{"vulnerability": "CVE-2024-1116", "sightings": [{"uuid": "1eedb9da-8b23-4e5b-a704-95911114a5c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11166", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-01", "content": "", "creation_timestamp": "2025-01-21T11:00:00.000000Z"}, {"uuid": "3b499d66-fe16-410e-9597-25943a494c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11166", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lge3cgo22427", "content": "", "creation_timestamp": "2025-01-22T19:15:25.838043Z"}, {"uuid": "388cc11e-d030-461f-b1ca-521252ab43c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11166", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j6l42i2e", "content": "", "creation_timestamp": "2025-01-22T19:55:02.493056Z"}, {"uuid": "9e6b8ced-fff1-4d9f-b470-675c3c64aa23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11168", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11504", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11168\n\ud83d\udd25 CVSS Score: 6.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/AU:N)\n\ud83d\udd39 Description: The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.\n\ud83d\udccf Published: 2024-11-12T21:22:23.438Z\n\ud83d\udccf Modified: 2025-04-11T22:03:16.211Z\n\ud83d\udd17 References:\n1. https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5\n2. https://github.com/python/cpython/pull/103849\n3. https://github.com/python/cpython/issues/103848\n4. https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T/\n5. https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550\n6. https://github.com/python/cpython/commit/634ded45545ce8cbd6fd5d49785613dd7fa9b89e\n7. https://github.com/python/cpython/commit/ddca2953191c67a12b1f19d6bca41016c6ae7132", "creation_timestamp": "2025-04-11T22:51:33.000000Z"}, {"uuid": "3fd9d540-650a-45e5-a4fc-1d0e59abfd6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11167", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmhb2c3v2u", "content": "", "creation_timestamp": "2025-03-20T11:40:24.981476Z"}, {"uuid": "b8f04ec2-0bc0-4e91-9f20-cbdad72cae39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2613", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11166\n\ud83d\udd39 Description: For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control (SLC) to the lowest setting and disable the Resolution Advisory (RA), leading to a denial-of-service condition.\n\ud83d\udccf Published: 2025-01-22T18:40:30.977Z\n\ud83d\udccf Modified: 2025-01-22T18:40:30.977Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-01", "creation_timestamp": "2025-01-22T19:02:47.000000Z"}, {"uuid": "3bfab875-b7f2-4f16-9eb1-6eb97ecd1532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11168", "type": "seen", "source": "https://gist.github.com/Darkcrai86/d0c863c7c0ecbe134732581b0ae74604", "content": "", "creation_timestamp": "2025-09-29T13:21:05.000000Z"}, {"uuid": "523b6b82-8967-40e1-a3ce-645b9fed85c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11166", "type": "seen", "source": "https://t.me/cvedetector/16139", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11166 - Rockwell Collins TCAS II Transponder Ground Station Impersonation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11166 \nPublished : Jan. 22, 2025, 7:15 p.m. | 19\u00a0minutes ago \nDescription : For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control (SLC) to the lowest setting and disable the Resolution Advisory (RA), leading to a denial-of-service condition. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T20:35:05.000000Z"}, {"uuid": "ce2fb20d-f19e-4896-9266-d95771831ddd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11165", "type": "seen", "source": "https://t.me/cvedetector/10829", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11165 - YugabyteDB Anywhere SAS Token Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-11165 \nPublished : Nov. 13, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : An information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information leakage within the yb_backup log files, exposing the SAS token in plaintext. The leakage occurs during the backup procedure, leading to potential unauthorized access to resources associated with the SAS token.\u00a0This issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T17:13:40.000000Z"}, {"uuid": "a8571a04-7fce-40c8-b356-e799be73304e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11168", "type": "seen", "source": "https://t.me/cvedetector/10753", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11168 - Apache Urllib Host Validation Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-11168 \nPublished : Nov. 12, 2024, 10:15 p.m. | 37\u00a0minutes ago \nDescription : The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T23:56:22.000000Z"}, {"uuid": "1359f77a-24dd-4e9a-b9c0-d1daa56904f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1116", "type": "seen", "source": "https://t.me/ctinow/190783", "content": "https://ift.tt/r2FIHfU\nCVE-2024-1116 | openBI up to 1.0.8 Upload.php index unrestricted upload", "creation_timestamp": "2024-02-22T15:12:34.000000Z"}, {"uuid": "a2b47620-92c3-4dc4-bc4e-b46ac32d2a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1116", "type": "seen", "source": "https://t.me/ctinow/177111", "content": "https://ift.tt/JGHzbu3\nCVE-2024-1116", "creation_timestamp": "2024-01-31T21:22:10.000000Z"}]}