-41F6-B234-72BF47FD50E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.8.0", + "versionEndExcluding": "16.8.2", + "matchCriteriaId": "FDA190F8-0AAA-44DF-8A6B-A9A4380D478C" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/435500", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Issue Tracking", + "Permissions Required" + ] }, { "url": "https://hackerone.com/reports/2280292", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required", + "Technical Description" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0410.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0410.json index dbf5a26d880..034c1d156c4 100644 --- a/CVE-2024/CVE-2024-04xx/CVE-2024-0410.json +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0410.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0410", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-22T00:15:51.723", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:25:41.347", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.8 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,14 +80,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.1.0", + "versionEndExcluding": "16.7.6", + "matchCriteriaId": "B0EDCF56-03C7-48C1-98D4-64564BE5E8C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.8.0", + "versionEndExcluding": "16.8.3", + "matchCriteriaId": "32EE52BE-8BFD-40AA-9826-76DB2188E48E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "06CEE568-A6C1-4C8A-8786-B561643668AB" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/437988", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://hackerone.com/reports/2296778", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0861.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0861.json index 3e8aef0020f..ff6cb4eb017 100644 --- a/CVE-2024/CVE-2024-08xx/CVE-2024-0861.json +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0861.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0861", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-22T00:15:51.973", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:26:41.663", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,14 +80,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.4.0", + "versionEndExcluding": "16.7.6", + "matchCriteriaId": "E0C6BB02-2255-4DA6-BCEB-36792BF910BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.8.0", + "versionEndExcluding": "16.8.3", + "matchCriteriaId": "1920E538-FE0D-40A6-8EA3-667D9835DA8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "1E374890-90FC-4DC5-8C0B-87CC99B4A4D7" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/439240", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://hackerone.com/reports/2316435", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1066.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1066.json index fc0541b0a9f..19591c70cc0 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1066.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1066.json @@ -2,16 +2,40 @@ "id": "CVE-2024-1066", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-07T22:15:09.797", - "lastModified": "2024-02-08T03:29:33.180", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T21:00:15.267", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay`" + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en GitLab EE que afecta a todas las versiones desde 13.3.0 anterior a 16.6.7, 16.7 anterior a 16.7.5 y 16.8 anterior a 16.8.2, lo que permite a un atacante agotar los recursos utilizando las `vulnerabilidadesCountByDay` de GraphQL." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -46,10 +80,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.3.0", + "versionEndExcluding": "16.6.7", + "matchCriteriaId": "9050BD58-8285-4043-A5CE-D176B837C006" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.7.0", + "versionEndExcluding": "16.7.5", + "matchCriteriaId": "6EBC5A56-73F8-43A7-8EC8-B76904367719" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.8.0", + "versionEndExcluding": "16.8.2", + "matchCriteriaId": "49D0039A-BE00-4F9D-8385-2B81C5AB5CD6" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/420341", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Issue Tracking", + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1250.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1250.json index 59f6662d43f..5967690e0f2 100644 --- a/CVE-2024/CVE-2024-12xx/CVE-2024-1250.json +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1250.