mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
Auto-Update: 2024-12-24T23:00:20.043649+00:00
This commit is contained in:
cad-safe-bot
parent
c2ebb97eca
commit
93a692f664
@ -2,82 +2,15 @@
|
||||
"id": "CVE-2024-36610",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-11-29T20:15:20.237",
|
||||
"lastModified": "2024-12-03T21:15:06.600",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"cveTags": [
|
||||
{
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"tags": [
|
||||
"disputed"
|
||||
]
|
||||
}
|
||||
],
|
||||
"lastModified": "2024-12-24T21:15:18.280",
|
||||
"vulnStatus": "Rejected",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A deserialization vulnerability exists in the Stub class of the VarDumper module in Symfony v7.0.3. The vulnerability stems from deficiencies in the original implementation when handling properties with null or uninitialized values. An attacker could construct specific serialized data and use this vulnerability to execute unauthorized code. NOTE: the Supplier has concluded that this is a false report."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Existe una vulnerabilidad de deserializaci\u00f3n en la clase Stub del m\u00f3dulo VarDumper en Symfony v7.0.3. La vulnerabilidad surge de deficiencias en la implementaci\u00f3n original al manejar propiedades con valores nulos o no inicializados. Un atacante podr\u00eda construir datos serializados espec\u00edficos y usar esta vulnerabilidad para ejecutar c\u00f3digo no autorizado."
|
||||
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-94"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://gist.github.com/1047524396/24e93f2905850235e42ad7db6e878bd5",
|
||||
"source": "cve@mitre.org"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/github/advisory-database/pull/5046",
|
||||
"source": "cve@mitre.org"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/symfony/symfony/blob/v7.0.3/src/Symfony/Component/VarDumper/Cloner/Stub.php#L53",
|
||||
"source": "cve@mitre.org"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/symfony/symfony/commit/3ffd495bb3cc4d2e24e35b2d83c5b909cab7e259",
|
||||
"source": "cve@mitre.org"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/symfony/symfony/issues/59077#issuecomment-2513935018",
|
||||
"source": "cve@mitre.org"
|
||||
}
|
||||
]
|
||||
"metrics": {},
|
||||
"references": []
|
||||
}
|
||||
10
README.md
10
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-12-24T21:00:20.136211+00:00
|
||||
2024-12-24T23:00:20.043649+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-12-24T19:15:06.940000+00:00
|
||||
2024-12-24T21:15:18.280000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -38,17 +38,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `2`
|
||||
Recently added CVEs: `0`
|
||||
|
||||
- [CVE-2019-2483](CVE-2019/CVE-2019-24xx/CVE-2019-2483.json) (`2024-12-24T19:15:05.757`)
|
||||
- [CVE-2022-21505](CVE-2022/CVE-2022-215xx/CVE-2022-21505.json) (`2024-12-24T19:15:06.763`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `1`
|
||||
|
||||
- [CVE-2024-52926](CVE-2024/CVE-2024-529xx/CVE-2024-52926.json) (`2024-12-24T19:15:06.940`)
|
||||
- [CVE-2024-36610](CVE-2024/CVE-2024-366xx/CVE-2024-36610.json) (`2024-12-24T21:15:18.280`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
||||
@ -138371,7 +138371,7 @@ CVE-2019-2479,0,0,e0c7a602157a3a3233e2924456cab0b3e874e1a14c59e46b40d40a581b865b
|
||||
CVE-2019-2480,0,0,6eea42436df236a96df3c2182dde88be080c2d91d3678fb57a7c2f7ad95e7702,2024-11-21T04:40:57.403000
|
||||
CVE-2019-2481,0,0,2c7f842fe90c4c9c7c6cf8044eaff1b070218ab2ebd7b7b65afbfc4acbbc5150,2024-11-21T04:40:57.523000
|
||||
CVE-2019-2482,0,0,60afa5b90bf8c3578bc6106e4f975267fcbb563b3067e9521d1bdccda2a87afd,2024-11-21T04:40:57.660000
|
||||
