All the vulnerabilites related to 0xJacky - nginx-ui
cve-2024-22196
Vulnerability from cvelistv5
Published
2024-01-11 19:24
Modified
2024-08-01 22:35
Severity
Summary
Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270)
References
URL | Tags |
---|---|
https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h374-mm57-879c | x_refsource_CONFIRM |
https://github.com/0xJacky/nginx-ui/commit/ec93ab05a3ecbb6bcf464d9dca48d74452df8a5b | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T22:35:34.935Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h374-mm57-879c", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h374-mm57-879c" }, { "name": "https://github.com/0xJacky/nginx-ui/commit/ec93ab05a3ecbb6bcf464d9dca48d74452df8a5b", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/commit/ec93ab05a3ecbb6bcf464d9dca48d74452df8a5b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "nginx-ui", "vendor": "0xJacky", "versions": [ { "status": "affected", "version": "\u003c 2.0.0.beta.9" } ] } ], "descriptions": [ { "lang": "en", "value": "Nginx-UI is an online statistics for Server Indicators\u200b\u200b Monitor CPU usage, memory usage, load average, and disk usage in real-time. This issue may lead to information disclosure. By using `DefaultQuery`, the `\"desc\"` and `\"id\"` values are used as default values if the query parameters are not set. Thus, the `order` and `sort_by` query parameter are user-controlled and are being appended to the `order` variable without any sanitization. This issue has been patched in version 2.0.0.beta.9.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-11T19:24:07.984Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h374-mm57-879c", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-h374-mm57-879c" }, { "name": "https://github.com/0xJacky/nginx-ui/commit/ec93ab05a3ecbb6bcf464d9dca48d74452df8a5b", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/0xJacky/nginx-ui/commit/ec93ab05a3ecbb6bcf464d9dca48d74452df8a5b" } ], "source": { "advisory": "GHSA-h374-mm57-879c", "discovery": "UNKNOWN" }, "title": "Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270)" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-22196", "datePublished": "2024-01-11T19:24:07.984Z", "dateReserved": "2024-01-08T04:59:27.371Z", "dateUpdated": "2024-08-01T22:35:34.935Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-23827
Vulnerability from cvelistv5
Published
2024-01-29 16:07
Modified
2024-08-01 23:13
Severity
Summary
Nginx-UI arbitrary file write through the Import Certificate feature
References
URL | Tags |
---|---|
https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T23:13:08.227Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "nginx-ui", "vendor": "0xJacky", "versions": [ { "status": "affected", "version": "\u003c 2.0.0.beta.12" } ] } ], "descriptions": [ { "lang": "en", "value": "Nginx-UI is a web interface to manage Nginx configurations. The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system. It\u0027s possible to leverage the vulnerability into a remote code execution overwriting the config file app.ini. Version 2.0.0.beta.12 fixed the issue." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-29T16:07:13.953Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-xvq9-4vpv-227m" } ], "source": { "advisory": "GHSA-xvq9-4vpv-227m", "discovery": "UNKNOWN" }, "title": "Nginx-UI arbitrary file write through the Import Certificate feature" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-23827", "datePublished": "2024-01-29T16:07:13.953Z", "dateReserved": "2024-01-22T22:23:54.338Z", "dateUpdated": "2024-08-01T23:13:08.227Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-23828
Vulnerability from cvelistv5
Published
2024-01-29 16:49
Modified
2024-08-01 23:13
Severity
Summary
Nginx-UI authenticated RCE through injecting into the application config via CRLF
References
URL | Tags |
---|---|
https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-qcjq-7f7v-pvc8 | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T23:13:08.485Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-qcjq-7f7v-pvc8", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-qcjq-7f7v-pvc8" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "nginx-ui", "vendor": "0xJacky", "versions": [ { "status": "affected", "version": "\u003c v2.0.0.beta.12" } ] } ], "descriptions": [ { "lang": "en", "value": "Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to an authenticated arbitrary command execution via CRLF attack when changing the value of test_config_cmd or start_cmd. This vulnerability exists due to an incomplete fix for CVE-2024-22197 and CVE-2024-22198. This vulnerability has been patched in version 2.0.0.beta.12." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-74", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-29T16:49:51.440Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-qcjq-7f7v-pvc8", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-qcjq-7f7v-pvc8" } ], "source": { "advisory": "GHSA-qcjq-7f7v-pvc8", "discovery": "UNKNOWN" }, "title": "Nginx-UI authenticated RCE through injecting into the application config via CRLF" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-23828", "datePublished": "2024-01-29T16:49:51.440Z", "dateReserved": "2024-01-22T22:23:54.338Z", "dateUpdated": "2024-08-01T23:13:08.485Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-22197
Vulnerability from cvelistv5
Published
2024-01-11 17:56
Modified
