Skip to content

Commit 33c8220

Browse files
author
cvelistV5 Github Action
committed
55 changes (1 new | 54 updated):
 - 1 new CVEs: CVE-2022-41995 - 54 updated CVEs: CVE-2023-46196, CVE-2023-46203, CVE-2023-46612, CVE-2023-46616, CVE-2023-46632, CVE-2023-46633, CVE-2023-47225, CVE-2023-47523, CVE-2023-47557, CVE-2023-47647, CVE-2023-47661, CVE-2023-47692, CVE-2023-48739, CVE-2023-48758, CVE-2024-37238, CVE-2024-37240, CVE-2024-37242, CVE-2024-37243, CVE-2024-37272, CVE-2024-37274, CVE-2024-37412, CVE-2024-37413, CVE-2024-37417, CVE-2024-37421, CVE-2024-37473, CVE-2024-37478, CVE-2024-37490, CVE-2024-37491, CVE-2024-37493, CVE-2024-37503, CVE-2024-37508, CVE-2024-37511, CVE-2024-37518, CVE-2024-37540, CVE-2024-38778, CVE-2024-38790, CVE-2024-39623, CVE-2024-49385, CVE-2024-55538, CVE-2024-56023, CVE-2024-56024, CVE-2024-56025, CVE-2024-56026, CVE-2024-56236, CVE-2024-56237, CVE-2024-56248, CVE-2024-56250, CVE-2024-56251, CVE-2024-56252, CVE-2024-56253, CVE-2024-56254, CVE-2024-56255, CVE-2024-56257, CVE-2024-56258
1 parent a1b9d62 commit 33c8220

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

57 files changed

+2733
-123
lines changed

cves/2022/41xxx/CVE-2022-41995.json

Lines changed: 122 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,122 @@
1+
{
2+
"dataType": "CVE_RECORD",
3+
"dataVersion": "5.1",
4+
"cveMetadata": {
5+
"cveId": "CVE-2022-41995",
6+
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
7+
"state": "PUBLISHED",
8+
"assignerShortName": "Patchstack",
9+
"dateReserved": "2022-10-19T11:40:57.172Z",
10+
"datePublished": "2025-01-02T14:51:05.557Z",
11+
"dateUpdated": "2025-01-02T14:51:05.557Z"
12+
},
13+
"containers": {
14+
"cna": {
15+
"affected": [
16+
{
17+
"collectionURL": "https://wordpress.org/plugins",
18+
"defaultStatus": "unaffected",
19+
"packageName": "gallery-images-ape",
20+
"product": "Gallery Images Ape",
21+
"vendor": "Galleryape",
22+
"versions": [
23+
{
24+
"lessThanOrEqual": "2.2.8",
25+
"status": "affected",
26+
"version": "n/a",
27+
"versionType": "custom"
28+
}
29+
]
30+
}
31+
],
32+
"credits": [
33+
{
34+
"lang": "en",
35+
"type": "finder",
36+
"value": "thiennv (Patchstack Alliance)"
37+
}
38+
],
39+
"descriptions": [
40+
{
41+
"lang": "en",
42+
"supportingMedia": [
43+
{
44+
"base64": false,
45+
"type": "text/html",
46+
"value": "Missing Authorization vulnerability in Galleryape Gallery Images Ape allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects Gallery Images Ape: from n/a through 2.2.8.</p>"
47+
}
48+
],
49+
"value": "Missing Authorization vulnerability in Galleryape Gallery Images Ape allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gallery Images Ape: from n/a through 2.2.8."
50+
}
51+
],
52+
"impacts": [
53+
{
54+
"capecId": "CAPEC-180",
55+
"descriptions": [
56+
{
57+
"lang": "en",
58+
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
59+
}
60+
]
61+
}
62+
],
63+
"metrics": [
64+
{
65+
"cvssV3_1": {
66+
"attackComplexity": "LOW",
67+
"attackVector": "NETWORK",
68+
"availabilityImpact": "NONE",
69+
"baseScore": 4.3,
70+
"baseSeverity": "MEDIUM",
71+
"confidentialityImpact": "NONE",
72+
"integrityImpact": "LOW",
73+
"privilegesRequired": "LOW",
74+
"scope": "UNCHANGED",
75+
"userInteraction": "NONE",
76+
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
77+
"version": "3.1"
78+
},
79+
"format": "CVSS",
80+
"scenarios": [
81+
{
82+
"lang": "en",
83+
"value": "GENERAL"
84+
}
85+
]
86+
}
87+
],
88+
"problemTypes": [
89+
{
90+
"descriptions": [
91+
{
92+
"cweId": "CWE-862",
93+
"description": "CWE-862 Missing Authorization",
94+
"lang": "en",
95+
"type": "CWE"
96+
}
97+
]
98+
}
99+
],
100+
"providerMetadata": {
101+
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
102+
"shortName": "Patchstack",
103+
"dateUpdated": "2025-01-02T14:51:05.557Z"
104+
},
105+
"references": [
106+
{
107+
"tags": [
108+
"vdb-entry"
109+
],
110+
"url": "https://patchstack.com/database/wordpress/plugin/gallery-images-ape/vulnerability/wordpress-gallery-images-ape-plugin-2-2-8-auth-broken-access-control-vulnerability?_s_id=cve"
111+
}
112+
],
113+
"source": {
114+
"discovery": "UNKNOWN"
115+
},
116+
"title": "WordPress Photo Gallery – Image Gallery by Ape Plugin <= 2.2.8 is vulnerable to Broken Access Control",
117+
"x_generator": {
118+
"engine": "Vulnogram 0.2.0"
119+
}
120+
}
121+
}
122+
}

cves/2023/46xxx/CVE-2023-46196.json

Lines changed: 36 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Patchstack",
99
"dateReserved": "2023-10-18T08:45:49.684Z",
1010
"datePublished": "2025-01-02T12:00:11.708Z",
11-
"dateUpdated": "2025-01-02T12:00:11.708Z"
11+
"dateUpdated": "2025-01-02T14:52:08.572Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -137,6 +137,40 @@
137137
"x_generator": {
138138
"engine": "Vulnogram 0.2.0"
139139
}
140-
}
140+
},
141+
"adp": [
142+
{
143+
"metrics": [
144+
{
145+
"other": {
146+
"type": "ssvc",
147+
"content": {
148+
"id": "CVE-2023-46196",
149+
"role": "CISA Coordinator",
150+
"options": [
151+
{
152+
"Exploitation": "none"
153+
},
154+
{
155+
"Automatable": "no"
156+
},
157+
{
158+
"Technical Impact": "partial"
159+
}
160+
],
161+
"version": "2.0.3",
162+
"timestamp": "2025-01-02T14:47:59.135372Z"
163+
}
164+
}
165+
}
166+
],
167+
"title": "CISA ADP Vulnrichment",
168+
"providerMetadata": {
169+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
170+
"shortName": "CISA-ADP",
171+
"dateUpdated": "2025-01-02T14:52:08.572Z"
172+
}
173+
}
174+
]
141175
}
142176
}

cves/2023/46xxx/CVE-2023-46203.json

Lines changed: 36 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Patchstack",
99
"dateReserved": "2023-10-18T13:40:25.977Z",
1010
"datePublished": "2025-01-02T12:00:15.778Z",
11-
"dateUpdated": "2025-01-02T12:00:15.778Z"
11+
"dateUpdated": "2025-01-02T14:52:08.468Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -118,6 +118,40 @@
118118
"x_generator": {
119119
"engine": "Vulnogram 0.2.0"
120120
}
121-
}
121+
},
122+
"adp": [
123+
{
124+
"metrics": [
125+
{
126+
"other": {
127+
"type": "ssvc",
128+
"content": {
129+
"id": "CVE-2023-46203",
130+
"role": "CISA Coordinator",
131+
"options": [
132+
{
133+
"Exploitation": "none"
134+
},
135+
{
136+
"Automatable": "no"
137+
},
138+
{
139+
"Technical Impact": "partial"
140+
}
141+
],
142+
"version": "2.0.3",
143+
"timestamp": "2025-01-02T14:47:52.483830Z"
144+
}
145+
}
146+
}
147+
],
148+
"title": "CISA ADP Vulnrichment",
149+
"providerMetadata": {
150+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
151+
"shortName": "CISA-ADP",
152+
"dateUpdated": "2025-01-02T14:52:08.468Z"
153+
}
154+
}
155+
]
122156
}
123157
}

