-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-10-22T22:00:17.257677+00:00
- Loading branch information
1 parent
e04b352
commit 3c4852e
Showing
20 changed files
with
501 additions
and
399 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2021-44168", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2022-01-04T13:15:07.957", | ||
| "lastModified": "2022-01-12T21:20:01.473", | ||
| "vulnStatus": "Analyzed", | ||
| "lastModified": "2024-10-22T21:35:02.960", | ||
| "vulnStatus": "Modified", | ||
| "cveTags": [], | ||
| "cisaExploitAdd": "2021-12-10", | ||
| "cisaActionDue": "2021-12-24", | ||
|
|
@@ -98,6 +98,16 @@ | |
| "value": "CWE-494" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-494" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2023-20795", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-08-07T04:15:13.393", | ||
| "lastModified": "2023-08-09T15:17:31.673", | ||
| "vulnStatus": "Analyzed", | ||
| "lastModified": "2024-10-22T20:35:04.323", | ||
| "vulnStatus": "Modified", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -32,6 +32,26 @@ | |
| }, | ||
| "exploitabilityScore": 0.8, | ||
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "HIGH", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH", | ||
| "baseScore": 6.7, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 0.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
|
|
@@ -45,6 +65,16 @@ | |
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2023-20809", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-08-07T04:15:14.240", | ||
| "lastModified": "2023-08-09T17:51:38.613", | ||
| "vulnStatus": "Analyzed", | ||
| "lastModified": "2024-10-22T20:35:05.140", | ||
| "vulnStatus": "Modified", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -32,6 +32,26 @@ | |
| }, | ||
| "exploitabilityScore": 0.8, | ||
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "HIGH", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH", | ||
| "baseScore": 6.7, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 0.8, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
|
|
@@ -45,6 +65,16 @@ | |
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2023-20818", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-08-07T04:15:14.827", | ||
| "lastModified": "2023-08-09T17:49:30.607", | ||
| "vulnStatus": "Analyzed", | ||
| "lastModified": "2024-10-22T20:35:05.927", | ||
| "vulnStatus": "Modified", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -32,6 +32,26 @@ | |
| }, | ||
| "exploitabilityScore": 0.8, | ||
| "impactScore": 3.6 | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "HIGH", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "NONE", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 4.4, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 0.8, | ||
| "impactScore": 3.6 | ||
| } | ||
| ] | ||
| }, | ||
|
|
@@ -45,6 +65,16 @@ | |
| "value": "CWE-125" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-125" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,63 +2,15 @@ | |
| "id": "CVE-2024-25282", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-09T04:15:07.287", | ||
| "lastModified": "2024-10-10T12:51:56.987", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-10-22T21:15:06.000", | ||
| "vulnStatus": "Rejected", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "3DSecure 2.0 allows XSS in its 3DSMethod Authentication via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn= substring." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "3DSecure 2.0 permite XSS en su autenticaci\u00f3n 3DSMethod a trav\u00e9s de un par\u00e1metro params modificado en una solicitud /rest/online con una subcadena /redirect?action=challenge&txn=." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 5.4, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 2.8, | ||
| "impactScore": 2.5 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-79" | ||
| } | ||
| ] | ||
| "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage." | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://pagosonline.redsys.es/funcionalidades-autenticacion3DS.html", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://seclists.org/fulldisclosure/2024/Sep/27", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| "metrics": {}, | ||
| "references": [] | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,63 +2,15 @@ | |
| "id": "CVE-2024-25283", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-09T04:15:07.483", | ||
| "lastModified": "2024-10-10T12:51:56.987", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-10-22T21:15:06.147", | ||
| "vulnStatus": "Rejected", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "3DSecure 2.0 allows reflected XSS in the 3DS Authorization Challenge via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn= substring." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "3DSecure 2.0 permite XSS reflejado en el desaf\u00edo de autorizaci\u00f3n 3DS a trav\u00e9s de un par\u00e1metro params modificado en una solicitud /rest/online con una subcadena /redirect?action=challenge&txn=." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 5.4, | ||
| "baseSeverity": "MEDIUM" | ||
| }, | ||
| "exploitabilityScore": 2.8, | ||
| "impactScore": 2.5 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-79" | ||
| } | ||
| ] | ||
| "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage." | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://pagosonline.redsys.es/funcionalidades-autenticacion3DS.html", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://seclists.org/fulldisclosure/2024/Sep/28", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| "metrics": {}, | ||
| "references": [] | ||
| } | ||
Oops, something went wrong.