admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-383xx/CVE-2024-38364.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

88 lines
3.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-38364",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-26T00:15:10.480",
"lastModified": "2024-11-21T09:25:27.740",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace is an open source software is a turnkey repository application used by more than 2,000 organizations and institutions worldwide to provide durable access to digital resources. In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This vulnerability has been patched in version 7.6.2."
},
{
"lang": "es",
"value": "DSpace es un software de c\u00f3digo abierto, una aplicaci\u00f3n de repositorio llave en mano utilizada por m\u00e1s de 2000 organizaciones e instituciones en todo el mundo para brindar acceso duradero a recursos digitales. En DSpace 7.0 a 7.6.1, cuando se descarga un Bitstream HTML, XML o JavaScript, el navegador del usuario puede ejecutar cualquier JavaScript incrustado. Si ese JavaScript incrustado es malicioso, existe el riesgo de sufrir un ataque XSS. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 7.6.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"baseScore": 2.6,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/DSpace/DSpace/commit/f1059b4340857cca3dc4c45b1ebbadce6bb61c0b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/DSpace/DSpace/pull/8891",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/DSpace/DSpace/pull/9638",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-94cc-xjxr-pwvf",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/DSpace/DSpace/commit/f1059b4340857cca3dc4c45b1ebbadce6bb61c0b",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/DSpace/DSpace/pull/8891",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/DSpace/DSpace/pull/9638",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-94cc-xjxr-pwvf",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink