diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36610.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36610.json index 163b48841b9..f0a7658bf2d 100644 --- a/CVE-2024/CVE-2024-366xx/CVE-2024-36610.json +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36610.json @@ -2,82 +2,15 @@ "id": "CVE-2024-36610", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-29T20:15:20.237", - "lastModified": "2024-12-03T21:15:06.600", - "vulnStatus": "Awaiting Analysis", - "cveTags": [ - { - "sourceIdentifier": "cve@mitre.org", - "tags": [ - "disputed" - ] - } - ], + "lastModified": "2024-12-24T21:15:18.280", + "vulnStatus": "Rejected", + "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A deserialization vulnerability exists in the Stub class of the VarDumper module in Symfony v7.0.3. The vulnerability stems from deficiencies in the original implementation when handling properties with null or uninitialized values. An attacker could construct specific serialized data and use this vulnerability to execute unauthorized code. NOTE: the Supplier has concluded that this is a false report." - }, - { - "lang": "es", - "value": "Existe una vulnerabilidad de deserializaci\u00f3n en la clase Stub del m\u00f3dulo VarDumper en Symfony v7.0.3. La vulnerabilidad surge de deficiencias en la implementaci\u00f3n original al manejar propiedades con valores nulos o no inicializados. Un atacante podr\u00eda construir datos serializados espec\u00edficos y usar esta vulnerabilidad para ejecutar c\u00f3digo no autorizado." + "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage." } ], - "metrics": { - "cvssMetricV31": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - } - ] - }, - "weaknesses": [ - { - "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-94" - } - ] - } - ], - "references": [ - { - "url": "https://gist.github.com/1047524396/24e93f2905850235e42ad7db6e878bd5", - "source": "cve@mitre.org" - }, - { - "url": "https://github.com/github/advisory-database/pull/5046", - "source": "cve@mitre.org" - }, - { - "url": "https://github.com/symfony/symfony/blob/v7.0.3/src/Symfony/Component/VarDumper/Cloner/Stub.php#L53", - "source": "cve@mitre.org" - }, - { - "url": "https://github.com/symfony/symfony/commit/3ffd495bb3cc4d2e24e35b2d83c5b909cab7e259", - "source": "cve@mitre.org" - }, - { - "url": "https://github.com/symfony/symfony/issues/59077#issuecomment-2513935018", - "source": "cve@mitre.org" - } - ] + "metrics": {}, + "references": [] } \ No newline at end of file diff --git a/README.md b/README.md index fc280ce495e..73b4386a47b 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-24T21:00:20.136211+00:00 +2024-12-24T23:00:20.043649+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-24T19:15:06.940000+00:00 +2024-12-24T21:15:18.280000+00:00 ``` ### Last Data Feed Release @@ -38,17 +38,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `0` -- [CVE-2019-2483](CVE-2019/CVE-2019-24xx/CVE-2019-2483.json) (`2024-12-24T19:15:05.757`) -- [CVE-2022-21505](CVE-2022/CVE-2022-215xx/CVE-2022-21505.json) (`2024-12-24T19:15:06.763`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2024-52926](CVE-2024/CVE-2024-529xx/CVE-2024-52926.json) (`2024-12-24T19:15:06.940`) +- [CVE-2024-36610](CVE-2024/CVE-2024-366xx/CVE-2024-36610.json) (`2024-12-24T21:15:18.280`) ## Download and Usage diff --git a/_state.csv b/_state.csv index c167e7b0fda..8c951e2321e 100644 --- a/_state.csv +++ b/_state.csv @@ -138371,7 +138371,7 @@ CVE-2019-2479,0,0,e0c7a602157a3a3233e2924456cab0b3e874e1a14c59e46b40d40a581b865b CVE-2019-2480,0,0,6eea42436df236a96df3c2182dde88be080c2d91d3678fb57a7c2f7ad95e7702,2024-11-21T04:40:57.403000 