Skip to content

Commit

Permalink
1 changes (0 new | 1 updated):
Browse files Browse the repository at this point in the history 
      - 0 new CVEs:
      - 1 updated CVEs: CVE-2024-36610
  • Loading branch information
cvelistV5 Github Action committed Dec 24, 2024
1 parent 65e29fc commit 7887837
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 284 deletions.
134 changes: 7 additions & 127 deletions cves/2024/36xxx/CVE-2024-36610.json
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
{
"dataType": "CVE_RECORD",
"cveMetadata": {
"state": "PUBLISHED",
"state": "REJECTED",
"cveId": "CVE-2024-36610",
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"dateUpdated": "2024-12-03T20:25:26.819794",
"dateUpdated": "2024-12-24T21:13:42.813154Z",
"dateRejected": "2024-12-24T00:00:00",
"dateReserved": "2024-05-30T00:00:00",
"datePublished": "2024-11-29T00:00:00"
},
Expand All @@ -14,136 +15,15 @@
"providerMetadata": {
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre",
"dateUpdated": "2024-12-03T20:25:26.819794"
"dateUpdated": "2024-12-24T21:13:42.813154Z"
},
"descriptions": [
"rejectedReasons": [
{
"lang": "en",
"value": "A deserialization vulnerability exists in the Stub class of the VarDumper module in Symfony v7.0.3. The vulnerability stems from deficiencies in the original implementation when handling properties with null or uninitialized values. An attacker could construct specific serialized data and use this vulnerability to execute unauthorized code. NOTE: the Supplier has concluded that this is a false report."
}
],
"tags": [
"disputed"
],
"affected": [
{
"vendor": "n/a",
"product": "n/a",
"versions": [
{
"version": "n/a",
"status": "affected"
}
]
}
],
"references": [
{
"url": "https://github.com/symfony/symfony/blob/v7.0.3/src/Symfony/Component/VarDumper/Cloner/Stub.php#L53"
},
{
"url": "https://github.com/symfony/symfony/commit/3ffd495bb3cc4d2e24e35b2d83c5b909cab7e259"
},
{
"url": "https://gist.github.com/1047524396/24e93f2905850235e42ad7db6e878bd5"
},
{
"url": "https://github.com/github/advisory-database/pull/5046"
},
{
"url": "https://github.com/symfony/symfony/issues/59077#issuecomment-2513935018"
}
],
"problemTypes": [
{
"descriptions": [
{
"type": "text",
"lang": "en",
"description": "n/a"
}
]
"value": "DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
},
"adp": [
{
"problemTypes": [
{
"descriptions": [
{
"type": "CWE",
"cweId": "CWE-94",
"lang": "en",
"description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"
}
]
}
],
"affected": [
{
"vendor": "21degrees",
"product": "symphony",
"cpes": [
"cpe:2.3:a:21degrees:symphony:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"versions": [
{
"version": "7.0.3",
"status": "affected"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"scope": "UNCHANGED",
"version": "3.1",
"baseScore": 9.8,
"attackVector": "NETWORK",
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"integrityImpact": "HIGH",
"userInteraction": "NONE",
"attackComplexity": "LOW",
"availabilityImpact": "HIGH",
"privilegesRequired": "NONE",
"confidentialityImpact": "HIGH"
}
},
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2024-12-02T16:37:41.905662Z",
"id": "CVE-2024-36610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"version": "2.0.3"
}
}
}
],
"title": "CISA ADP Vulnrichment",
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2024-12-02T16:40:10.623Z"
}
}
]
}
},
"dataVersion": "5.1"
}
14 changes: 7 additions & 7 deletions cves/delta.json
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
{
"fetchTime": "2024-12-24T19:06:08.430Z",
"fetchTime": "2024-12-24T21:14:03.456Z",
"numberOfChanges": 1,
"new": [
"new": [],
"updated": [
{
"cveId": "CVE-2019-2483",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2019-2483",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2019/2xxx/CVE-2019-2483.json",
"dateUpdated": "2024-12-24T19:00:09.862Z"
"cveId": "CVE-2024-36610",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-36610",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/36xxx/CVE-2024-36610.json",
"dateUpdated": "2024-12-24T21:13:42.813154Z"
}
],
"updated": [],
"error": []
}
164 changes: 14 additions & 150 deletions cves/deltaLog.json
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,18 @@
[
{
"fetchTime": "2024-12-24T21:14:03.456Z",
"numberOfChanges": 1,
"new": [],
"updated": [
{
"cveId": "CVE-2024-36610",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-36610",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/36xxx/CVE-2024-36610.json",
