-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-10-28T15:01:19.649534+00:00
- Loading branch information
1 parent
804a3b5
commit a49a4b4
Showing
218 changed files
with
4,966 additions
and
594 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2013-5919", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2014-05-30T14:55:08.397", | ||
| "lastModified": "2024-10-22T17:11:30.463", | ||
| "lastModified": "2024-10-28T12:04:18.930", | ||
| "vulnStatus": "Modified", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
|
|
@@ -61,6 +61,21 @@ | |
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.3:beta2:*:*:*:*:*:*", | ||
| "matchCriteriaId": "6AE9A26B-52F4-4732-A22B-90F763DB13B1" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.3:beta3:*:*:*:*:*:*", | ||
| "matchCriteriaId": "7C98C6B6-3CC3-4D6B-B569-6E46EA170658" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.3:rc1:*:*:*:*:*:*", | ||
| "matchCriteriaId": "EC2FC97D-56ED-4F7C-9F4A-3F1B73B5AABF" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.3.1:*:*:*:*:*:*:*", | ||
|
|
@@ -91,6 +106,26 @@ | |
| "criteria": "cpe:2.3:a:oisf:suricata:1.3.6:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "0CD31DFD-F92C-4535-88AE-41E3AA402FD4" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.4:beta1:*:*:*:*:*:*", | ||
| "matchCriteriaId": "98C0B959-3F7C-4A6E-ACE5-A34B3AB559B9" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.4:beta2:*:*:*:*:*:*", | ||
| "matchCriteriaId": "94A52C3A-9FB3-4F8F-B406-24F5C8A17675" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.4:beta3:*:*:*:*:*:*", | ||
| "matchCriteriaId": "1B12DAD5-01DE-4270-9F2B-FE4F60DA51C7" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.4:rc1:*:*:*:*:*:*", | ||
| "matchCriteriaId": "48E2FD96-DCC0-45E0-94FE-CA58B4E14740" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:oisf:suricata:1.4.1:*:*:*:*:*:*:*", | ||
|
|
@@ -117,45 +152,10 @@ | |
| "versionEndIncluding": "1.4.5", | ||
| "matchCriteriaId": "C221CDA5-C3CF-4015-AEE5-DECC263ACFAB" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.3:beta_2:*:*:*:*:*:*", | ||
| "matchCriteriaId": "070732A2-035D-4F15-8145-E44D9ECDE205" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.3:beta_3:*:*:*:*:*:*", | ||
| "matchCriteriaId": "80BB5706-1015-4AB7-879F-BD0709D75FCB" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.3:rc_1:*:*:*:*:*:*", | ||
| "matchCriteriaId": "D554BA25-4F75-47BB-BBD6-F95AF6D3EA4C" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.4:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "5EFC9D2C-F02C-4E85-B8B0-8003466F0304" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_1:*:*:*:*:*:*", | ||
| "matchCriteriaId": "DB6E59BD-FAC6-41FA-B55D-136AE4F81656" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_2:*:*:*:*:*:*", | ||
| "matchCriteriaId": "265A9EAE-23D7-4AD7-B345-2EDBCDD1D177" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_3:*:*:*:*:*:*", | ||
| "matchCriteriaId": "3E8548B3-CFDF-4009-A47B-B17E79D5CFD9" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.4:rc_1:*:*:*:*:*:*", | ||
| "matchCriteriaId": "CB6535F9-8DB6-475A-AE93-65BDD9E3E9A9" | ||
| } | ||
| ] | ||
| } | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2017-2222", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2017-07-07T13:29:00.710", | ||
| "lastModified": "2017-07-12T14:25:07.073", | ||
| "lastModified": "2024-10-28T11:41:16.087", | ||
| "vulnStatus": "Analyzed", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
|
|
@@ -85,9 +85,9 @@ | |
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:wp-members_project:wp-members:*:*:*:*:*:wordpress:*:*", | ||
| "criteria": "cpe:2.3:a:butlerblog:wp-members:*:*:*:*:*:wordpress:*:*", | ||
| "versionEndIncluding": "3.1.7", | ||
| "matchCriteriaId": "886BBAE6-6D63-4734-B58A-3D9168D6783C" | ||
| "matchCriteriaId": "7C273FA7-06C1-4E9D-A297-E7B4F810672B" | ||
| } | ||
| ] | ||
| } | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2019-15660", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2019-08-27T13:15:10.333", | ||
| "lastModified": "2019-08-28T19:56:05.557", | ||
| "lastModified": "2024-10-28T11:41:16.087", | ||
| "vulnStatus": "Analyzed", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
|
|
@@ -85,9 +85,9 @@ | |
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:wp-members_project:wp-members:*:*:*:*:*:wordpress:*:*", | ||
| "criteria": "cpe:2.3:a:butlerblog:wp-members:*:*:*:*:*:wordpress:*:*", | ||
| "versionEndExcluding": "3.2.8", | ||
| "matchCriteriaId": "BF306CEF-A2BC-4351-B13B-78834423AEC0" | ||
| "matchCriteriaId": "4B62F90D-3E7A-41CB-989E-8F627ED33CE5" | ||
| } | ||
| ] | ||
| } | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26303", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:13.460", | ||
| "lastModified": "2024-10-26T21:15:13.460", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "insane is a whitelist-oriented HTML sanitizer. Versions 2.6.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "insane es un sanitizador HTML orientado a listas blancas. Las versiones 2.6.2 y anteriores contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio de expresiones regulares (ReDoS). Al momento de la publicaci\u00f3n, no se conocen parches disponibles." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26304", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:13.673", | ||
| "lastModified": "2024-10-26T21:15:13.673", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any fixes are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "Foundation es un framework de trabajo front-end. Las versiones 6.3.3 y anteriores contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio por expresi\u00f3n regular (ReDoS). Al momento de la publicaci\u00f3n, se desconoce si hay alguna soluci\u00f3n disponible." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26305", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:13.783", | ||
| "lastModified": "2024-10-26T21:15:13.783", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "CommonRegexJS es un puerto de CommonRegex para JavaScript. Todas las versiones disponibles contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio de expresiones regulares (ReDoS). Al momento de la publicaci\u00f3n, no se conoc\u00edan parches disponibles." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26306", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:13.883", | ||