CVE-2019-2481,0,0,2c7f842fe90c4c9c7c6cf8044eaff1b070218ab2ebd7b7b65afbfc4acbbc5150,2024-11-21T04:40:57.523000 CVE-2019-2482,0,0,60afa5b90bf8c3578bc6106e4f975267fcbb563b3067e9521d1bdccda2a87afd,2024-11-21T04:40:57.660000 -CVE-2019-2483,1,1,1833f21442f4cd48b679d1df71521380a30e67a9c4f8fc1c5765d72d6f5053a6,2024-12-24T19:15:05.757000 +CVE-2019-2483,0,0,1833f21442f4cd48b679d1df71521380a30e67a9c4f8fc1c5765d72d6f5053a6,2024-12-24T19:15:05.757000 CVE-2019-2484,0,0,a7715493c3547f6d9e809f816d1813c2921c76b2c7dc1546f30b1b68849ed9de,2024-11-21T04:40:57.780000 CVE-2019-2485,0,0,76d018af106f8af9fdc20711cbfe38a23bc7f9c5c4b44cb18c66175ee6e482c3,2024-11-21T04:40:57.893000 CVE-2019-2486,0,0,4d94fca994706eacfa9aa52f25dc23c95c1e49d831e7a7b89436c2cc7cb6710b,2024-11-21T04:40:58.017000 @@ -191117,7 +191117,7 @@ CVE-2022-21499,0,0,dc5a0cc9d6ff643c0e342a2bf885d62e76dd299429c26e32065c68ce6261a CVE-2022-21500,0,0,d010502319a7fee7f42ee09fcb58cf300edf4758febf313f5b6709c020dd4fcd,2024-11-21T06:44:50.663000 CVE-2022-21503,0,0,12eb09629f001add44d68bf73e4712070b60afd8a4f021c25887f07bef89eca0,2024-11-21T06:44:50.790000 CVE-2022-21504,0,0,631a6577f7152e8333748d9581f5c978cd32d99bf75c5abb196c5da1248e14fa,2024-11-21T06:44:50.890000 -CVE-2022-21505,1,1,b24ae6e6c491c7cca3ffd1fce8f2d8bbbfbac9e1272a7769fec6a6cb335ff6fe,2024-12-24T19:15:06.763000 +CVE-2022-21505,0,0,b24ae6e6c491c7cca3ffd1fce8f2d8bbbfbac9e1272a7769fec6a6cb335ff6fe,2024-12-24T19:15:06.763000 CVE-2022-21508,0,0,e2eb6f33718526bb54590b8c6c28a056615cacc6c1a7482ca77f25144c906519,2024-11-21T06:44:50.990000 CVE-2022-21509,0,0,1ee00dc119bbbdc97f4643daf6334effe1ded197f2b4ca9700d80faf547e60b1,2024-11-21T06:44:51.110000 CVE-2022-2151,0,0,dc428bf8d4fba7305831503b816cb2b740b347356a4730407735e1dfb73a0612,2024-11-21T07:00:25.940000 @@ -258365,7 +258365,7 @@ CVE-2024-3660,0,0,20025f7b62973653cc8941fbef87ae17b3ffd87826fc0c4de7a731ae0d751b CVE-2024-36600,0,0,5bc2dd647c860eb3b1bb445a0fea74968b8509f95ea2ffa6e403187817722e45,2024-11-21T09:22:28.260000 CVE-2024-36604,0,0,b965b71d71fc7c5a435eae0bac282843e7c3cc24fd1379264acea5ad66aa97db,2024-12-13T15:15:04.127000 CVE-2024-3661,0,0,11a579560faa5cc1a7695ecebefa36af8b143192151784b4c1d37ba82796f9dd,2024-11-21T09:30:07.610000 -CVE-2024-36610,0,0,0927c00cb75f9358070097d5ca895695a905274604112058caa92d1332131322,2024-12-03T21:15:06.600000 +CVE-2024-36610,0,1,086f8f5b46926c0d5b801e2f18812ba0aac4c04dd5f1ff997c802b3134a682c8,2024-12-24T21:15:18.280000 CVE-2024-36611,0,0,8ae1129d2c6d7f04820dc25a51b35eeb79c0ea9714d3891bb92ee90d865f9805,2024-12-03T21:15:06.783000 CVE-2024-36612,0,0,2e5bae787232529157776124a9b65f7f3416dd8775c93aff3efc637bb8af407f,2024-12-02T17:15:11.420000 CVE-2024-36615,0,0,c3893c90b5581100f420f26ee0ccf784458a2107b295d3c77defc3849a0f0672,2024-12-03T16:15:22.197000 @@ -269564,7 +269564,7 @@ CVE-2024-5292,0,0,1452aec2e6f1e5f02e53c45b3ee750a7e5d33f92b8e7382e2bc21f3b08b3e5 CVE-2024-52920,0,0,d51c19b029322a73c74b6821f9cbcbea373837a9a5ff27d72ff8adc9e86cc1bc,2024-11-18T17:11:17.393000 CVE-2024-52921,0,0,25b2bda62d23ac11ec224824331b7110da2b691d46f1f7381cfaabb403afcc15,2024-11-18T17:11:17.393000 CVE-2024-52922,0,0,6a8e09d1bf0adb255aa582ae6b8ef0e4e406447b917ba92ca194beb3eadfb929,2024-11-18T17:35:09.720000 -CVE-2024-52926,0,1,5021ba3f217b734483a326034e850572aad7fe69e34251b753d7998240a26e61,2024-12-24T19:15:06.940000 +CVE-2024-52926,0,0,5021ba3f217b734483a326034e850572aad7fe69e34251b753d7998240a26e61,2024-12-24T19:15:06.940000 CVE-2024-5293,0,0,f489071fddfba63fc047e3d21a5cfec46b34b73b22b63f08d456cdba6a84add5,2024-11-21T09:47:22.487000 CVE-2024-5294,0,0,5f7ae00e9a959f94251bcb983ddc17250c36ab864c5296be765aa222fa5fa253,2024-11-21T09:47:22.597000 CVE-2024-52940,0,0,dada389fd604fabcf8cad162ee7439c1b0f0631b96a74ff2b430a8633c0d2fd5,2024-11-18T17:11:17.393000