From fef55bc56a2f7094c556ccfebc64a8953719dd59 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 24 Dec 2024 05:03:43 +0000 Subject: [PATCH] Auto-Update: 2024-12-24T05:00:20.145440+00:00 --- CVE-2024/CVE-2024-125xx/CVE-2024-12582.json | 60 +++++++++++++++++++++ CVE-2024/CVE-2024-408xx/CVE-2024-40896.json | 29 ++++++++-- CVE-2024/CVE-2024-475xx/CVE-2024-47515.json | 56 +++++++++++++++++++ CVE-2024/CVE-2024-563xx/CVE-2024-56310.json | 45 ++++++++++++++-- CVE-2024/CVE-2024-563xx/CVE-2024-56311.json | 45 ++++++++++++++-- CVE-2024/CVE-2024-563xx/CVE-2024-56312.json | 45 ++++++++++++++-- CVE-2024/CVE-2024-563xx/CVE-2024-56313.json | 45 ++++++++++++++-- CVE-2024/CVE-2024-563xx/CVE-2024-56314.json | 45 ++++++++++++++-- CVE-2024/CVE-2024-563xx/CVE-2024-56375.json | 45 ++++++++++++++-- CVE-2024/CVE-2024-94xx/CVE-2024-9427.json | 56 +++++++++++++++++++ README.md | 25 +++++---- _state.csv | 31 ++++++----- 12 files changed, 481 insertions(+), 46 deletions(-) create mode 100644 CVE-2024/CVE-2024-125xx/CVE-2024-12582.json create mode 100644 CVE-2024/CVE-2024-475xx/CVE-2024-47515.json create mode 100644 CVE-2024/CVE-2024-94xx/CVE-2024-9427.json diff --git a/CVE-2024/CVE-2024-125xx/CVE-2024-12582.json b/CVE-2024/CVE-2024-125xx/CVE-2024-12582.json new file mode 100644 index 00000000000..97f1cbc33e7 --- /dev/null +++ b/CVE-2024/CVE-2024-125xx/CVE-2024-12582.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12582", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-12-24T04:15:05.137", + "lastModified": "2024-12-24T04:15:05.137", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the \"admin\" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-305" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-12582", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333540", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-408xx/CVE-2024-40896.json b/CVE-2024/CVE-2024-408xx/CVE-2024-40896.json index fec89e21d29..e3e449db608 100644 --- a/CVE-2024/CVE-2024-408xx/CVE-2024-40896.json +++ b/CVE-2024/CVE-2024-408xx/CVE-2024-40896.json @@ -2,8 +2,8 @@ "id": "CVE-2024-40896", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-23T17:15:08.400", - "lastModified": "2024-12-23T18:15:06.940", - "vulnStatus": "Received", + "lastModified": "2024-12-24T03:15:06.727", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { @@ -11,7 +11,30 @@ "value": "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, "weaknesses": [ { "source": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47515.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47515.json new file mode 100644 index 00000000000..69905ec5ba5 --- /dev/null +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47515.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47515", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-12-24T04:15:05.750", + "lastModified": "2024-12-24T04:15:05.750", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-61" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315806", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56310.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56310.json index 658de48540e..957d8e0486b 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56310.