Skip to content
This repository was archived by the owner on Jun 10, 2025. It is now read-only.

Commit 084a3d3

Browse files
cve-teamcve-team
committed
"-Synchronized-Data."
1 parent 4403c2b commit 084a3d3

File tree

6 files changed

+232
-55
lines changed

6 files changed

+232
-55
lines changed

2018/1xxx/CVE-2018-1546.json

Lines changed: 74 additions & 51 deletions
Original file line numberDiff line numberDiff line change
@@ -1,144 +1,167 @@
11
{
2+
"data_version": "4.0",
3+
"data_type": "CVE",
4+
"data_format": "MITRE",
25
"CVE_data_meta": {
3-
"ASSIGNER": "[email protected]",
4-
"DATE_PUBLIC": "2018-07-02T00:00:00",
56
"ID": "CVE-2018-1546",
7+
"ASSIGNER": "[email protected]",
68
"STATE": "PUBLIC"
79
},
10+
"description": {
11+
"description_data": [
12+
{
13+
"lang": "eng",
14+
"value": "IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142650."
15+
}
16+
]
17+
},
18+
"problemtype": {
19+
"problemtype_data": [
20+
{
21+
"description": [
22+
{
23+
"lang": "eng",
24+
"value": "Obtain Information"
25+
}
26+
]
27+
}
28+
]
29+
},
830
"affects": {
931
"vendor": {
1032
"vendor_data": [
1133
{
34+
"vendor_name": "IBM",
1235
"product": {
1336
"product_data": [
1437
{
1538
"product_name": "API Connect",
1639
"version": {
1740
"version_data": [
1841
{
42+
"version_affected": "=",
1943
"version_value": "5.0.1.0"
2044
},
2145
{
46+
"version_affected": "=",
2247
"version_value": "5.0.0.0"
2348
},
2449
{
50+
"version_affected": "=",
2551
"version_value": "5.0.2.0"
2652
},
2753
{
54+
"version_affected": "=",
2855
"version_value": "5.0.5.0"
2956
},
3057
{
58+
"version_affected": "=",
3159
"version_value": "5.0.6.0"
3260
},
3361
{
62+
"version_affected": "=",
3463
"version_value": "5.0.6.1"
3564
},
3665
{
66+
"version_affected": "=",
3767
"version_value": "5.0.6.2"
3868
},
3969
{
70+
"version_affected": "=",
4071
"version_value": "5.0.7.0"
4172
},
4273
{
74+
"version_affected": "=",
4375
"version_value": "5.0.7.1"
4476
},
4577
{
78+
"version_affected": "=",
4679
"version_value": "5.0.3.0"
4780
},
4881
{
82+
"version_affected": "=",
4983
"version_value": "5.0.4.0"
5084
},
5185
{
86+
"version_affected": "=",
5287
"version_value": "5.0.7.2"
5388
},
5489
{
90+
"version_affected": "=",
5591
"version_value": "5.0.6.3"
5692
},
5793
{
94+
"version_affected": "=",
5895
"version_value": "5.0.6.4"
5996
},
6097
{
98+
"version_affected": "=",
6199
"version_value": "5.0.8.0"
62100
},
63101
{
102+
"version_affected": "=",
64103
"version_value": "5.0.8.1"
65104
},
66105
{
106+
"version_affected": "=",
67107
"version_value": "5.0.6.5"
68108
},
69109
{
110+
"version_affected": "=",
70111
"version_value": "5.0.6.6"
71112
},
72113
{
114+
"version_affected": "=",
73115
"version_value": "5.0.8.2"
74116
},
75117
{
118+
"version_affected": "=",
76119
"version_value": "5.0.8.3"
77120
}
78121
]
79122
}
80123
}
81124
]
82-
},
83-
"vendor_name": "IBM"
125+
}
84126
}
85127
]
86128
}
87129
},
88-
"data_format": "MITRE",
89-
"data_type": "CVE",
90-
"data_version": "4.0",
91-
"description": {
92-
"description_data": [
130+
"references": {
131+
"reference_data": [
93132
{
94-
"lang": "eng",
95-
"value": "IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142650."
96-
}
97-
]
98-
},
99-
"impact": {
100-
"cvssv3": {
101-
"BM": {
102-
"A": "N",
103-
"AC": "H",
104-
"AV": "N",
105-
"C": "H",
106-
"I": "N",
107-
"PR": "N",
108-
"S": "U",
109-
"SCORE": "5.900",
110-
"UI": "N"
133+
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142650",
134+
"refsource": "MISC",
135+
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142650"
111136
},
112-
"TM": {
113-
"E": "U",
114-
"RC": "C",
115-
"RL": "O"
116-
}
117-
}
118-
},
119-
"problemtype": {
120-
"problemtype_data": [
121137
{
122-
"description": [
123-
{
124-
"lang": "eng",
125-
"value": "Obtain Information"
126-
}
127-
]
138+
"url": "https://www.ibm.com/support/pages/node/715299",
139+
"refsource": "MISC",
140+
"name": "https://www.ibm.com/support/pages/node/715299"
128141
}
129142
]
130143
},
131-
"references": {
132-
"reference_data": [
133-
{
134-
"name": "ibm-api-cve20181546-info-disc(142650)",
135-
"refsource": "XF",
136-
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142650"
137-
},
144+
"generator": {
145+
"engine": "Vulnogram 0.2.0"
146+
},
147+
"source": {
148+
"discovery": "UNKNOWN"
149+
},
150+
"impact": {
151+
"cvss": [
138152
{
139-
"name": "https://www-prd-trops.events.ibm.com/node/715299",
140-
"refsource": "CONFIRM",
141-
"url": "https://www-prd-trops.events.ibm.com/node/715299"
153+
"attackComplexity": "HIGH",
154+
"attackVector": "NETWORK",
155+
"availabilityImpact": "NONE",
156+
"baseScore": 5.9,
157+
"baseSeverity": "MEDIUM",
158+
"confidentialityImpact": "HIGH",
159+
"integrityImpact": "NONE",
160+
"privilegesRequired": "NONE",
161+
"scope": "UNCHANGED",
162+
"userInteraction": "NONE",
163+
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
164+
"version": "3.1"
142165
}
143166
]
144167
}

2024/45xxx/CVE-2024-45406.json

Lines changed: 86 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,99 @@
11
{
2+
"data_version": "4.0",
23
"data_type": "CVE",
34
"data_format": "MITRE",
4-
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2024-45406",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
99
},
1010
"description": {
1111
"description_data": [
1212
{
1313
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
14+
"value": "Craft is a content management system (CMS). Craft CMS 5 stored XSS can be triggered by the breadcrumb list and title fields with user input."
15+
}
16+
]
17+
},
18+
"problemtype": {
19+
"problemtype_data": [
20+
{
21+
"description": [
22+
{
23+
"lang": "eng",
24+
"value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
25+
"cweId": "CWE-80"
26+
}
27+
]
28+
},
29+
{
30+
"description": [
31+
{
32+
"lang": "eng",
33+
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
34+
"cweId": "CWE-79"
35+
}
36+
]
37+
}
38+
]
39+
},
40+
"affects": {
41+
"vendor": {
42+
"vendor_data": [
43+
{
44+
"vendor_name": "craftcms",
45+
"product": {
46+
"product_data": [
47+
{
48+
"product_name": "cms",
49+
"version": {
50+
"version_data": [
51+
{
52+
"version_affected": "=",
53+
"version_value": ">= 5.0.0, < 5.1.2"
54+
}
55+
]
56+
}
57+
}
58+
]
59+
}
60+
}
61+
]
62+
}
63+
},
64+
"references": {
65+
"reference_data": [
66+
{
67+
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-28h4-788g-rh42",
68+
"refsource": "MISC",
69+
"name": "https://github.com/craftcms/cms/security/advisories/GHSA-28h4-788g-rh42"
70+
},
71+
{
72+
"url": "https://github.com/craftcms/cms/commit/b7348942f8131b3868ec6f46d615baae50151bb8",
73+
"refsource": "MISC",
74+
"name": "https://github.com/craftcms/cms/commit/b7348942f8131b3868ec6f46d615baae50151bb8"
75+
}
76+
]
77+
},
78+
"source": {
79+
"advisory": "GHSA-28h4-788g-rh42",
80+
"discovery": "UNKNOWN"
81+
},
82+
"impact": {
83+
"cvss": [
84+
{
85+
"attackComplexity": "LOW",
86+
"attackVector": "NETWORK",
87+
"availabilityImpact": "LOW",
88+
"baseScore": 5.5,
89+
"baseSeverity": "MEDIUM",
90+
"confidentialityImpact": "LOW",
91+
"integrityImpact": "LOW",
92+
"privilegesRequired": "LOW",
93+
"scope": "UNCHANGED",
94+
"userInteraction": "REQUIRED",
95+
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
96+
"version": "3.1"
1597
}
1698
]
1799
}

2024/8xxx/CVE-2024-8612.json

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
{
2+
"data_type": "CVE",
3+
"data_format": "MITRE",
4+
"data_version": "4.0",
5+
"CVE_data_meta": {
6+
"ID": "CVE-2024-8612",
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "RESERVED"
9+
},
10+
"description": {
11+
"description_data": [
12+
{
13+
"lang": "eng",
14+
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
15+
}
16+
]
17+
}
18+
}

2024/8xxx/CVE-2024-8613.json

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
{
2+
"data_type": "CVE",
3+
"data_format": "MITRE",
4+
"data_version": "4.0",
5+
"CVE_data_meta": {
6+
"ID": "CVE-2024-8613",
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "RESERVED"
9+
},
10+
"description": {
11+
"description_data": [
12+
{
13+
"lang": "eng",
14+
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
15+
}
16+
]
17+
}
18+
}

2024/8xxx/CVE-2024-8614.json

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
{
2+
"data_type": "CVE",
3+
"data_format": "MITRE",
4+
"data_version": "4.0",
5+
"CVE_data_meta": {
6+
"ID": "CVE-2024-8614",
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "RESERVED"
9+
},
10+
"description": {
11+
"description_data": [
12+
{
13+
"lang": "eng",
14+
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
15+
}
16+
]
17+
}
18+
}

0 commit comments

Comments
 (0)