"dateUpdated": "2024-12-24T21:13:42.813154Z"
}
],
"error": []
},
{
"fetchTime": "2024-12-24T19:06:08.430Z",
"numberOfChanges": 1,
Expand Down Expand Up @@ -115632,155 +115646,5 @@
}
],
"error": []
},
{
"fetchTime": "2024-11-24T20:57:40.622Z",
"numberOfChanges": 7,
"new": [
{
"cveId": "CVE-2024-53909",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-53909",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/53xxx/CVE-2024-53909.json",
"dateUpdated": "2024-11-24T20:52:46.355437"
},
{
"cveId": "CVE-2024-53910",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-53910",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/53xxx/CVE-2024-53910.json",
"dateUpdated": "2024-11-24T20:52:39.063340"
},
{
"cveId": "CVE-2024-53911",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-53911",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/53xxx/CVE-2024-53911.json",
"dateUpdated": "2024-11-24T20:52:29.548936"
},
{
"cveId": "CVE-2024-53912",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-53912",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/53xxx/CVE-2024-53912.json",
"dateUpdated": "2024-11-24T20:52:21.128270"
},
{
"cveId": "CVE-2024-53913",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-53913",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/53xxx/CVE-2024-53913.json",
"dateUpdated": "2024-11-24T20:52:15.577451"
},
{
"cveId": "CVE-2024-53914",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-53914",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/53xxx/CVE-2024-53914.json",
"dateUpdated": "2024-11-24T20:52:08.807359"
},
{
"cveId": "CVE-2024-53915",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-53915",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/53xxx/CVE-2024-53915.json",
"dateUpdated": "2024-11-24T20:52:00.732829"
}
],
"updated": [],
"error": []
},
{
"fetchTime": "2024-11-24T20:13:18.911Z",
"numberOfChanges": 2,
"new": [],
"updated": [
{
"cveId": "CVE-2024-10033",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-10033",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/10xxx/CVE-2024-10033.json",
"dateUpdated": "2024-11-24T20:05:14.572Z"
},
{
"cveId": "CVE-2024-8553",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-8553",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/8xxx/CVE-2024-8553.json",
"dateUpdated": "2024-11-24T20:04:33.536Z"
}
],
"error": []
},
{
"fetchTime": "2024-11-24T19:46:52.372Z",
"numberOfChanges": 1,
"new": [],
"updated": [
{
"cveId": "CVE-2024-9355",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-9355",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/9xxx/CVE-2024-9355.json",
"dateUpdated": "2024-11-24T19:42:44.988Z"
}
],
"error": []
},
{
"fetchTime": "2024-11-24T19:39:14.541Z",
"numberOfChanges": 1,
"new": [],
"updated": [
{
"cveId": "CVE-2024-8445",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-8445",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/8xxx/CVE-2024-8445.json",
"dateUpdated": "2024-11-24T19:33:24.251Z"
}
],
"error": []
},
{
"fetchTime": "2024-11-24T19:31:15.970Z",
"numberOfChanges": 3,
"new": [],
"updated": [
{
"cveId": "CVE-2024-9407",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-9407",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/9xxx/CVE-2024-9407.json",
"dateUpdated": "2024-11-24T19:30:20.018Z"
},
{
"cveId": "CVE-2024-9675",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-9675",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/9xxx/CVE-2024-9675.json",
"dateUpdated": "2024-11-24T19:30:28.185Z"
},
{
"cveId": "CVE-2024-9676",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-9676",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/9xxx/CVE-2024-9676.json",
"dateUpdated": "2024-11-24T19:31:10.133Z"
}
],
"error": []
},
{
"fetchTime": "2024-11-24T19:24:21.186Z",
"numberOfChanges": 3,
"new": [],
"updated": [
{
"cveId": "CVE-2024-45496",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-45496",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/45xxx/CVE-2024-45496.json",
"dateUpdated": "2024-11-24T19:21:49.398Z"
},
{
"cveId": "CVE-2024-7143",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-7143",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/7xxx/CVE-2024-7143.json",
"dateUpdated": "2024-11-24T19:15:39.083Z"
},
{
"cveId": "CVE-2024-7387",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-7387",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/7xxx/CVE-2024-7387.json",
"dateUpdated": "2024-11-24T19:21:43.241Z"
}
],
"error": []
}
]

0 comments on commit 7887837

Please sign in to comment.