| "lastModified": "2024-10-26T21:15:13.883", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "Knwl.js es una librer\u00eda de Javascript que analiza textos en busca de fechas, horas, n\u00fameros de tel\u00e9fono, correos electr\u00f3nicos, lugares y m\u00e1s. Las versiones 1.0.2 y anteriores contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio por expresi\u00f3n regular (ReDoS). Al momento de la publicaci\u00f3n, no se conocen parches disponibles." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26307", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:13.980", | ||
| "lastModified": "2024-10-26T21:15:13.980", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "HTML2Markdown es una implementaci\u00f3n de Javascript para convertir HTML en texto Markdown. Todas las versiones disponibles contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio por expresi\u00f3n regular (ReDoS). Al momento de la publicaci\u00f3n, no se conoc\u00edan parches disponibles." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26308", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:14.087", | ||
| "lastModified": "2024-10-26T21:15:14.087", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Validate.js provides a declarative way of validating javascript objects. Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "Validate.js proporciona una forma declarativa de validar objetos de JavaScript. Las versiones 0.13.1 y anteriores contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio por expresi\u00f3n regular (ReDoS). Al momento de la publicaci\u00f3n, no se conoc\u00edan parches disponibles." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26309", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:14.190", | ||
| "lastModified": "2024-10-26T21:15:14.190", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Validate.js provides a declarative way of validating javascript objects. Versions 0.11.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any patches are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "Validate.js proporciona una forma declarativa de validar objetos de JavaScript. Las versiones 0.11.3 y anteriores contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio por expresi\u00f3n regular (ReDoS). Al momento de la publicaci\u00f3n, se desconoce si hay parches disponibles." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26310", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:14.297", | ||
| "lastModified": "2024-10-26T21:15:14.297", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Validate.js provides a declarative way of validating javascript objects. All versions as of 30 November 2020 contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, it is unknown if any patches are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "Validate.js proporciona una forma declarativa de validar objetos de JavaScript. Todas las versiones al 30 de noviembre de 2020 contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio por expresi\u00f3n regular (ReDoS). Al momento de la publicaci\u00f3n, se desconoce si hay parches disponibles." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2020-26311", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-26T21:15:14.400", | ||
| "lastModified": "2024-10-26T21:15:14.400", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no patches are available." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "Useragent es un analizador de agente de usuario para Node.js. Todas las versiones al momento de la publicaci\u00f3n contienen una o m\u00e1s expresiones regulares que son vulnerables a la denegaci\u00f3n de servicio de expresiones regulares (ReDoS). Al momento de la publicaci\u00f3n, no hay parches disponibles." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2022-30354", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-25T16:15:08.663", | ||
| "lastModified": "2024-10-25T16:15:08.663", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserWithTeam. Authentication is required. The information disclosed is associated with all registered user ID numbers." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "OvalEdge 5.2.8.0 y versiones anteriores se ven afectadas por una vulnerabilidad de exposici\u00f3n de datos confidenciales a trav\u00e9s de una solicitud GET a /user/getUserWithTeam. Se requiere autenticaci\u00f3n. La informaci\u00f3n divulgada est\u00e1 asociada con todos los n\u00fameros de identificaci\u00f3n de usuario registrados." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2022-30355", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-25T16:15:08.733", | ||
| "lastModified": "2024-10-25T19:35:01.173", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. Authentication is required." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "OvalEdge 5.2.8.0 y versiones anteriores se ven afectadas por una vulnerabilidad de apropiaci\u00f3n de cuenta mediante una solicitud POST a /profile/updateProfile mediante los par\u00e1metros userId y email. Se requiere autenticaci\u00f3n." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,13 +2,17 @@ | |
| "id": "CVE-2022-30356", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-10-25T17:15:03.387", | ||
| "lastModified": "2024-10-25T17:15:03.387", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-10-28T13:58:09.230", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST request to /user/assignuserrole via the userid and role parameters . Authentication is required with OE_ADMIN role privilege." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "OvalEdge 5.2.8.0 y versiones anteriores se ven afectadas por una vulnerabilidad de escalada de privilegios a trav\u00e9s de una solicitud POST a /user/assignuserrole mediante los par\u00e1metros userid y role. Se requiere autenticaci\u00f3n con el privilegio de rol OE_ADMIN." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
|
|
||
Oops, something went wrong.