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1250", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-12T21:15:08.313", - "lastModified": "2024-02-13T14:01:49.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:57:39.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,10 +80,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.8.0", + "versionEndExcluding": "16.8.2", + "matchCriteriaId": "FDA190F8-0AAA-44DF-8A6B-A9A4380D478C" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/439175", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-14xx/CVE-2024-1451.json b/CVE-2024/CVE-2024-14xx/CVE-2024-1451.json index 9a12c12a882..c9684b2fe09 100644 --- a/CVE-2024/CVE-2024-14xx/CVE-2024-1451.json +++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1451.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1451", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-22T00:15:52.153", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:12:59.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.8 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,14 +80,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "06CEE568-A6C1-4C8A-8786-B561643668AB" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/441457", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://hackerone.com/reports/2371126", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1525.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1525.json index e9e52d0b791..eab64f87e4b 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1525.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1525.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1525", "sourceIdentifier": "cve@gitlab.com", "published": "2024-02-22T00:15:52.327", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-03-04T20:14:59.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -50,10 +80,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.1", + "versionEndExcluding": "16.7.6", + "matchCriteriaId": "F78B6F50-69F7-45F5-9541-5F35620206A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.8", + "versionEndExcluding": "16.8.3", + "matchCriteriaId": "59BDFC85-244E-41F5-9F55-D4497756954B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "06CEE568-A6C1-4C8A-8786-B561643668AB" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/438144", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1820.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1820.json index 15b52b08a8f..5ac935c5ef1 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1820.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1820.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1820", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T16:15:47.223", - "lastModified": "2024-02-29T01:43:54.970", + "lastModified": "2024-03-04T19:15:19.107", "vulnStatus": "Awaiting Analysis", "descriptions": [ { diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1821.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1821.json index 204390015d2..4d274a8b989 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1821.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1821.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1821", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T16:15:47.510", - "lastModified": "2024-02-29T01:43:55.040", + "lastModified": "2024-03-04T19:15:19.237", "vulnStatus": "Awaiting Analysis", "descriptions": [ { diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1826.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1826.json index c819e0c12a8..88e15604414 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1826.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1826.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1826", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T17:15:08.323", - "lastModified": "2024-02-29T01:43:55.387", + "lastModified": "2024-03-04T19:15:19.323", "vulnStatus": "Awaiting Analysis", "descriptions": [ { diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1827.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1827.json index 9d98dc28154..bd9cf3e3dae 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1827.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1827.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1827", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T18:15:50.013", - "lastModified": "2024-02-29T01:43:55.457", + "lastModified": "2024-03-04T19:15:19.403", "vulnStatus": "Awaiting Analysis", "descriptions": [ { diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1828.