csaf_ncscnl - NCSC-2024-0466

Vulnerability from csaf_ncscnl

Published

2024-12-06 13:05

Modified

2024-12-06 13:05

Summary

Kwetsbaarheden verholpen in Atlassian producten

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.

Interpretaties

De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes. Voor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.

Oplossingen

Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-755

Improper Handling of Exceptional Conditions

CWE-347

Improper Verification of Cryptographic Signature

CWE-1050

Excessive Platform Resource Consumption within a Loop

CWE-23

Relative Path Traversal

CWE-1333

Inefficient Regular Expression Complexity

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-400

Uncontrolled Resource Consumption

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-502

Deserialization of Untrusted Data

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-20

Improper Input Validation

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.\nVoor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Improper Verification of Cryptographic Signature",
        "title": "CWE-347"
      },
      {
        "category": "general",
        "text": "Excessive Platform Resource Consumption within a Loop",
        "title": "CWE-1050"
      },
      {
        "category": "general",
        "text": "Relative Path Traversal",
        "title": "CWE-23"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - certbundde",
        "url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Atlassian producten",
    "tracking": {
      "current_release_date": "2024-12-06T13:05:55.904619Z",
      "id": "NCSC-2024-0466",
      "initial_release_date": "2024-12-06T13:05:55.904619Z",
      "revision_history": [
        {
          "date": "2024-12-06T13:05:55.904619Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "atlassian_bamboo__10.0.0",
            "product": {
              "name": "atlassian_bamboo__10.0.0",
              "product_id": "CSAFPID-1645374",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__10.0.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_bamboo__9.2.17",
            "product": {
              "name": "atlassian_bamboo__9.2.17",
              "product_id": "CSAFPID-1621163",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.2.17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_bamboo__9.6.4",
            "product": {
              "name": "atlassian_bamboo__9.6.4",
              "product_id": "CSAFPID-1645371",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.6.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_bitbucket__8.19.9",
            "product": {
              "name": "atlassian_bitbucket__8.19.9",
              "product_id": "CSAFPID-1645370",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.19.9:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_bitbucket__8.9.19",
            "product": {
              "name": "atlassian_bitbucket__8.9.19",
              "product_id": "CSAFPID-1645373",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.9.19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_bitbucket__9.0.0",
            "product": {
              "name": "atlassian_bitbucket__9.0.0",
              "product_id": "CSAFPID-1645372",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__9.0.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_confluence__7.19.26",
            "product": {
              "name": "atlassian_confluence__7.19.26",
              "product_id": "CSAFPID-1621160",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_confluence__7.19.26__lts_",
            "product": {
              "name": "atlassian_confluence__7.19.26__lts_",
              "product_id": "CSAFPID-1621135",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26__lts_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_confluence__8.5.12",
            "product": {
              "name": "atlassian_confluence__8.5.12",
              "product_id": "CSAFPID-1645510",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.12:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_confluence__8.5.14__lts_",
            "product": {
              "name": "atlassian_confluence__8.5.14__lts_",
              "product_id": "CSAFPID-1621133",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.14__lts_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_confluence__8.9.4",
            "product": {
              "name": "atlassian_confluence__8.9.4",
              "product_id": "CSAFPID-1645509",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.9.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_confluence__9.0.1",
            "product": {
              "name": "atlassian_confluence__9.0.1",
              "product_id": "CSAFPID-1621161",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_confluence__9.0.1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_confluence_data_center__9.0.1",
            "product": {
              "name": "atlassian_confluence_data_center__9.0.1",
              "product_id": "CSAFPID-1621140",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_confluence_data_center__9.0.1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_jira_software__9.12.12__lts_",
            "product": {
              "name": "atlassian_jira_software__9.12.12__lts_",
              "product_id": "CSAFPID-1621142",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.12.12__lts_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_jira_software__9.4.25__lts_",
            "product": {
              "name": "atlassian_jira_software__9.4.25__lts_",
              "product_id": "CSAFPID-1621143",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.4.25__lts_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_jira_software_data_center__9.17.1",
            "product": {
              "name": "atlassian_jira_software_data_center__9.17.1",
              "product_id": "CSAFPID-1621141",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_data_center__9.17.1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_jira_software_service_management__5.12.12__lts_",
            "product": {
              "name": "atlassian_jira_software_service_management__5.12.12__lts_",
              "product_id": "CSAFPID-1621138",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.12.12__lts_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_jira_software_service_management__5.4.25__lts_",
            "product": {
              "name": "atlassian_jira_software_service_management__5.4.25__lts_",
              "product_id": "CSAFPID-1621139",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.4.25__lts_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "atlassian_jira_software_service_management_data_center__5.17.1",
            "product": {
              "name": "atlassian_jira_software_service_management_data_center__5.17.1",
              "product_id": "CSAFPID-1621137",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management_data_center__5.17.1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bamboo",
            "product": {
              "name": "bamboo",