CVE-2019-2483,1,1,1833f21442f4cd48b679d1df71521380a30e67a9c4f8fc1c5765d72d6f5053a6,2024-12-24T19:15:05.757000
|
||||
CVE-2019-2483,0,0,1833f21442f4cd48b679d1df71521380a30e67a9c4f8fc1c5765d72d6f5053a6,2024-12-24T19:15:05.757000
|
||||
CVE-2019-2484,0,0,a7715493c3547f6d9e809f816d1813c2921c76b2c7dc1546f30b1b68849ed9de,2024-11-21T04:40:57.780000
|
||||
CVE-2019-2485,0,0,76d018af106f8af9fdc20711cbfe38a23bc7f9c5c4b44cb18c66175ee6e482c3,2024-11-21T04:40:57.893000
|
||||
CVE-2019-2486,0,0,4d94fca994706eacfa9aa52f25dc23c95c1e49d831e7a7b89436c2cc7cb6710b,2024-11-21T04:40:58.017000
|
||||
@ -191117,7 +191117,7 @@ CVE-2022-21499,0,0,dc5a0cc9d6ff643c0e342a2bf885d62e76dd299429c26e32065c68ce6261a
|
||||
CVE-2022-21500,0,0,d010502319a7fee7f42ee09fcb58cf300edf4758febf313f5b6709c020dd4fcd,2024-11-21T06:44:50.663000
|
||||
CVE-2022-21503,0,0,12eb09629f001add44d68bf73e4712070b60afd8a4f021c25887f07bef89eca0,2024-11-21T06:44:50.790000
|
||||
CVE-2022-21504,0,0,631a6577f7152e8333748d9581f5c978cd32d99bf75c5abb196c5da1248e14fa,2024-11-21T06:44:50.890000
|
||||
CVE-2022-21505,1,1,b24ae6e6c491c7cca3ffd1fce8f2d8bbbfbac9e1272a7769fec6a6cb335ff6fe,2024-12-24T19:15:06.763000
|
||||
CVE-2022-21505,0,0,b24ae6e6c491c7cca3ffd1fce8f2d8bbbfbac9e1272a7769fec6a6cb335ff6fe,2024-12-24T19:15:06.763000
|
||||
CVE-2022-21508,0,0,e2eb6f33718526bb54590b8c6c28a056615cacc6c1a7482ca77f25144c906519,2024-11-21T06:44:50.990000
|
||||
CVE-2022-21509,0,0,1ee00dc119bbbdc97f4643daf6334effe1ded197f2b4ca9700d80faf547e60b1,2024-11-21T06:44:51.110000
|
||||
CVE-2022-2151,0,0,dc428bf8d4fba7305831503b816cb2b740b347356a4730407735e1dfb73a0612,2024-11-21T07:00:25.940000
|
||||
@ -258365,7 +258365,7 @@ CVE-2024-3660,0,0,20025f7b62973653cc8941fbef87ae17b3ffd87826fc0c4de7a731ae0d751b
|
||||
CVE-2024-36600,0,0,5bc2dd647c860eb3b1bb445a0fea74968b8509f95ea2ffa6e403187817722e45,2024-11-21T09:22:28.260000
|
||||
CVE-2024-36604,0,0,b965b71d71fc7c5a435eae0bac282843e7c3cc24fd1379264acea5ad66aa97db,2024-12-13T15:15:04.127000
|
||||
CVE-2024-3661,0,0,11a579560faa5cc1a7695ecebefa36af8b143192151784b4c1d37ba82796f9dd,2024-11-21T09:30:07.610000
|
||||
CVE-2024-36610,0,0,0927c00cb75f9358070097d5ca895695a905274604112058caa92d1332131322,2024-12-03T21:15:06.600000
|
||||
CVE-2024-36610,0,1,086f8f5b46926c0d5b801e2f18812ba0aac4c04dd5f1ff997c802b3134a682c8,2024-12-24T21:15:18.280000
|
||||
CVE-2024-36611,0,0,8ae1129d2c6d7f04820dc25a51b35eeb79c0ea9714d3891bb92ee90d865f9805,2024-12-03T21:15:06.783000
|
||||
CVE-2024-36612,0,0,2e5bae787232529157776124a9b65f7f3416dd8775c93aff3efc637bb8af407f,2024-12-02T17:15:11.420000
|
||||
CVE-2024-36615,0,0,c3893c90b5581100f420f26ee0ccf784458a2107b295d3c77defc3849a0f0672,2024-12-03T16:15:22.197000
|
||||
@ -269564,7 +269564,7 @@ CVE-2024-5292,0,0,1452aec2e6f1e5f02e53c45b3ee750a7e5d33f92b8e7382e2bc21f3b08b3e5
|
||||
CVE-2024-52920,0,0,d51c19b029322a73c74b6821f9cbcbea373837a9a5ff27d72ff8adc9e86cc1bc,2024-11-18T17:11:17.393000
|
||||
CVE-2024-52921,0,0,25b2bda62d23ac11ec224824331b7110da2b691d46f1f7381cfaabb403afcc15,2024-11-18T17:11:17.393000
|
||||
CVE-2024-52922,0,0,6a8e09d1bf0adb255aa582ae6b8ef0e4e406447b917ba92ca194beb3eadfb929,2024-11-18T17:35:09.720000
|
||||
CVE-2024-52926,0,1,5021ba3f217b734483a326034e850572aad7fe69e34251b753d7998240a26e61,2024-12-24T19:15:06.940000
|
||||
CVE-2024-52926,0,0,5021ba3f217b734483a326034e850572aad7fe69e34251b753d7998240a26e61,2024-12-24T19:15:06.940000
|
||||
CVE-2024-5293,0,0,f489071fddfba63fc047e3d21a5cfec46b34b73b22b63f08d456cdba6a84add5,2024-11-21T09:47:22.487000
|
||||
CVE-2024-5294,0,0,5f7ae00e9a959f94251bcb983ddc17250c36ab864c5296be765aa222fa5fa253,2024-11-21T09:47:22.597000
|
||||
CVE-2024-52940,0,0,dada389fd604fabcf8cad162ee7439c1b0f0631b96a74ff2b430a8633c0d2fd5,2024-11-18T17:11:17.393000
|
||||
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user