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1828.json index 3a2d802024e..f8e62b60802 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1828.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1828.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1828", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T18:15:50.263", - "lastModified": "2024-02-29T01:43:55.527", + "lastModified": "2024-03-04T19:15:19.483", "vulnStatus": "Awaiting Analysis", "descriptions": [ { diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1829.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1829.json index 012c42b0a6f..0d250c26dd6 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1829.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1829.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1829", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T18:15:50.517", - "lastModified": "2024-02-29T01:43:55.597", + "lastModified": "2024-03-04T19:15:19.557", "vulnStatus": "Awaiting Analysis", "descriptions": [ { diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1830.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1830.json index 046a57ace4b..2f5c249a871 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1830.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1830.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1830", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T19:15:08.733", - "lastModified": "2024-02-29T01:43:55.670", + "lastModified": "2024-03-04T19:15:19.630", "vulnStatus": "Awaiting Analysis", "descriptions": [ { diff --git a/CVE-2024/CVE-2024-20xx/CVE-2024-2048.json b/CVE-2024/CVE-2024-20xx/CVE-2024-2048.json new file mode 100644 index 00000000000..fd871eeac27 --- /dev/null +++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2048.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-2048", + "sourceIdentifier": "security@hashicorp.com", + "published": "2024-03-04T20:15:50.690", + "lastModified": "2024-03-04T20:15:50.690", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vault and Vault Enterprise (\u201cVault\u201d) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass authentication. Fixed in Vault 1.15.5 and 1.14.10." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@hashicorp.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@hashicorp.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "references": [ + { + "url": "https://discuss.hashicorp.com/t/hcsec-2024-05-vault-cert-auth-method-did-not-correctly-validate-non-ca-certificates/63382", + "source": "security@hashicorp.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-278xx/CVE-2024-27889.json b/CVE-2024/CVE-2024-278xx/CVE-2024-27889.json new file mode 100644 index 00000000000..794819b1269 --- /dev/null +++ b/CVE-2024/CVE-2024-278xx/CVE-2024-27889.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-27889", + "sourceIdentifier": "psirt@arista.com", + "published": "2024-03-04T20:15:50.503", + "lastModified": "2024-03-04T20:15:50.503", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW). A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@arista.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@arista.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/19038-security-advisory-0093", + "source": "psirt@arista.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7b6dba9091b..b0d85828568 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-04T19:00:32.288836+00:00 +2024-03-04T21:00:25.955254+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-04T18:15:09.377000+00:00 +2024-03-04T21:00:15.267000+00:00 ``` ### Last Data Feed Release @@ -29,44 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -240483 +240492 ``` ### CVEs added in the last Commit -Recently added CVEs: `25` +Recently added CVEs: `9` -* [CVE-2021-47082](CVE-2021/CVE-2021-470xx/CVE-2021-47082.json) (`2024-03-04T18:15:07.120`) -* [CVE-2021-47083](CVE-2021/CVE-2021-470xx/CVE-2021-47083.json) (`2024-03-04T18:15:07.193`) -* [CVE-2021-47084](CVE-2021/CVE-2021-470xx/CVE-2021-47084.json) (`2024-03-04T18:15:07.253`) -* [CVE-2021-47085](CVE-2021/CVE-2021-470xx/CVE-2021-47085.json) (`2024-03-04T18:15:07.317`) -* [CVE-2021-47086](CVE-2021/CVE-2021-470xx/CVE-2021-47086.json) (`2024-03-04T18:15:07.393`) -* [CVE-2021-47087](CVE-2021/CVE-2021-470xx/CVE-2021-47087.json) (`2024-03-04T18:15:07.457`) -* [CVE-2021-47088](CVE-2021/CVE-2021-470xx/CVE-2021-47088.json) (`2024-03-04T18:15:07.510`) -* [CVE-2021-47089](CVE-2021/CVE-2021-470xx/CVE-2021-47089.json) (`2024-03-04T18:15:07.560`) -* [CVE-2021-47090](CVE-2021/CVE-2021-470xx/CVE-2021-47090.json) (`2024-03-04T18:15:07.610`) -* [CVE-2021-47091](CVE-2021/CVE-2021-470xx/CVE-2021-47091.json) (`2024-03-04T18:15:07.670`) -* [CVE-2021-47092](CVE-2021/CVE-2021-470xx/CVE-2021-47092.json) (`2024-03-04T18:15:07.723`) -* [CVE-2021-47093](CVE-2021/CVE-2021-470xx/CVE-2021-47093.json) (`2024-03-04T18:15:07.787`) -* [CVE-2021-47094](CVE-2021/CVE-2021-470xx/CVE-2021-47094.json) (`2024-03-04T18:15:07.837`) -* [CVE-2021-47095](CVE-2021/CVE-2021-470xx/CVE-2021-47095.json) (`2024-03-04T18:15:07.907`) -* [CVE-2021-47096](CVE-2021/CVE-2021-470xx/CVE-2021-47096.json) (`2024-03-04T18:15:07.960`) -* [CVE-2021-47097](CVE-2021/CVE-2021-470xx/CVE-2021-47097.json) (`2024-03-04T18:15:08.017`) -* [CVE-2021-47098](CVE-2021/CVE-2021-470xx/CVE-2021-47098.json) (`2024-03-04T18:15:08.090`) -* [CVE-2021-47099](CVE-2021/CVE-2021-470xx/CVE-2021-47099.json) (`2024-03-04T18:15:08.153`) -* [CVE-2021-47100](CVE-2021/CVE-2021-471xx/CVE-2021-47100.json) (`2024-03-04T18:15:08.267`) -* [CVE-2021-47101](CVE-2021/CVE-2021-471xx/CVE-2021-47101.json) (`2024-03-04T18:15:08.450`) -* [CVE-2021-47102](CVE-2021/CVE-2021-471xx/CVE-2021-47102.json) (`2024-03-04T18:15:08.600`) -* [CVE-2021-47103](CVE-2021/CVE-2021-471xx/CVE-2021-47103.json) (`2024-03-04T18:15:08.667`) -* [CVE-2023-38360](CVE-2023/CVE-2023-383xx/CVE-2023-38360.json) (`2024-03-04T18:15:08.743`) -* [CVE-2024-27198](CVE-2024/CVE-2024-271xx/CVE-2024-27198.json) (`2024-03-04T18:15:09.040`) -* [CVE-2024-27199](CVE-2024/CVE-2024-271xx/CVE-2024-27199.json) (`2024-03-04T18:15:09.377`) +* [CVE-2021-47104](CVE-2021/CVE-2021-471xx/CVE-2021-47104.json) (`2024-03-04T19:15:18.643`) +* [CVE-2021-47105](CVE-2021/CVE-2021-471xx/CVE-2021-47105.json) (`2024-03-04T19:15:18.707`) +* [CVE-2021-47106](CVE-2021/CVE-2021-471xx/CVE-2021-47106.json) (`2024-03-04T19:15:18.750`) +* [CVE-2021-47107](CVE-2021/CVE-2021-471xx/CVE-2021-47107.json) (`2024-03-04T19:15:18.793`) +* [CVE-2021-47108](CVE-2021/CVE-2021-471xx/CVE-2021-47108.json) (`2024-03-04T19:15:18.837`) +* [CVE-2023-32331](CVE-2023/CVE-2023-323xx/CVE-2023-32331.json) (`2024-03-04T19:15:18.893`) +* [CVE-2023-6068](CVE-2023/CVE-2023-60xx/CVE-2023-6068.json) (`2024-03-04T20:15:50.267`) +* [CVE-2024-27889](CVE-2024/CVE-2024-278xx/CVE-2024-27889.json) (`2024-03-04T20:15:50.503`) +* [CVE-2024-2048](CVE-2024/CVE-2024-20xx/CVE-2024-2048.json) (`2024-03-04T20:15:50.690`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `19` +* [CVE-2023-4895](CVE-2023/CVE-2023-48xx/CVE-2023-4895.json) (`2024-03-04T20:15:42.960`) +* [CVE-2023-6477](CVE-2023/CVE-2023-64xx/CVE-2023-6477.json) (`2024-03-04T20:25:04.490`) +* [CVE-2023-6736](CVE-2023/CVE-2023-67xx/CVE-2023-6736.json) (`2024-03-04T20:33:21.807`) +* [CVE-2023-6840](CVE-2023/CVE-2023-68xx/CVE-2023-6840.json) (`2024-03-04T20:52:05.890`) +* [CVE-2023-6564](CVE-2023/CVE-2023-65xx/CVE-2023-6564.json) (`2024-03-04T20:56:09.493`) +* [CVE-2023-3509](CVE-2023/CVE-2023-35xx/CVE-2023-3509.json) (`2024-03-04T20:59:58.357`) +* [CVE-2024-1820](CVE-2024/CVE-2024-18xx/CVE-2024-1820.json) (`2024-03-04T19:15:19.107`) +* [CVE-2024-1821](CVE-2024/CVE-2024-18xx/CVE-2024-1821.json) (`2024-03-04T19:15:19.237`) +* [CVE-2024-1826](CVE-2024/CVE-2024-18xx/CVE-2024-1826.json) (`2024-03-04T19:15:19.323`) +* [CVE-2024-1827](CVE-2024/CVE-2024-18xx/CVE-2024-1827.json) (`2024-03-04T19:15:19.403`) +* [CVE-2024-1828](CVE-2024/CVE-2024-18xx/CVE-2024-1828.json) (`2024-03-04T19:15:19.483`) +* [CVE-2024-1829](CVE-2024/CVE-2024-18xx/CVE-2024-1829.json) (`2024-03-04T19:15:19.557`) +* [CVE-2024-1830](CVE-2024/CVE-2024-18xx/CVE-2024-1830.json) (`2024-03-04T19:15:19.630`) +* [CVE-2024-1451](CVE-2024/CVE-2024-14xx/CVE-2024-1451.json) (`2024-03-04T20:12:59.223`) +* [CVE-2024-1525](CVE-2024/CVE-2024-15xx/CVE-2024-1525.json) (`2024-03-04T20:14:59.457`) +* [CVE-2024-0410](CVE-2024/CVE-2024-04xx/CVE-2024-0410.json) (`2024-03-04T20:25:41.347`) +* [CVE-2024-0861](CVE-2024/CVE-2024-08xx/CVE-2024-0861.json) (`2024-03-04T20:26:41.663`) +* [CVE-2024-1250](CVE-2024/CVE-2024-12xx/CVE-2024-1250.json) (`2024-03-04T20:57:39.907`) +* [CVE-2024-1066](CVE-2024/CVE-2024-10xx/CVE-2024-1066.json) (`2024-03-04T21:00:15.267`) ## Download and Usage