              "product_id": "CSAFPID-716889",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bitbucket",
            "product": {
              "name": "bitbucket",
              "product_id": "CSAFPID-1725084",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:bitbucket:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "confluence",
            "product": {
              "name": "confluence",
              "product_id": "CSAFPID-551338",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "jira_software",
            "product": {
              "name": "jira_software",
              "product_id": "CSAFPID-1725085",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:jira_software:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sourcetree",
            "product": {
              "name": "sourcetree",
              "product_id": "CSAFPID-1724900",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sourcetree",
            "product": {
              "name": "sourcetree",
              "product_id": "CSAFPID-1725556",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sourcetree",
            "product": {
              "name": "sourcetree",
              "product_id": "CSAFPID-1725557",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sourcetree_for_mac",
            "product": {
              "name": "sourcetree_for_mac",
              "product_id": "CSAFPID-1724286",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:sourcetree_for_mac:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sourcetree_for_windows",
            "product": {
              "name": "sourcetree_for_windows",
              "product_id": "CSAFPID-1724287",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:sourcetree_for_windows:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "atlassian"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-38900",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-551338"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-38900",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38900.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-551338"
          ]
        }
      ],
      "title": "CVE-2022-38900"
    },
    {
      "cve": "CVE-2023-46234",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Verification of Cryptographic Signature",
          "title": "CWE-347"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-551338"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46234",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46234.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-551338"
          ]
        }
      ],
      "title": "CVE-2023-46234"
    },
    {
      "cve": "CVE-2023-52428",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-551338",
          "CSAFPID-1725085",
          "CSAFPID-716889"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52428",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-551338",
            "CSAFPID-1725085",
            "CSAFPID-716889"
          ]
        }
      ],
      "title": "CVE-2023-52428"
    },
    {
      "cve": "CVE-2024-4068",
      "cwe": {
        "id": "CWE-1050",
        "name": "Excessive Platform Resource Consumption within a Loop"
      },
      "notes": [
        {
          "category": "other",
          "text": "Excessive Platform Resource Consumption within a Loop",
          "title": "CWE-1050"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-551338"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4068",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4068.json"
        }
      ],
      "title": "CVE-2024-4068"
    },
    {
      "cve": "CVE-2024-21697",
      "product_status": {
        "known_affected": [
          "CSAFPID-1724286",
          "CSAFPID-1724287",
          "CSAFPID-1725556",
          "CSAFPID-1725557"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21697",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21697.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-1724286",
            "CSAFPID-1724287",
            "CSAFPID-1725556",
            "CSAFPID-1725557"
          ]
        }
      ],
      "title": "CVE-2024-21697"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1725084",
          "CSAFPID-551338"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1725084",
            "CSAFPID-551338"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-30172",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1621160",
          "CSAFPID-1621161",
          "CSAFPID-1645509",
          "CSAFPID-1645510",
          "CSAFPID-551338",
          "CSAFPID-1725084"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-30172",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1621160",
            "CSAFPID-1621161",
            "CSAFPID-1645509",
            "CSAFPID-1645510",
            "CSAFPID-551338",
            "CSAFPID-1725084"
          ]
        }
      ],
      "title": "CVE-2024-30172"
    },
    {
      "cve": "CVE-2024-34750",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1621133",
          "CSAFPID-1621135",
          "CSAFPID-1621137",
          "CSAFPID-1621138",
          "CSAFPID-1621139",
          "CSAFPID-1621140",
          "CSAFPID-1621141",
          "CSAFPID-1621142",
          "CSAFPID-1621143",
          "CSAFPID-1621163",
          "CSAFPID-1645370",
          "CSAFPID-1645371",
          "CSAFPID-1645372",
          "CSAFPID-1645373",
          "CSAFPID-1645374"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1621133",
            "CSAFPID-1621135",
            "CSAFPID-1621137",
            "CSAFPID-1621138",
            "CSAFPID-1621139",
            "CSAFPID-1621140",
            "CSAFPID-1621141",
            "CSAFPID-1621142",
            "CSAFPID-1621143",
            "CSAFPID-1621163",
            "CSAFPID-1645370",
            "CSAFPID-1645371",
            "CSAFPID-1645372",
            "CSAFPID-1645373",
            "CSAFPID-1645374"
          ]
        }
      ],
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-38286",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38286",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38286.json"
        }
      ],
      "title": "CVE-2024-38286"
    },
    {
      "cve": "CVE-2024-38816",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "Relative Path Traversal",
          "title": "CWE-23"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-551338",
          "CSAFPID-716889"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-551338",
            "CSAFPID-716889"
          ]
        }
      ],
      "title": "CVE-2024-38816"
    },
    {
      "cve": "CVE-2024-45801",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1725085"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45801",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1725085"
          ]
        }
      ],
      "title": "CVE-2024-45801"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-716889"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47561",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-716889"
          ]
        }
      ],
      "title": "CVE-2024-47561"
    }
  ]
}