cves/2023/46xxx/CVE-2023-46612.json

Lines changed: 36 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Patchstack",
99
"dateReserved": "2023-10-24T13:09:53.768Z",
1010
"datePublished": "2025-01-02T12:00:22.765Z",
11-
"dateUpdated": "2025-01-02T12:00:22.765Z"
11+
"dateUpdated": "2025-01-02T14:52:08.340Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -118,6 +118,40 @@
118118
"x_generator": {
119119
"engine": "Vulnogram 0.2.0"
120120
}
121-
}
121+
},
122+
"adp": [
123+
{
124+
"metrics": [
125+
{
126+
"other": {
127+
"type": "ssvc",
128+
"content": {
129+
"id": "CVE-2023-46612",
130+
"role": "CISA Coordinator",
131+
"options": [
132+
{
133+
"Exploitation": "none"
134+
},
135+
{
136+
"Automatable": "no"
137+
},
138+
{
139+
"Technical Impact": "partial"
140+
}
141+
],
142+
"version": "2.0.3",
143+
"timestamp": "2025-01-02T14:47:45.536664Z"
144+
}
145+
}
146+
}
147+
],
148+
"title": "CISA ADP Vulnrichment",
149+
"providerMetadata": {
150+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
151+
"shortName": "CISA-ADP",
152+
"dateUpdated": "2025-01-02T14:52:08.340Z"
153+
}
154+
}
155+
]
122156
}
123157
}

cves/2023/46xxx/CVE-2023-46616.json

Lines changed: 36 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Patchstack",
99
"dateReserved": "2023-10-24T13:10:12.432Z",
1010
"datePublished": "2025-01-02T12:00:23.490Z",
11-
"dateUpdated": "2025-01-02T12:00:23.490Z"
11+
"dateUpdated": "2025-01-02T14:52:08.225Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -137,6 +137,40 @@
137137
"x_generator": {
138138
"engine": "Vulnogram 0.2.0"
139139
}
140-
}
140+
},
141+
"adp": [
142+
{
143+
"metrics": [
144+
{
145+
"other": {
146+
"type": "ssvc",
147+
"content": {
148+
"id": "CVE-2023-46616",
149+
"role": "CISA Coordinator",
150+
"options": [
151+
{
152+
"Exploitation": "none"
153+
},
154+
{
155+
"Automatable": "no"
156+
},
157+
{
158+
"Technical Impact": "partial"
159+
}
160+
],
161+
"version": "2.0.3",
162+
"timestamp": "2025-01-02T14:47:39.308367Z"
163+
}
164+
}
165+
}
166+
],
167+
"title": "CISA ADP Vulnrichment",
168+
"providerMetadata": {
169+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
170+
"shortName": "CISA-ADP",
171+
"dateUpdated": "2025-01-02T14:52:08.225Z"
172+
}
173+
}
174+
]
141175
}
142176
}

cves/2023/46xxx/CVE-2023-46632.json

Lines changed: 36 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Patchstack",
99
"dateReserved": "2023-10-24T13:10:29.308Z",
1010
"datePublished": "2025-01-02T12:00:25.390Z",
11-
"dateUpdated": "2025-01-02T12:00:25.390Z"
11+
"dateUpdated": "2025-01-02T14:52:07.965Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -118,6 +118,40 @@
118118
"x_generator": {
119119
"engine": "Vulnogram 0.2.0"
120120
}
121-
}
121+
},
122+
"adp": [
123+
{
124+
"metrics": [
125+
{
126+
"other": {
127+
"type": "ssvc",
128+
"content": {
129+
"id": "CVE-2023-46632",
130+
"role": "CISA Coordinator",
131+
"options": [
132+
{
133+
"Exploitation": "none"
134+
},
135+
{
136+
"Automatable": "no"
137+
},
138+
{
139+
"Technical Impact": "partial"
140+
}
141+
],
142+
"version": "2.0.3",
143+
"timestamp": "2025-01-02T14:47:32.441368Z"
144+
}
145+
}
146+
}
147+
],
148+
"title": "CISA ADP Vulnrichment",
149+
"providerMetadata": {
150+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
151+
"shortName": "CISA-ADP",
152+
"dateUpdated": "2025-01-02T14:52:07.965Z"
153+
}
154+
}
155+
]
122156
}
123157
}

0 commit comments

Comments
 (0)