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56310.json @@ -2,16 +2,55 @@ "id": "CVE-2024-56310", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-22T21:15:16.433", - "lastModified": "2024-12-22T21:15:16.433", - "vulnStatus": "Received", + "lastModified": "2024-12-24T03:15:07.440", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into clicking on a Project Dashboards name that contains the malicious payload, which triggers a logout request and terminates their session. This vulnerability stems from the absence of CSRF protections on the logout functionality, allowing malicious actions to be executed without user consent." + }, + { + "lang": "es", + "value": "REDCap hasta la versi\u00f3n 15.0.0 tiene una falla de seguridad en el nombre de Project Dashboards, lo que expone a los usuarios a un ataque de Cross-Site Request Forgery (CSRF). Un atacante puede aprovechar esto al atraer a los usuarios para que hagan clic en un nombre de Project Dashboards que contenga la carga maliciosa, lo que desencadena una solicitud de cierre de sesi\u00f3n y finaliza su sesi\u00f3n. Esta vulnerabilidad se origina en la ausencia de protecciones CSRF en la funcionalidad de cierre de sesi\u00f3n, lo que permite que se ejecuten acciones maliciosas sin el consentimiento del usuario." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56311.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56311.json index 12c59b37e9c..223e17ee1d7 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56311.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56311.json @@ -2,16 +2,55 @@ "id": "CVE-2024-56311", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-22T21:15:16.600", - "lastModified": "2024-12-22T21:15:16.600", - "vulnStatus": "Received", + "lastModified": "2024-12-24T03:15:07.607", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery (CSRF) attack. An attacker can exploit this by luring users into accessing a calendar event's notes, which triggers a logout request and terminates their session. This vulnerability stems from the absence of CSRF protections on the logout functionality, allowing malicious actions to be executed without user consent." + }, + { + "lang": "es", + "value": "REDCap hasta la versi\u00f3n 15.0.0 tiene una falla de seguridad en la secci\u00f3n Notas de los eventos del calendario, lo que expone a los usuarios a un ataque de Cross-Site Request Forgery (CSRF). Un atacante puede aprovechar esto enga\u00f1ando a los usuarios para que accedan a las notas de un evento del calendario, lo que desencadena una solicitud de cierre de sesi\u00f3n y finaliza su sesi\u00f3n. Esta vulnerabilidad se debe a la ausencia de protecciones CSRF en la funcionalidad de cierre de sesi\u00f3n, lo que permite que se ejecuten acciones maliciosas sin el consentimiento del usuario." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56312.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56312.json index 33e43bf0059..75e293418de 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56312.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56312.json @@ -2,16 +2,55 @@ "id": "CVE-2024-56312", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-22T22:15:05.630", - "lastModified": "2024-12-22T22:15:05.630", - "vulnStatus": "Received", + "lastModified": "2024-12-24T03:15:07.770", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stored cross-site scripting (XSS) vulnerability in the Project Dashboard name of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross-site scripting (XSS) almacenado en el nombre del panel de proyectos de REDCap hasta la versi\u00f3n 15.0.0 permite a los usuarios autenticados inyectar secuencias de comandos maliciosas en el campo de nombre de un panel de proyectos. Cuando un usuario hace clic en el nombre del panel de proyectos, se ejecuta el payload manipulado, lo que potencialmente permite la ejecuci\u00f3n de secuencias de comandos web arbitrarias." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56313.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56313.json index fbc1886ca02..c863872e4c0 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56313.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56313.json @@ -2,16 +2,55 @@ "id": "CVE-2024-56313", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-22T22:15:06.540", - "lastModified": "2024-12-22T22:15:06.540", - "vulnStatus": "Received", + "lastModified": "2024-12-24T03:15:07.927", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stored cross-site scripting (XSS) vulnerability in the Calendar feature of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the Notes field of a calendar event. When the event is viewed, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross-site scripting (XSS) almacenado en la funci\u00f3n Calendario de REDCap hasta la versi\u00f3n 15.0.0 permite a los usuarios autenticados inyectar secuencias de comandos maliciosas en el campo Notas de un evento del calendario. Cuando se visualiza el evento, se ejecuta el payload manipulado, lo que potencialmente permite la ejecuci\u00f3n de secuencias de comandos web arbitrarias." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56314.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56314.json index ae581a0f743..4be146fc6da 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56314.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56314.json @@ -2,16 +2,55 @@ "id": "CVE-2024-56314", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-22T22:15:06.670", - "lastModified": "2024-12-22T22:15:06.670", - "vulnStatus": "Received", + "lastModified": "2024-12-24T03:15:08.083", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 15.0.0 allows authenticated users to inject malicious scripts into the name field of a Project. When a user clicks on the project name to access it, the crafted payload is executed, potentially enabling the execution of arbitrary web scripts." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross-site scripting (XSS) almacenado en Project name de REDCap hasta la versi\u00f3n 15.0.0 permite a los usuarios autenticados inyectar secuencias de comandos maliciosas en el campo de nombre de un proyecto. Cuando un usuario hace clic en el nombre del proyecto para acceder a \u00e9l, se ejecuta el payload manipulado, lo que potencialmente permite la ejecuci\u00f3n de secuencias de comandos web arbitrarias." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/ping-oui-no/Vulnerability-Research-CVESS/tree/main/RedCap", diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56375.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56375.json index 3b336f083fd..47d72aae5fa 100644 --- a/CVE-2024/CVE-2024-563xx/CVE-2024-56375.json +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56375.json @@ -2,16 +2,55 @@ "id": "CVE-2024-56375", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-22T23:15:06.613", - "lastModified": "2024-12-22T23:15:06.613", - "vulnStatus": "Received", + "lastModified": "2024-12-24T03:15:08.247", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a Manifest RPKI object containing an empty fileList. Fort dereferences (and, shortly afterwards, writes to) this array during a shuffle attempt, before the validation that would normally reject it when empty. This out-of-bounds access is caused by an integer underflow that causes the surrounding loop to iterate infinitely. Because the product is permanently stuck attempting to overshuffle an array that doesn't actually exist, a crash is nearly guaranteed." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un desbordamiento de enteros en Fort 1.6.3 y 1.6.4 antes de 1.6.5. Un repositorio RPKI malicioso que desciende de un Trust Anchor (confiable) puede servir (a trav\u00e9s de rsync o RRDP) un objeto RPKI de manifiesto que contiene una lista de archivos vac\u00eda. Fort desreferencia (y, poco despu\u00e9s, escribe en) esta matriz durante un intento de mezcla, antes de la validaci\u00f3n que normalmente la rechazar\u00eda si estuviera vac\u00eda. Este acceso fuera de los l\u00edmites se debe a un desbordamiento de enteros que hace que el bucle circundante se repita infinitamente. Debido a que el producto est\u00e1 bloqueado permanentemente al intentar mezclar una matriz que en realidad no existe, es casi seguro que se produzca un bloqueo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://nicmx.github.io/FORT-validator/CVE.html", diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9427.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9427.json new file mode 100644 index 00000000000..fa6645e4912 --- /dev/null +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9427.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-9427", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-12-24T04:15:07.360", + "lastModified": "2024-12-24T04:15:07.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to submit an action or make a change in Koji due to existing XSS protections in the code" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-116" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316047", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 17d387c4c88..8097f7a8067 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-24T03:00:19.458432+00:00 +2024-12-24T05:00:20.145440+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-24T02:15:06.740000+00:00 +2024-12-24T04:15:07.360000+00:00 ``` ### Last Data Feed Release @@ -33,26 +33,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -274585 +274588 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `3` +- [CVE-2024-12582](CVE-2024/CVE-2024-125xx/CVE-2024-12582.json) (`2024-12-24T04:15:05.137`) +- [CVE-2024-47515](CVE-2024/CVE-2024-475xx/CVE-2024-47515.json) (`2024-12-24T04:15:05.750`) +- [CVE-2024-9427](CVE-2024/CVE-2024-94xx/CVE-2024-9427.json) (`2024-12-24T04:15:07.360`) ### CVEs modified in the last Commit Recently modified CVEs: `7` -- [CVE-2021-44207](CVE-2021/CVE-2021-442xx/CVE-2021-44207.json) (`2024-12-24T02:00:01.823`) -- [CVE-2024-23945](CVE-2024/CVE-2024-239xx/CVE-2024-23945.json) (`2024-12-24T02:15:05.303`) -- [CVE-2024-53275](CVE-2024/CVE-2024-532xx/CVE-2024-53275.json) (`2024-12-24T02:15:06.037`) -- [CVE-2024-53276](CVE-2024/CVE-2024-532xx/CVE-2024-53276.json) (`2024-12-24T02:15:06.207`) -- [CVE-2024-54148](CVE-2024/CVE-2024-541xx/CVE-2024-54148.json) (`2024-12-24T02:15:06.410`) -- [CVE-2024-56201](CVE-2024/CVE-2024-562xx/CVE-2024-56201.json) (`2024-12-24T02:15:06.580`) -- [CVE-2024-56326](CVE-2024/CVE-2024-563xx/CVE-2024-56326.json) (`2024-12-24T02:15:06.740`) +- [CVE-2024-40896](CVE-2024/CVE-2024-408xx/CVE-2024-40896.json) (`2024-12-24T03:15:06.727`) +- [CVE-2024-56310](CVE-2024/CVE-2024-563xx/CVE-2024-56310.json) (`2024-12-24T03:15:07.440`) +- [CVE-2024-56311](CVE-2024/CVE-2024-563xx/CVE-2024-56311.json) (`2024-12-24T03:15:07.607`) +- [CVE-2024-56312](CVE-2024/CVE-2024-563xx/CVE-2024-56312.json) (`2024-12-24T03:15:07.770`) +- [CVE-2024-56313](CVE-2024/CVE-2024-563xx/CVE-2024-56313.json) (`2024-12-24T03:15:07.927`) +- [CVE-2024-56314](CVE-2024/CVE-2024-563xx/CVE-2024-56314.json) (`2024-12-24T03:15:08.083`) +- [CVE-2024-56375](CVE-2024/CVE-2024-563xx/CVE-2024-56375.json) (`2024-12-24T03:15:08.247`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 6d54f648ec0..d863b7d9b25 100644 --- a/_state.csv +++ b/_state.csv @@ -185333,7 +185333,7 @@ CVE-2021-44203,0,0,508eb6b050cb9edbc4d859609017b4ff90c361b8833265453c85194c90e26 CVE-2021-44204,0,0,6aa974a64a61b329c694450f42afb1d8eae9a90c5f26859b2e2e19f2c7f64169,2024-11-21T06:30:34.300000 CVE-2021-44205,0,0,9799064d1571df0d6982a5073ec220e92a13da5e067c0085ff08f97692729941,2024-11-21T06:30:34.457000 CVE-2021-44206,0,0,feed6a6bf0af4d6221906ba9bcec078465a0c79d160fd89322c280f481c9a8b2,2024-11-21T06:30:34.593000 -CVE-2021-44207,0,1,ab6cd68759d96ee58722adf9b03fe12962a554c33b9877fa7739bad5005c5447,2024-12-24T02:00:01.823000 +CVE-2021-44207,0,0,ab6cd68759d96ee58722adf9b03fe12962a554c33b9877fa7739bad5005c5447,2024-12-24T02:00:01.823000 CVE-2021-44208,0,0,a9d10b6a2bda2a03da19d70e83cce1926454ffed3cce9a05f84b2a5b9a807bcf,2024-11-21T06:30:34.903000 CVE-2021-44209,0,0,13573abfe045728a3019e5db77d9947d269097fe48a3b8d8e4f8297ef768ba41,2024-11-21T06:30:35.083000 CVE-2021-4421,0,0,fa171effbeb755b01cbed06c07ebd983fcfa0fc4053d0cff65567cd80e77ab7e,2024-11-21T06:37:41.153000 @@ -244954,6 +244954,7 @@ CVE-2024-12578,0,0,9683da78c95f4de0afe4f169763bacae0c8e4e48d594e85dbc7c32bda1c6e CVE-2024-12579,0,0,6b066a632ed42755872bfe12897131044e41b00627589546ab36be31d813b6f2,2024-12-13T05:15:07.473000 CVE-2024-1258,0,0,36d421eec5fc7cce6382fad9fd3a9a8780da80fcb6e09fc8e5e480709b2e6caa,2024-11-21T08:50:10.573000 CVE-2024-12581,0,0,899275a869b7c967a158446f680d5b1e6ee7fb8c13fa325a1164dc54186bea7f,2024-12-13T06:15:26.433000 +CVE-2024-12582,1,1,7e453b0b2fc58c5f199238f8e99bab882063c16a606bbbed878c19f5c7e5ca1a,2024-12-24T04:15:05.137000 CVE-2024-12588,0,0,1933918a1bc731b9f2daeac6f15474bd290e2defc9eea3981aaebba99a0dc9b7,2024-12-21T09:15:06.233000 CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278bd7,2024-11-21T08:50:10.730000 CVE-2024-12591,0,0,eaf713466d72851d200fb1c2165d3b74352c989b31dbbf0a4a003e2ec790fb1b,2024-12-21T10:15:09.177000 @@ -248911,7 +248912,7 @@ CVE-2024-2394,0,0,621d534b6e99ea3eb7663377d97ee0e05ad2be3959f632056cfe6794bf2d11 CVE-2024-23940,0,0,06d04c2e3a7f29a0e7a62a5331ae3d9d5c7acce3a81c480978850a16e4f0b74a,2024-11-21T08:58:43.807000 CVE-2024-23941,0,0,377e40ad54a332b818df016f5e6db38286f42aa52aa09ea13a642fb9c9a22ca1,2024-11-21T08:58:43.940000 CVE-2024-23944,0,0,52d30435d5fece2084654095f6cb22c51963787cdd07ba430e66badb23fb97d7,2024-11-21T08:58:44.067000 -CVE-2024-23945,0,1,77580d48a82d4562485ba4e0b8bab784875ff9ee3be586b8b7971d4db544c20c,2024-12-24T02:15:05.303000 +CVE-2024-23945,0,0,77580d48a82d4562485ba4e0b8bab784875ff9ee3be586b8b7971d4db544c20c,2024-12-24T02:15:05.303000 CVE-2024-23946,0,0,9c898cf09e521a2a31019dd3080db79ce9c32f7697e5321cb7301cafff4ddf89,2024-11-21T08:58:44.260000 CVE-2024-23947,0,0,f911293c6af8cf8e2a4c71b3a16ce5c03d9ac810bd789b6ce8a33c36c29ca1c5,2024-11-21T08:58:44.480000 CVE-2024-23948,0,0,d6d4011f0c2b673928e54c2b884e178d06b968843ed951ce2e90e73776691214,2024-11-21T08:58:44.607000 @@ -261352,7 +261353,7 @@ CVE-2024-4089,0,0,7a035608d08862b8a3927991cbc7bcfd8e0cb13815d39b3b58eaf685ec21d6 CVE-2024-40892,0,0,0bef0c096de1fd9b74596dba063b1cf9ffb172ff0abd417611d342278b46245f,2024-08-21T18:15:09.710000 CVE-2024-40893,0,0,291c1cc414cfaa66f88e6f282a2cb52f9787a1f732797e904eca670adbd8e574,2024-08-21T18:15:09.803000 CVE-2024-40895,0,0,9bfbe451c0a62cc469c348ecf829cab564e06b39ab7ab75fbb9a00c7abd49483,2024-11-21T09:31:48.250000 -CVE-2024-40896,0,0,99cd60873be66345887580cd246a9786d55d0f242caaa835b8f113819f38ab35,2024-12-23T18:15:06.940000 +CVE-2024-40896,0,1,4926cdf67fbc9b49af58d3bfc3b7316338055693dabf3e4f11e44bcc02a7dcf6,2024-12-24T03:15:06.727000 CVE-2024-40897,0,0,5de984c0ce0b5f00f148c2d87f9ba7398ed21388187cb055a9d01cc9ee9adfcc,2024-11-21T09:31:48.450000 CVE-2024-40898,0,0,b930bfc2025b86aea21c8f0fe9e9b6f374f54a09bbb3f9c81abb259ea87ff81c,2024-11-21T09:31:48.670000 CVE-2024-40899,0,0,27efc19ced00bac32be0c727e443e10ff312f5514ad1f8ef8ce233abd9e28b76,2024-11-21T09:31:48.870000 @@ -265970,6 +265971,7 @@ CVE-2024-47507,0,0,4b5526bca6993d370893c5c6161e096044990d9b0b51024d2cb9be1f9cc10 CVE-2024-47508,0,0,9eb24349b682be71035d07f35bdd0e3c44d0149390ddd7778db3308d79b627b6,2024-10-15T12:58:51.050000 CVE-2024-47509,0,0,94c229801bddb8ce94388d34ff206e5f012170cf995eff5bd6f1382afdd7a27e,2024-10-15T12:58:51.050000 CVE-2024-4751,0,0,323d34e4e60f2c798f82031d559639fb459a06390325463f51ec0a8dd20e430a,2024-11-21T09:43:31.213000 +CVE-2024-47515,1,1,8603992d38cd4ce3c095abe0a5f631e2655cc84a74600a54a87d12d9f7d4333b,2024-12-24T04:15:05.750000 CVE-2024-4752,0,0,710c56921216e1d7aca081e59c40f51db5ad035f8f7076b00214ce955a44b36f,2024-11-21T09:43:31.400000 CVE-2024-47522,0,0,c02f34b0206a3beffa01319045412a788f423598c15fe9aabedbdbabe223631f,2024-10-22T13:51:02.710000 CVE-2024-47523,0,0,c97d6eb97cc8d0172f2511cd438bb91b754c178ebc143b911ae3b2c8f936379d,2024-10-07T19:07:30.287000 @@ -269723,8 +269725,8 @@ CVE-2024-53271,0,0,bf343792418ea9791cab65636364e42817a58c9fbdd6d31284460cca28c34 CVE-2024-53272,0,0,f3ae5c3af00a8a1ede971886e8407e0fd8e6e8ff1a7606066ce068e53ea18328,2024-12-12T02:15:28.670000 CVE-2024-53273,0,0,4be201cb4a2a2818369414ac4a638086038f7b2129c8882fb2f8ed84d4b3ca40,2024-12-12T02:15:28.813000 CVE-2024-53274,0,0,1b082934bf5e9b4005ba0f77ebbc282458901418112daa847bcdad246d3a28e8,2024-12-12T02:15:28.940000 -CVE-2024-53275,0,1,b3847d880a6780208a9f693e576ca3b36c2adda95c5345e53e7ff73bf61d5fd1,2024-12-24T02:15:06.037000 -CVE-2024-53276,0,1,51b803e4905e6fb62080dd322af7deb91ea3a8703a5cae47d042c3029322ad7d,2024-12-24T02:15:06.207000 +CVE-2024-53275,0,0,b3847d880a6780208a9f693e576ca3b36c2adda95c5345e53e7ff73bf61d5fd1,2024-12-24T02:15:06.037000 +CVE-2024-53276,0,0,51b803e4905e6fb62080dd322af7deb91ea3a8703a5cae47d042c3029322ad7d,2024-12-24T02:15:06.207000 CVE-2024-53278,0,0,6f30b711eaa2519505a8ae7e3cc5077447b747b2c4a9b5a5e0658f524894f224,2024-11-26T05:15:10.563000 CVE-2024-53279,0,0,44033b042ffed7a89d7ff23520a85cac4516e857c657f0452265be9252a09d8c,2024-12-09T04:15:04.477000 CVE-2024-5328,0,0,8c7cab73e73336a340952a9318c322c99389e6514b1340a59b208cd9ecb39030,2024-11-21T09:47:25.977000 @@ -270154,7 +270156,7 @@ CVE-2024-54140,0,0,e331d2ac3dbd3b8a53d43f4b62020140bfe310c3ed6fc6689e9e07dc1c045 CVE-2024-54141,0,0,03f51d6625a463b05e77ba75622f0e1fc489bf2648bf55da8aa1a94f754ed277,2024-12-06T15:15:09.530000 CVE-2024-54143,0,0,39896e76381b970ed0c53caca39df9efa5206ded9e17479626eb381c775f3554,2024-12-06T17:15:12.687000 CVE-2024-54147,0,0,31061631720e65f385fd359d47a289e6f20b86f9fad882040f751c79c06fbc19,2024-12-09T19:15:14.513000 -CVE-2024-54148,0,1,742d6ad775c872b1ad8da7c631ab5696b3273775b61e8688677d4875f069608d,2024-12-24T02:15:06.410000 +CVE-2024-54148,0,0,742d6ad775c872b1ad8da7c631ab5696b3273775b61e8688677d4875f069608d,2024-12-24T02:15:06.410000 CVE-2024-54149,0,0,9e6d58019e13dfe4168259b606ef42fa170a7f5d925476003c46ba8914519715,2024-12-09T21:15:08.600000 CVE-2024-5415,0,0,74eb25978de9e4a46066392a5c5808fd8612c02bf2d68d6ca3b049d5a2727bf3,2024-11-21T09:47:36.587000 CVE-2024-54150,0,0,2df54d94caae27dd20c93dacb8da181f1ca94c7f90068ee4b0f13c650c491939,2024-12-20T18:15:29.847000 @@ -270840,7 +270842,7 @@ CVE-2024-5618,0,0,d2d97c727c060ec84f3174901af9ab7b075641151198c4f29457077453fd0c CVE-2024-5619,0,0,847b29035ced8b12638c0c9edc7633e1fcbe758edecd5717d697d3abb49553ce,2024-11-21T09:48:01.807000 CVE-2024-5620,0,0,240638ef58a29a459ed1037710fcf1b7e875e31a78e263978233bb4c4a8442da,2024-11-21T09:48:01.930000 CVE-2024-56200,0,0,51120d87a10e515859753773432ee83776f25472dfafe8167b573d6b5892d131,2024-12-19T19:15:08.280000 -CVE-2024-56201,0,1,f0a34e4d6c3fbdf0e4b96db87921ad9a8f8768ce26c0de0f3d495a0c976c3e7c,2024-12-24T02:15:06.580000 +CVE-2024-56201,0,0,f0a34e4d6c3fbdf0e4b96db87921ad9a8f8768ce26c0de0f3d495a0c976c3e7c,2024-12-24T02:15:06.580000 CVE-2024-5622,0,0,48dd50139cd0fb0b9e32ff1d34b4004b39a7c87dde414648422613d43b5d51e5,2024-09-13T20:21:38.610000 CVE-2024-5623,0,0,7a27a8a8bb2e29efe02be8c957247e288b25a39c8598c86d8533218d73dc7a15,2024-09-13T20:19:53.477000 CVE-2024-5624,0,0,7f93c754c9c6e0a4611cd66d82be3519ca19fdbb2803818bcf7cbddb963f07b6,2024-09-13T20:23:28.787000 @@ -270851,16 +270853,16 @@ CVE-2024-5628,0,0,755412ba03c7f502c54c635c9705b96a4154da09bb9bfca64f93d1d41d08cf CVE-2024-5629,0,0,f9daa1fe2950a7ccef0838fb6e6cae4a7319a3ab1da6174da12e5faf2c955f5a,2024-11-21T09:48:02.860000 CVE-2024-5630,0,0,50874e31f2d6c9403bb3dbaf933b8b3f439196ea7c18b531eba9bc061324fe0f,2024-11-21T09:48:03.020000 CVE-2024-5631,0,0,2a74e658158bae900a85436e92fd017c375ea2371e9ccb7b5a67e7bbd481f6b3,2024-11-21T09:48:03.210000 -CVE-2024-56310,0,0,fd778eb590d1fbb32130fffba54ed545129192edf10e26cf3a21b5e6459b501d,2024-12-22T21:15:16.433000 -CVE-2024-56311,0,0,e2eae5ad5d224b6d2217bcfe83f7bd65df83e28c0bec948bad3706d862749a90,2024-12-22T21:15:16.600000 -CVE-2024-56312,0,0,b3ff8a8f9068c3a156742e12a6bc627bc59e105684871a4faad004e80a37c8af,2024-12-22T22:15:05.630000 -CVE-2024-56313,0,0,bab8100491ae46d1acfcde4c0f557fb02ee2d8f1cf2ffae579d4a3928d2f1703,2024-12-22T22:15:06.540000 -CVE-2024-56314,0,0,5c94b3924b2872303b1ac6d2c357e874b9bf8bb914ff58119e06c5cd125443ca,2024-12-22T22:15:06.670000 +CVE-2024-56310,0,1,52fb9787ce6d270fefb09f2575978be0fb95a84a154a0887a6718d274c54ad79,2024-12-24T03:15:07.440000 +CVE-2024-56311,0,1,66e9c6fbb0050254b7557259672fd0233cf69bba8f8e828ea4035d56bf3a6933,2024-12-24T03:15:07.607000 +CVE-2024-56312,0,1,cb86205520ef5db7c914d1a75ac3f5ba74360f863545f19038e07f9bcdb0703c,2024-12-24T03:15:07.770000 +CVE-2024-56313,0,1,77b550409f008b252773269f5c3c808c73df4beef9ebd650c5ec3a7771cae57b,2024-12-24T03:15:07.927000 +CVE-2024-56314,0,1,6df7fe51a54001b033f35cf71e56a8c8648fba9702436f5b14cd4bfc37c84ea1,2024-12-24T03:15:08.083000 CVE-2024-56317,0,0,b4a1e923d734c9748bfefb232cd94998c16ae77377149acd2e40ce01c1c90af8,2024-12-18T23:15:18.023000 CVE-2024-56318,0,0,41fe9d7571c5ddeaf622da00eaaa1951e3cb55078c3acd81346bfd3e36464d15,2024-12-19T00:15:06.897000 CVE-2024-56319,0,0,2db5aea7f2e2c0716ff3ae059d9992998ac87c8ff6e8b34fca05f1a112cb61c5,2024-12-18T23:15:18.373000 CVE-2024-5632,0,0,79535ded485ce0fc041702b30ef936da2f13ebaec98ccb0306c2826a8b572585,2024-11-21T09:48:03.353000 -CVE-2024-56326,0,1,8bdf3f35df5871dcd7fa85d8087c69b253dee02ba058ceb7c368e918f3cd3594,2024-12-24T02:15:06.740000 +CVE-2024-56326,0,0,8bdf3f35df5871dcd7fa85d8087c69b253dee02ba058ceb7c368e918f3cd3594,2024-12-24T02:15:06.740000 CVE-2024-56327,0,0,7f279bf8e8dad1abfccdde7f80cf3a1198eceeaed727f435a201d9524ff4caea,2024-12-20T18:15:31.083000 CVE-2024-56329,0,0,1a706ee72fb5ffbcf058c8a20d98c3cc77e376296ceef183209bf8faa8566f9b,2024-12-20T20:15:23.987000 CVE-2024-5633,0,0,6153dcce403090a22c66747e4beff2cb4e82934f4fa355dae1f3e5bcdf5cc4ba,2024-11-21T09:48:03.483000 @@ -270889,7 +270891,7 @@ CVE-2024-56362,0,0,dd5033b04c0a04acaf53e636d0201cacb970804dce1ae28fdf600c92d6069 CVE-2024-56363,0,0,f22bc17bbcbacc3d4c8946803bd76249d4162387d56a582274e363a9547d6b46,2024-12-23T18:15:07.767000 CVE-2024-56364,0,0,b554e0df0a4ad57cd70c0d37933b45401c149826dc27d68ffb15442fe3902ff6,2024-12-23T16:15:07.770000 CVE-2024-5637,0,0,a5e32b0dfdcc3b00fa1c534a6efa8caef39b80f083f1c956c246ad8a83c6df00,2024-11-21T09:48:04.030000 -CVE-2024-56375,0,0,2a34ccceff495c37ae84092fe8c0ad283727cd545575a5f30821495b0c5dc2ed,2024-12-22T23:15:06.613000 +CVE-2024-56375,0,1,a340f66ea2648ac2f29f86bc73c289c3920f7dbceb53953a8c12d3700fa25a7c,2024-12-24T03:15:08.247000 CVE-2024-56378,0,0,6719f8ca56230694a59bc1f5e75e3ab9feb822f8501e080a6c8cff7081436ef7,2024-12-23T00:15:05.133000 CVE-2024-5638,0,0,4a64496852c4ee147220588b5d1940917ce749a1b3dd56d16a77a8cf3ed54b84,2024-11-21T09:48:04.153000 CVE-2024-5639,0,0,78123d59d6ff1062d5cdcc1456c84b89eb240e57bd822aee818d4edc5bb804e5,2024-11-21T09:48:04.290000 @@ -274119,6 +274121,7 @@ CVE-2024-9422,0,0,84806a9eed518b06f6d8827496be4f70f3fd277675ce3978a293d23ef572b8 CVE-2024-9423,0,0,ea2ceee1b3bf62e5f678d6840797f5ce1005e985008fd3d6ffca2317e3c41048,2024-10-04T13:50:43.727000 CVE-2024-9425,0,0,c4a51c938acd490f609ca00d8a594cbbdbb46d48c8dc2d14a9f1cdc1520bf123,2024-10-22T13:55:04.537000 CVE-2024-9426,0,0,7b6d0dd14cd82427723e29a8054a247cfe756a4bd65dbe78f3544bf76c1742a2,2024-11-13T17:01:16.850000 +CVE-2024-9427,1,1,1c6616ac33aa19661af89cba455c96327c2172b4ead3172e205a01d67c205bcd,2024-12-24T04:15:07.360000 CVE-2024-9428,0,0,f750728263efb84ececce35e10a4ed9233c40717c73069be2b71a21b69aeb302,2024-12-12T18:15:28.120000 CVE-2024-9429,0,0,62ece370cab73a52089a99a9ace0dce837bb7657fa2f1f40486fc49795e13a27,2024-10-07T20:15:10.567000 CVE-2024-9430,0,0,522b5b97eca86036f3bb0b9124f71c5d5eb35666a2a3e869645b06a142ed7bc6,2024-11-01T12:57:03.417000