cve-2023-46234

Vulnerability from cvelistv5

Published

2023-10-26 14:31

Modified

2024-08-02 20:37

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Summary

browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.

References

▼	URL	Tags
	https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw	x_refsource_CONFIRM
	https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html
	https://www.debian.org/security/2023/dsa-5539
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/

Impacted products

Vendor

Product

Version

▼

browserify

browserify-sign

Version: >= 2.6.0, <= 4.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:37:40.270Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw"
          },
          {
            "name": "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5539"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "browserify-sign",
          "vendor": "browserify",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.6.0, \u003c= 4.2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "browserify-sign is a package to duplicate the functionality of node\u0027s crypto public key functions, much of this is based on Fedor Indutny\u0027s work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. All places in this project that involve DSA verification of user-input signatures will be affected by this vulnerability. This issue has been patched in version 4.2.2.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347: Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-26T14:31:35.895Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw"
        },
        {
          "name": "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00040.html"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5539"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/"
        }
      ],
      "source": {
        "advisory": "GHSA-x9w5-v3q2-3rhw",
        "discovery": "UNKNOWN"
      },
      "title": "browserify-sign vulnerable via an upper bound check issue in `dsaVerify` that leads to a signature forgery attack "
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-46234",
    "datePublished": "2023-10-26T14:31:35.895Z",
    "dateReserved": "2023-10-19T20:34:00.946Z",
    "dateUpdated": "2024-08-02T20:37:40.270Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-45801

Vulnerability from cvelistv5

Published

2024-09-16 18:25

Modified

2024-09-16 20:04

Severity ?

7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Summary

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check. This renders dompurify unable to avoid cross site scripting (XSS) attacks. This issue has been addressed in versions 2.5.4 and 3.1.3 of DOMPurify. All users are advised to upgrade. There are no known workarounds for this vulnerability.

References

▼	URL	Tags
	https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674	x_refsource_CONFIRM
	https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21	x_refsource_MISC
	https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

cure53

DOMPurify

Version: < 2.5.4
Version: >=3.0.0, < 3.1.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45801",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-16T20:04:30.471934Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-16T20:04:47.181Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DOMPurify",
          "vendor": "cure53",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.5.4"
            },
            {
              "status": "affected",
              "version": "\u003e=3.0.0, \u003c 3.1.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check. This renders dompurify unable to avoid cross site scripting (XSS) attacks. This issue has been addressed in versions 2.5.4 and 3.1.3 of DOMPurify. All users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "CWE-1333: Inefficient Regular Expression Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-16T18:25:28.065Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
        },
        {
          "name": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
        },
        {
          "name": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
        }
      ],
      "source": {
        "advisory": "GHSA-mmhx-hmjr-r674",
        "discovery": "UNKNOWN"
      },
      "title": "Tampering by prototype polution in DOMPurify"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-45801",
    "datePublished": "2024-09-16T18:25:28.065Z",
    "dateReserved": "2024-09-09T14:23:07.503Z",
    "dateUpdated": "2024-09-16T20:04:47.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-24549

Vulnerability from cvelistv5

Published

2024-03-13 15:46

Modified

2024-11-04 21:26

Severity ?

Summary

Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

References

▼	URL	Tags
	https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg	vendor-advisory
	https://security.netapp.com/advisory/ntap-20240402-0002/
	https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html
	http://www.openwall.com/lists/oss-security/2024/03/13/3
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B/

Impacted products

Vendor

Product

Version

▼

Apache Software Foundation

Apache Tomcat

Version: 11.0.0-M1   ≤ 11.0.0-M16
Version: 10.1.0-M1   ≤ 10.1.18
Version: 9.0.0-M1   ≤ 9.0.85
Version: 8.5.0   ≤ 8.5.98

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-24549",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-15T15:00:56.854044Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T21:26:52.708Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T23:19:52.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240402-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/13/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.0-M16",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.18",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.85",
              "status": "affected",
              "version": "9.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.98",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bartek Nowotarski"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.\u003c/p\u003e"
            }
          ],
          "value": "Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.\n\n"
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-13T15:46:53.085Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240402-0002/"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/03/13/3"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Tomcat: HTTP/2 header handling DoS",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-24549",
    "datePublished": "2024-03-13T15:46:53.085Z",
    "dateReserved": "2024-01-25T12:05:42.034Z",
    "dateUpdated": "2024-11-04T21:26:52.708Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-4068

Vulnerability from cvelistv5

Published

2024-05-13 10:06

Modified

2024-11-06 13:10

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.

References

▼	URL	Tags
	https://github.com/micromatch/braces/issues/35
	https://devhub.checkmarx.com/cve-details/CVE-2024-4068/
	https://github.com/micromatch/braces/pull/37
	https://github.com/micromatch/braces/pull/40
	https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff

Impacted products

Vendor

Product

Version

▼

micromatch

braces

Version: 0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:micromatch:braces:3.0.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "braces",
            "vendor": "micromatch",
            "versions": [
              {
                "lessThan": "3.0.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4068",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-13T11:10:08.649102Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-13T20:12:58.696Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.297Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/micromatch/braces/issues/35"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/micromatch/braces/pull/37"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/micromatch/braces/pull/40"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.npmjs.com/package/micromatch",
          "defaultStatus": "unknown",
          "packageName": "braces",
          "product": "braces",
          "programFiles": [
            "lib/parse.js"
          ],
          "repo": "https://github.com/micromatch/braces",
          "vendor": "micromatch",
          "versions": [
            {
              "changes": [
                {
                  "at": "3.0.3",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "git"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "M\u00e1rio Teixeira, Checkmarx Research Group"
        }
      ],
      "datePublic": "2024-05-13T12:44:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cp\u003eThe NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.\u003c/p\u003e\u003c/div\u003e"
            }
          ],
          "value": "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1050",
              "description": "CWE-1050: Excessive Platform Resource Consumption within a Loop",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-06T13:10:11.179Z",
        "orgId": "596c5446-0ce5-4ba2-aa66-48b3b757a647",
        "shortName": "Checkmarx"
      },
      "references": [
        {
          "url": "https://github.com/micromatch/braces/issues/35"
        },
        {
          "url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
        },
        {
          "url": "https://github.com/micromatch/braces/pull/37"
        },
        {
          "url": "https://github.com/micromatch/braces/pull/40"
        },
        {
          "url": "https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to version\u0026nbsp;3.0.3 to mitigate the issue."
            }
          ],
          "value": "Update to version\u00a03.0.3 to mitigate the issue."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Memory Exhaustion in braces",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "596c5446-0ce5-4ba2-aa66-48b3b757a647",
    "assignerShortName": "Checkmarx",
    "cveId": "CVE-2024-4068",
    "datePublished": "2024-05-13T10:06:38.152Z",
    "dateReserved": "2024-04-23T13:31:17.738Z",
    "dateUpdated": "2024-11-06T13:10:11.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52428

Vulnerability from cvelistv5

Published

2024-02-11 00:00

Modified

2024-10-30 19:50

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component.

References

▼	URL	Tags
	https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/
	https://connect2id.com/products/nimbus-jose-jwt
	https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52428",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T19:49:39.428104Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T19:50:55.784Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:55:41.674Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://connect2id.com/products/nimbus-jose-jwt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-11T04:43:14.335876",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/"
        },
        {
          "url": "https://connect2id.com/products/nimbus-jose-jwt"
        },
        {
          "url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-52428",
    "datePublished": "2024-02-11T00:00:00",
    "dateReserved": "2024-02-11T00:00:00",
    "dateUpdated": "2024-10-30T19:50:55.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-38286

Vulnerability from cvelistv5

Published

2024-11-07 07:37

Modified

2024-11-07 16:36

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue. Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.

References

▼	URL	Tags
	https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Apache Software Foundation

Apache Tomcat

Version: 11.0.0-M1   ≤ 11.0.0-M20
Version: 10.1.0-M1   ≤ 10.1.24
Version: 9.0.13   ≤ 9.0.89

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-07T08:03:33.093Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/09/23/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241101-0010/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "tomcat",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "11.0.0-m20",
                "status": "affected",
                "version": "11.0.0-m1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "10.1.24",
                "status": "affected",
                "version": "10.1.0-m1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "9.0.89",
                "status": "affected",
                "version": "9.0.13",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38286",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T16:33:49.152023Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T16:36:00.935Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.0-M20",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.24",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.89",
              "status": "affected",
              "version": "9.0.13",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Ozaki, North Grid Corporation"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAllocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003eApache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.\n\n\n\nApache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-07T07:37:32.224Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-04T06:21:00.000Z",
          "value": "Issue reported to Apache Tomcat Security Team"
        }
      ],
      "title": "Apache Tomcat: Denial of Service",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-38286",
    "datePublished": "2024-11-07T07:37:32.224Z",
    "dateReserved": "2024-06-12T16:27:23.740Z",
    "dateUpdated": "2024-11-07T16:36:00.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-38900

Vulnerability from cvelistv5

Published

2022-11-28 00:00

Modified

2024-08-03 11:02

Severity ?

Summary

decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.

References

▼	URL	Tags
	https://github.com/SamVerschueren/decode-uri-component/issues/5
	https://github.com/sindresorhus/query-string/issues/345
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QABOUA2I542UTANVZIVFKWMRYVHLV32D/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW4SCMT3SEUFVIL7YIADQ5K36GJEO6I5/	vendor-advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T11:02:14.671Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/sindresorhus/query-string/issues/345"
          },
          {
            "name": "FEDORA-2023-86d75130fe",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/"
          },
          {
            "name": "FEDORA-2023-a4f0b29f6c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/"
          },
          {
            "name": "FEDORA-2023-2e38c3756f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/"
          },
          {
            "name": "FEDORA-2023-ae96dd6105",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QABOUA2I542UTANVZIVFKWMRYVHLV32D/"
          },
          {
            "name": "FEDORA-2023-b86fd9ad80",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW4SCMT3SEUFVIL7YIADQ5K36GJEO6I5/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-01T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5"
        },
        {
          "url": "https://github.com/sindresorhus/query-string/issues/345"
        },
        {
          "name": "FEDORA-2023-86d75130fe",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/"
        },
        {
          "name": "FEDORA-2023-a4f0b29f6c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/"
        },
        {
          "name": "FEDORA-2023-2e38c3756f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/"
        },
        {
          "name": "FEDORA-2023-ae96dd6105",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QABOUA2I542UTANVZIVFKWMRYVHLV32D/"
        },
        {
          "name": "FEDORA-2023-b86fd9ad80",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW4SCMT3SEUFVIL7YIADQ5K36GJEO6I5/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-38900",
    "datePublished": "2022-11-28T00:00:00",
    "dateReserved": "2022-08-29T00:00:00",
    "dateUpdated": "2024-08-03T11:02:14.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-21697

Vulnerability from cvelistv5

Published

2024-11-19 19:00

Modified

2024-11-25 14:04

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Sourcetree for Mac 4.2: Upgrade to a release greater than or equal to 4.2.9 Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.20 See the release notes ([https://www.sourcetreeapp.com/download-archives]). You can download the latest version of Sourcetree for Mac and Sourcetree for Windows from the download center ([https://www.sourcetreeapp.com/download-archives]). This vulnerability was reported via our Penetration Testing program.

References

▼	URL	Tags
	https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091
	https://jira.atlassian.com/browse/SRCTREE-8168

Impacted products

Vendor

Product

Version

▼

Atlassian

Sourcetree for Mac

Version: All versions from 4.2.8 to 4.2.8

Atlassian

Sourcetree for Windows

Version: All versions from 3.4.19 to 3.4.19

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sourcetree",
            "vendor": "atlassian",
            "versions": [
              {
                "lessThan": "4.2.9",
                "status": "affected",
                "version": "4.2.8",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sourcetree",
            "vendor": "atlassian",
            "versions": [
              {
                "lessThan": "3.4.20",
                "status": "affected",
                "version": "3.4.19",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21697",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-23T04:55:49.200583Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-25T14:04:49.167Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Sourcetree for Mac",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "affected",
              "version": "All versions from 4.2.8 to 4.2.8"
            },
            {
              "status": "unaffected",
              "version": "All versions from 4.2.9"
            }
          ]
        },
        {
          "product": "Sourcetree for Windows",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "affected",
              "version": "All versions from 3.4.19 to 3.4.19"
            },
            {
              "status": "unaffected",
              "version": "All versions from 3.4.20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.\r\n\r\nAtlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Sourcetree for Mac 4.2: Upgrade to a release greater than or equal to 4.2.9\r\n Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.20\r\n\r\nSee the release notes ([https://www.sourcetreeapp.com/download-archives]). You can download the latest version of Sourcetree for Mac and Sourcetree for Windows from the download center ([https://www.sourcetreeapp.com/download-archives]).\r\n\r\nThis vulnerability was reported via our Penetration Testing program."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "RCE (Remote Code Execution)",
              "lang": "en",
              "type": "RCE (Remote Code Execution)"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-19T19:00:00.635Z",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091"
        },
        {
          "url": "https://jira.atlassian.com/browse/SRCTREE-8168"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2024-21697",
    "datePublished": "2024-11-19T19:00:00.635Z",
    "dateReserved": "2024-01-01T00:05:33.848Z",
    "dateUpdated": "2024-11-25T14:04:49.167Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-34750

Vulnerability from cvelistv5

Published

2024-07-03 19:32

Modified

2024-08-16 17:02

Severity ?

Summary

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.

References

▼	URL	Tags
	https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Apache Software Foundation

Apache Tomcat

Version: 11.0.0-M1   ≤ 11.0.0-M20
Version: 10.1.0-M1   ≤ 10.1.24
Version: 9.0.0-M1   ≤ 9.0.89

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "tomcat",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "9.0.89",
                "status": "affected",
                "version": "9.0.0-m1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "10.1.24",
                "status": "affected",
                "version": "10.1.0-m1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "11.0.0-m20",
                "status": "affected",
                "version": "11.0.0-m1",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-34750",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-08T16:51:20.954347Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T16:05:56.107Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-16T17:02:39.887Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20240816-0004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.0-M20",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.24",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.89",
              "status": "affected",
              "version": "9.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "devme4f from VNPT-VCI"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eImproper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89.\n\nUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.\n\n"
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-03T19:32:34.695Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Tomcat: HTTP/2 excess header handling DoS",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-34750",
    "datePublished": "2024-07-03T19:32:34.695Z",
    "dateReserved": "2024-05-08T07:23:16.760Z",
    "dateUpdated": "2024-08-16T17:02:39.887Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-47561

Vulnerability from cvelistv5

Published

2024-10-03 10:23

Modified

2024-10-21 08:51

Severity ?

9.2 (Critical) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Summary

Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4 or 1.12.0, which fix this issue.

References

▼	URL	Tags
	https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Apache Software Foundation

Apache Avro Java SDK

Version: 0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-10-11T22:03:16.050Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/10/03/1"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241011-0003/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:avro:-:*:*:*:*:-:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "avro",
            "vendor": "apache",
            "versions": [
              {
                "lessThan": "1.11.4",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-47561",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-03T18:53:44.038603Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T18:59:41.415Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.avro:avro",
          "product": "Apache Avro Java SDK",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "1.11.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kostya Kortchinsky, from the Databricks Security Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.\u003cbr\u003eUsers are recommended to upgrade to version 1.11.4\u0026nbsp; or 1.12.0, which fix this issue."
            }
          ],
          "value": "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.\nUsers are recommended to upgrade to version 1.11.4\u00a0 or 1.12.0, which fix this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "critical"
            },
            "type": "Textual description of severity"
          }
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-21T08:51:22.972Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Avro Java SDK: Arbitrary Code Execution when reading Avro schema (Java SDK)",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-47561",
    "datePublished": "2024-10-03T10:23:16.214Z",
    "dateReserved": "2024-09-27T07:06:47.522Z",
    "dateUpdated": "2024-10-21T08:51:22.972Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-38816

Vulnerability from cvelistv5

Published

2024-09-13 06:10

Modified

2024-09-13 13:45

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running. Specifically, an application is vulnerable when both of the following are true: * the web application uses RouterFunctions to serve static resources * resource handling is explicitly configured with a FileSystemResource location However, malicious requests are blocked and rejected when any of the following is true: * the Spring Security HTTP Firewall https://docs.spring.io/spring-security/reference/servlet/exploits/firewall.html is in use * the application runs on Tomcat or Jetty

References

▼	URL	Tags
	https://spring.io/security/cve-2024-38816

Impacted products

Vendor

Product

Version

▼

Spring

Version: 5.3.x
Version: 6.0.x
Version: 6.1.x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:spring_by_vmware_tanzu:spring_framework:5.3.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "spring_framework",
            "vendor": "spring_by_vmware_tanzu",
            "versions": [
              {
                "lessThan": "5.3.40",
                "status": "affected",
                "version": "5.3.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:spring_by_vmware_tanzu:spring_framework:6.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "spring_framework",
            "vendor": "spring_by_vmware_tanzu",
            "versions": [
              {
                "lessThan": "6.0.24",
                "status": "affected",
                "version": "6.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:spring_by_vmware_tanzu:spring_framework:6.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "spring_framework",
            "vendor": "spring_by_vmware_tanzu",
            "versions": [
              {
                "lessThan": "6.1.13",
                "status": "affected",
                "version": "6.1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38816",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-13T13:40:55.861149Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-13T13:45:05.327Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "packageName": "Spring Framework",
          "product": "Spring",
          "vendor": "Spring",
          "versions": [
            {
              "lessThan": "5.3.40",
              "status": "affected",
              "version": "5.3.x",
              "versionType": "enterprise Support Only"
            },
            {
              "lessThan": "6.0.24",
              "status": "affected",
              "version": "6.0.x",
              "versionType": "enterprise Support Only"
            },
            {
              "lessThan": "6.1.13",
              "status": "affected",
              "version": "6.1.x",
              "versionType": "OSS"
            }
          ]
        }
      ],
      "datePublic": "2024-09-12T05:20:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eApplications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.\u003c/p\u003e\u003cp\u003eSpecifically, an application is vulnerable when both of the following are true:\u003c/p\u003e\u003cul\u003e\u003cli\u003ethe web application uses \u003ccode\u003eRouterFunctions\u003c/code\u003e\u0026nbsp;to serve static resources\u003c/li\u003e\u003cli\u003eresource handling is explicitly configured with a \u003ccode\u003eFileSystemResource\u003c/code\u003e\u0026nbsp;location\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eHowever, malicious requests are blocked and rejected when any of the following is true:\u003c/p\u003e\u003cul\u003e\u003cli\u003ethe \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.spring.io/spring-security/reference/servlet/exploits/firewall.html\"\u003eSpring Security HTTP Firewall\u003c/a\u003e\u0026nbsp;is in use\u003c/li\u003e\u003cli\u003ethe application runs on Tomcat or Jetty\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
            }
          ],
          "value": "Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.\n\nSpecifically, an application is vulnerable when both of the following are true:\n\n  *  the web application uses RouterFunctions\u00a0to serve static resources\n  *  resource handling is explicitly configured with a FileSystemResource\u00a0location\n\n\nHowever, malicious requests are blocked and rejected when any of the following is true:\n\n  *  the  Spring Security HTTP Firewall https://docs.spring.io/spring-security/reference/servlet/exploits/firewall.html \u00a0is in use\n  *  the application runs on Tomcat or Jetty"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-13T06:10:06.598Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://spring.io/security/cve-2024-38816"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "CVE-2024-38816: Path traversal vulnerability in functional web frameworks",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-38816",
    "datePublished": "2024-09-13T06:10:06.598Z",
    "dateReserved": "2024-06-19T22:32:06.582Z",
    "dateUpdated": "2024-09-13T13:45:05.327Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-30172

Vulnerability from cvelistv5

Published

2024-05-09 00:00

Modified

2024-11-05 17:15

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.

References

▼	URL	Tags
	https://www.bouncycastle.org/latest_releases.html
	https://security.netapp.com/advisory/ntap-20240614-0007/

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "legion-of-the-bouncy-castle-java-crytography-api",
            "vendor": "bouncycastle",
            "versions": [
              {
                "lessThan": "1.78",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-30172",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-05T13:44:28.294090Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T17:15:29.205Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:25:03.425Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bouncycastle.org/latest_releases.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240614-0007/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-14T13:06:13.419504",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.bouncycastle.org/latest_releases.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240614-0007/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-30172",
    "datePublished": "2024-05-09T00:00:00",
    "dateReserved": "2024-03-24T00:00:00",
    "dateUpdated": "2024-11-05T17:15:29.205Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_ncscnl

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature