Auto-Update: 2024-02-20T09:00:29.547030+00:00

CVE-2023/CVE-2023-443xx/CVE-2023-44308.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-44308",
+  "sourceIdentifier": "security@liferay.com",
+  "published": "2024-02-20T07:15:08.033",
+  "lastModified": "2024-02-20T07:15:08.033",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Open redirect vulnerability in adaptive media administration page in Liferay DXP 2023.Q3 before patch 6, and 7.4 GA through update 92 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_adaptive_media_web_portlet_AMPortlet_redirect parameter."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@liferay.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@liferay.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-601"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-44308",
+      "source": "security@liferay.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-222xx/CVE-2024-22234.json

@@ -0,0 +1,43 @@
+{
+  "id": "CVE-2024-22234",
+  "sourceIdentifier": "security@vmware.com",
+  "published": "2024-02-20T07:15:09.967",
+  "lastModified": "2024-02-20T07:15:09.967",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access control when it directly uses the AuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u00a0method.\n\nSpecifically, an application is vulnerable if:\n\n  *  The application uses AuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u00a0directly and a null\u00a0authentication parameter is passed to it resulting in an erroneous true\u00a0return value.\n\n\nAn application is not vulnerable if any of the following is true:\n\n  *  The application does not use AuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u00a0directly.\n  *  The application does not pass null\u00a0to AuthenticationTrustResolver.isFullyAuthenticated\n  *  The application only uses isFullyAuthenticated\u00a0via  Method Security https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html \u00a0or  HTTP Request Security https://docs.spring.io/spring-security/reference/servlet/authorization/authorize-http-requests.html \n\n\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@vmware.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.4,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://spring.io/security/cve-2024-22234",
+      "source": "security@vmware.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-251xx/CVE-2024-25149.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-25149",
+  "sourceIdentifier": "security@liferay.com",
+  "published": "2024-02-20T07:15:10.557",
+  "lastModified": "2024-02-20T07:15:10.557",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions does not properly restrict membership of a child site when the \"Limit membership to members of the parent site\" option is enabled, which allows remote authenticated users to add users who are not a member of the parent site to a child site. The added user may obtain permission to perform unauthorized actions in the child site."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@liferay.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@liferay.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-863"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25149",
+      "source": "security@liferay.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-251xx/CVE-2024-25150.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-25150",
+  "sourceIdentifier": "security@liferay.com",
+  "published": "2024-02-20T08:15:07.290",
+  "lastModified": "2024-02-20T08:15:07.290",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Information disclosure vulnerability in the Control Panel in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions allows remote authenticated users to obtain a user's full name from the page's title by enumerating user screen names."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@liferay.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@liferay.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-201"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25150",
+      "source": "security@liferay.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-259xx/CVE-2024-25973.json

@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2024-25973",
+  "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
+  "published": "2024-02-20T08:15:07.717",
+  "lastModified": "2024-02-20T08:15:07.717",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Frentix GmbH OpenOlat LMS is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities.\u00a0An attacker with rights to create or edit groups can create a course with a name that contains an XSS payload. Furthermore, attackers with the permissions to create or rename a catalog (sub-category) can enter unfiltered input in the name field. In addition, attackers who are allowed to create curriculums can also enter unfiltered input in the name field. This allows an attacker to execute stored JavaScript code with the permissions of the victim in the context of the user's browser.\n\n"
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://r.sec-consult.com/openolat",
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
+    }
+  ]
+}

CVE-2024/CVE-2024-259xx/CVE-2024-25974.json

@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2024-25974",
+  "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
+  "published": "2024-02-20T08:15:07.823",
+  "lastModified": "2024-02-20T08:15:07.823",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Frentix GmbH OpenOlat LMS is affected by stored a Cross-Site Scripting (XSS) vulnerability.\u00a0It is possible to upload files within the Media Center of OpenOlat version 18.1.5 (or lower) as an authenticated user without any other rights. Although the filetypes are limited, an SVG image containing an XSS payload can be uploaded.\u00a0After a successful upload the file can be shared with groups of users (including admins) who can be attacked with the JavaScript payload."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://r.sec-consult.com/openolat",
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-02-20T07:00:25.674495+00:00
+2024-02-20T09:00:29.547030+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-02-20T06:15:07.680000+00:00
+2024-02-20T08:15:07.823000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,15 +29,19 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-238921
+238927
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `2`
+Recently added CVEs: `6`
 
-* [CVE-2022-45320](CVE-2022/CVE-2022-453xx/CVE-2022-45320.json) (`2024-02-20T05:15:07.613`)
-* [CVE-2023-5190](CVE-2023/CVE-2023-51xx/CVE-2023-5190.json) (`2024-02-20T06:15:07.680`)
+* [CVE-2023-44308](CVE-2023/CVE-2023-443xx/CVE-2023-44308.json) (`2024-02-20T07:15:08.033`)
+* [CVE-2024-22234](CVE-2024/CVE-2024-222xx/CVE-2024-22234.json) (`2024-02-20T07:15:09.967`)
+* [CVE-2024-25149](CVE-2024/CVE-2024-251xx/CVE-2024-25149.json) (`2024-02-20T07:15:10.557`)
+* [CVE-2024-25150](CVE-2024/CVE-2024-251xx/CVE-2024-25150.json) (`2024-02-20T08:15:07.290`)
+* [CVE-2024-25973](CVE-2024/CVE-2024-259xx/CVE-2024-25973.json) (`2024-02-20T08:15:07.717`)
+* [CVE-2024-25974](CVE-2024/CVE-2024-259xx/CVE-2024-25974.json) (`2024-02-20T08:15:07.823`)
 
 
 ### CVEs modified in the last Commit