2024-08-01 22:35
Severity
Summary
Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)
References
URL | Tags |
---|---|
https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m | x_refsource_CONFIRM |
https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T22:35:34.979Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m" }, { "name": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "nginx-ui", "vendor": "0xJacky", "versions": [ { "status": "affected", "version": "\u003c 2.0.0.beta.9" } ] } ], "descriptions": [ { "lang": "en", "value": "Nginx-ui is online statistics for Server Indicators\u200b\u200b Monitor CPU usage, memory usage, load average, and disk usage in real-time. The `Home \u003e Preference` page exposes a small list of nginx settings such as `Nginx Access Log Path` and `Nginx Error Log Path`. However, the API also exposes `test_config_cmd`, `reload_cmd` and `restart_cmd`. While the UI doesn\u0027t allow users to modify any of these settings, it is possible to do so by sending a request to the API. This issue may lead to authenticated Remote Code Execution, Privilege Escalation, and Information Disclosure. This issue has been patched in version 2.0.0.beta.9." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-77", "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-11T17:56:11.865Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m" }, { "name": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3" } ], "source": { "advisory": "GHSA-pxmr-q2x3-9x9m", "discovery": "UNKNOWN" }, "title": "Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-22197", "datePublished": "2024-01-11T17:56:11.865Z", "dateReserved": "2024-01-08T04:59:27.371Z", "dateUpdated": "2024-08-01T22:35:34.979Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-22198
Vulnerability from cvelistv5
Published
2024-01-11 19:38
Modified
2024-08-01 22:35
Severity
Summary
Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268)
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:nginxui:nginx_ui:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "nginx_ui", "vendor": "nginxui", "versions": [ { "lessThan": "2.0.0.beta.8", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:nginxui:nginx_ui:2.0.0:beta9:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "nginx_ui", "vendor": "nginxui", "versions": [ { "status": "unaffected", "version": "2.0.0" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-22198", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-01T03:55:57.201752Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-01T13:20:06.222Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T22:35:34.877Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35" }, { "name": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go#L18", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go#L18" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/terminal/pty.go#L11", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/terminal/pty.go#L11" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/internal/pty/pipeline.go#L29", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/internal/pty/pipeline.go#L29" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go#L45", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go#L45" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/settings/server.go#L12", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/settings/server.go#L12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "nginx-ui", "vendor": "0xJacky", "versions": [ { "status": "affected", "version": "\u003c 2.0.0.beta.9" } ] } ], "descriptions": [ { "lang": "en", "value": "Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The `Home \u003e Preference` page exposes a list of system settings such as `Run Mode`, `Jwt Secret`, `Node Secret` and `Terminal Start Command`. While the UI doesn\u0027t allow users to modify the `Terminal Start Command` setting, it is possible to do so by sending a request to the API. This issue may lead to authenticated remote code execution, privilege escalation, and information disclosure. This vulnerability has been patched in version 2.0.0.beta.9." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-77", "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-11T19:38:27.296Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-8r25-68wm-jw35" }, { "name": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go#L18", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go#L18" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/terminal/pty.go#L11", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/terminal/pty.go#L11" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/internal/pty/pipeline.go#L29", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/internal/pty/pipeline.go#L29" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go#L45", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go#L45" }, { "name": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/settings/server.go#L12", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/settings/server.go#L12" } ], "source": { "advisory": "GHSA-8r25-68wm-jw35", "discovery": "UNKNOWN" }, "title": "Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268)" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-22198", "datePublished": "2024-01-11T19:38:27.296Z", "dateReserved": "2024-01-08T04:59:27.371Z", "dateUpdated": "2024-08-01T22:35:34.877Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }