Skip to content

Commit

Permalink
Auto-Update: 2024-12-16T19:01:01.791812+00:00
Browse files Browse the repository at this point in the history
  • Loading branch information
@cad-safe-bot
cad-safe-bot committed Dec 16, 2024
1 parent 67d727b commit 29812ea
Show file tree
Hide file tree
Showing 39 changed files with 2,316 additions and 323 deletions.
39 changes: 37 additions & 2 deletions CVE-2023/CVE-2023-294xx/CVE-2023-29476.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"id": "CVE-2023-29476",
"sourceIdentifier": "[email protected]",
"published": "2024-12-14T02:15:05.010",
"lastModified": "2024-12-14T02:15:05.010",
"lastModified": "2024-12-16T18:15:05.407",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
Expand All @@ -11,7 +11,42 @@
"value": "In Menlo On-Premise Appliance before 2.88, web policy may not be consistently applied properly to intentionally malformed client requests. This is fixed in 2.88.2+, 2.89.1+, and 2.90.1+."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
}
],
"references": [
{
"url": "https://www.menlosecurity.com/published-security-vulnerabilities",
Expand Down
97 changes: 91 additions & 6 deletions CVE-2024/CVE-2024-00xx/CVE-2024-0020.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
"id": "CVE-2024-0020",
"sourceIdentifier": "[email protected]",
"published": "2024-02-16T20:15:47.667",
"lastModified": "2024-11-21T08:45:43.150",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-16T18:59:20.550",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
Expand All @@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
Expand All @@ -39,22 +59,87 @@
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/87f791f2351e366f842a0fd6fcb744069160d9a1",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/87f791f2351e366f842a0fd6fcb744069160d9a1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
80 changes: 74 additions & 6 deletions CVE-2024/CVE-2024-00xx/CVE-2024-0021.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
"id": "CVE-2024-0021",
"sourceIdentifier": "[email protected]",
"published": "2024-02-16T20:15:47.717",
"lastModified": "2024-11-21T08:45:43.327",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-16T18:55:59.723",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
Expand All @@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
Expand All @@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
Expand All @@ -51,22 +81,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/53ea491d276f9a7c586c7983c08105a9bb7051f1",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/53ea491d276f9a7c586c7983c08105a9bb7051f1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2024-01-01",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Loading

0 comments on commit 29812ea

Please sign in to comment.