{"vulnerability": "cve-2024-1279", "sightings": [{"uuid": "74e084e7-dd94-47f1-b2fb-966efe7e5cfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12790", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoeqygnvm2z", "content": "", "creation_timestamp": "2024-12-19T17:15:40.520236Z"}, {"uuid": "bffec56e-5a41-4374-b027-6dfc32530a23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12798", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113680144577181941", "content": "", "creation_timestamp": "2024-12-19T15:15:47.215387Z"}, {"uuid": "ca274af4-4715-4a2b-9a31-763ef5b5d64e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12791", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113680696928009298", "content": "", "creation_timestamp": "2024-12-19T17:36:15.871293Z"}, {"uuid": "dec8cd52-7ee7-4da0-b7ff-d96c9b7c7bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12792", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113680696964231045", "content": "", "creation_timestamp": "2024-12-19T17:36:16.008407Z"}, {"uuid": "4bb96995-4bc1-4555-813f-6609155babb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12798", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldobfj62zm2m", "content": "", "creation_timestamp": "2024-12-19T16:15:33.694197Z"}, {"uuid": "6c9c5a63-3c4f-4281-90bb-f4a5a6b7ce5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12793", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113680835434980676", "content": "", "creation_timestamp": "2024-12-19T18:11:29.076369Z"}, {"uuid": "25c8ac34-5a86-42f1-85b4-cc9b8475b516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12794", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113680835451609002", "content": "", "creation_timestamp": "2024-12-19T18:11:29.245237Z"}, {"uuid": "0026c38f-cc28-44cc-a516-f2dcd141a70e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12793", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoi4lrbhs2a", "content": "", "creation_timestamp": "2024-12-19T18:15:51.661364Z"}, {"uuid": "b34a942f-8889-49a2-bdf3-4020b712e706", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12791", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoi4gdgxw2t", "content": "", "creation_timestamp": "2024-12-19T18:15:45.082727Z"}, {"uuid": "30155ae7-9f30-4795-a339-e9ffe69c3972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12792", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoi4jac3h2s", "content": "", "creation_timestamp": "2024-12-19T18:15:48.004206Z"}, {"uuid": "f16a79ae-a8c8-47d6-bf52-a07b5f72d0a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12794", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoi4o4kkd2a", "content": "", "creation_timestamp": "2024-12-19T18:15:54.015275Z"}, {"uuid": "988a2396-bd56-4481-8fd1-3cb4fd0f1cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12790", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113680563005258460", "content": "", "creation_timestamp": "2024-12-19T17:02:11.845086Z"}, {"uuid": "f0d51497-d38c-40da-a9db-4a383114c494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lhwl6qljlt2b", "content": "", "creation_timestamp": "2025-02-11T21:12:48.625473Z"}, {"uuid": "1af5cc10-54c2-4462-83fc-ab3f40242333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://mstdn.social/users/jschauma/statuses/113986084509292381", "content": "", "creation_timestamp": "2025-02-11T16:00:21.062436Z"}, {"uuid": "49a96361-f01b-465d-b875-da07b5733bcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/jschauma.mstdn.social.ap.brid.gy/post/3lhvzqexxfr62", "content": "", "creation_timestamp": "2025-02-11T16:02:36.938030Z"}, {"uuid": "0a6478de-cc7c-42f5-93d3-5056098414ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://infosec.exchange/users/harrysintonen/statuses/113986114572408411", "content": "", "creation_timestamp": "2025-02-11T16:07:58.868756Z"}, {"uuid": "04b26c7d-2027-4d12-ac39-f7fa6bda9481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113986123111497297", "content": "", "creation_timestamp": "2025-02-11T16:10:09.296099Z"}, {"uuid": "38a0e588-abe1-4c34-a895-3aa4b2e119b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw2mgqh2r2z", "content": "", "creation_timestamp": "2025-02-11T16:16:14.692289Z"}, {"uuid": "90011db7-78a6-47bd-9801-394d1646ee25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/nopnop.bsky.social/post/3lhw3kkpfjk2s", "content": "", "creation_timestamp": "2025-02-11T16:33:05.458198Z"}, {"uuid": "ad6d0bb6-3ac4-48a9-ba96-733b0c2c33b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://infosec.exchange/users/harrysintonen/statuses/113986223970690995", "content": "", "creation_timestamp": "2025-02-11T16:35:48.246615Z"}, {"uuid": "abe539ef-efbe-4823-b7b3-d212222f584f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://cyberplace.social/users/GossiTheDog/statuses/113986371147606531", "content": "", "creation_timestamp": "2025-02-11T17:13:30.264969Z"}, {"uuid": "5c033d16-8866-4777-8b2d-40cc33d46cce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/GossiTheDog.cyberplace.social.ap.brid.gy/post/3lhw5sl6da4k2", "content": "", "creation_timestamp": "2025-02-11T17:14:30.811241Z"}, {"uuid": "7120da3a-1402-4fbd-bc67-6901d09ccf23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lhw6eqm5dt2o", "content": "", "creation_timestamp": "2025-02-11T17:23:31.374437Z"}, {"uuid": "e711c77b-8b6f-40d2-b775-2d454c75ff5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/thedarktangent.defcon.social.ap.brid.gy/post/3lhw7jowyml22", "content": "", "creation_timestamp": "2025-02-11T17:44:20.328590Z"}, {"uuid": "4764224a-3c42-487e-9fd7-71e2c64429db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhxbsvu6qk2t", "content": "", "creation_timestamp": "2025-02-12T03:57:49.697405Z"}, {"uuid": "ce6302ff-becb-4a1f-88c3-29f949916c42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lhwnp4zdxc2n", "content": "", "creation_timestamp": "2025-02-11T21:57:48.606036Z"}, {"uuid": "90df0342-6f81-4ac1-8ec7-534f66a24a7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lhwyyxvsnq24", "content": "", "creation_timestamp": "2025-02-12T01:20:08.150763Z"}, {"uuid": "52344ee5-6975-445f-bd0b-ba91dff708e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-d7b1a167-647a6d58b1b9a9ed", "content": "", "creation_timestamp": "2025-02-12T07:10:39.294874Z"}, {"uuid": "8069e16b-5a1d-4d61-834d-472398883d5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lhxnteqvbo2t", "content": "", "creation_timestamp": "2025-02-12T07:32:48.453654Z"}, {"uuid": "783167ba-d97a-4e60-a81c-00c1122b330d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3lhxp7olhza2b", "content": "", "creation_timestamp": "2025-02-12T07:57:34.690807Z"}, {"uuid": "6261bc6e-675d-4706-9ec5-293184441ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://threatintel.cc/2025/02/11/openssl-patched-highseverity-flaw-cve.html", "content": "", "creation_timestamp": "2025-02-12T02:25:37.000000Z"}, {"uuid": "2251b211-ea3b-4f25-a568-b15b60fb142c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lhy7ha6coc2a", "content": "", "creation_timestamp": "2025-02-12T12:48:08.960912Z"}, {"uuid": "c99b231f-d2c8-475e-bfd8-8005e8991484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12799", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ljz3plydbk2l", "content": "", "creation_timestamp": "2025-03-10T08:04:20.542593Z"}, {"uuid": "3db1bb54-7eb1-485c-920a-041e95be9984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lhz7yzmjnc2n", "content": "", "creation_timestamp": "2025-02-12T22:30:45.089464Z"}, {"uuid": "d1f7bac0-3556-4fc5-aa9f-40670add1fd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-12799", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljytihhk3k2g", "content": "", "creation_timestamp": "2025-03-10T05:37:07.669875Z"}, {"uuid": "914f0853-ccd8-47f2-970b-bd268ea16e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-12797", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lhzzaiszfc23", "content": "", "creation_timestamp": "2025-02-13T06:02:19.655857Z"}, {"uuid": "5bdb1055-f12b-4f35-9393-862f7af4a84c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12799", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3ljz7dmeooc2w", "content": "", "creation_timestamp": "2025-03-10T09:09:09.698961Z"}, {"uuid": "741ed445-1100-4ce2-9007-cdcf7a8b65bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12799", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljttc42iuk2i", "content": "", "creation_timestamp": "2025-03-08T05:50:17.244617Z"}, {"uuid": "36087662-ed3f-4864-9cde-4636cecfc363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12799", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljndxytswc2y", "content": "", "creation_timestamp": "2025-03-05T16:00:13.386323Z"}, {"uuid": "b852a312-a57f-4120-bd31-3f6aad0d5f28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "Telegram/8dC8Y0y7AH5u-csD6nQkRRHlFFCMp4oeZ-Wa7x9heCpVdFqz", "content": "", "creation_timestamp": "2025-02-15T23:50:17.000000Z"}, {"uuid": "774f77a2-af0c-431c-9fd2-ae53d5613d8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12799", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lmidtvqplc2m", "content": "", "creation_timestamp": "2025-04-10T20:30:10.917270Z"}, {"uuid": "cbddc259-668f-4d9d-9a25-6c1d7fa6422b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3933", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12797\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 42.0.0-44.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20250211.txt.\n\nIf you are building cryptography source (\"sdist\") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.\n\ud83d\udccf Published: 2025-02-11T18:06:42Z\n\ud83d\udccf Modified: 2025-02-11T21:41:35Z\n\ud83d\udd17 References:\n1. https://github.com/pyca/cryptography/security/advisories/GHSA-79v4-65xg-pq4g\n2. https://nvd.nist.gov/vuln/detail/CVE-2024-12797\n3. https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9\n4. https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7\n5. https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699\n6. https://github.com/pyca/cryptography\n7. https://openssl-library.org/news/secadv/20250211.txt\n8. http://www.openwall.com/lists/oss-security/2025/02/11/3", "creation_timestamp": "2025-02-11T22:07:42.000000Z"}, {"uuid": "66dc953f-55bd-4522-8a75-8432701cfbc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12799", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6554", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12799\n\ud83d\udd25 CVSS Score: 10 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:H/U:Red)\n\ud83d\udd39 Description: Insufficiently Protected Credentials\nvulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux,\n64 bit allows Privilege Abuse. This vulnerability could allow an\nauthenticated user to obtain higher privileged user\u2019s sensitive information via\ncrafted payload.\n\nThis issue affects Identity Manager Advanced\nEdition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.\n\ud83d\udccf Published: 2025-03-05T14:55:55.363Z\n\ud83d\udccf Modified: 2025-03-05T14:55:55.363Z\n\ud83d\udd17 References:\n1. https://portal.microfocus.com/s/article/KM000037455", "creation_timestamp": "2025-03-05T15:33:03.000000Z"}, {"uuid": "1b537108-f8d8-400f-a4b3-4eecaea86725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12799", "type": "seen", "source": "https://t.me/cvedetector/19647", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12799 - OpenText Identity Manager Advanced Edition: Credential Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12799 \nPublished : March 5, 2025, 3:15 p.m. | 2\u00a0hours, 3\u00a0minutes ago \nDescription : Insufficiently Protected Credentials  \nvulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux,  \n64 bit allows Privilege Abuse. This vulnerability could allow an  \nauthenticated user to obtain higher privileged user\u2019s sensitive information via  \ncrafted payload.  \n  \nThis issue affects Identity Manager Advanced  \nEdition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T18:37:11.000000Z"}, {"uuid": "6ad466ce-868c-4a67-ad9b-dfe525da4c18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12792", "type": "seen", "source": "https://t.me/cvedetector/13358", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12792 - Codezips E-Commerce Site SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12792 \nPublished : Dec. 19, 2024, 6:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T19:50:18.000000Z"}, {"uuid": "e6b51d32-2a04-4930-996f-80e370c9bc7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12794", "type": "seen", "source": "https://t.me/cvedetector/13356", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12794 - Codezips E-Commerce Site SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12794 \nPublished : Dec. 19, 2024, 6:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T19:50:17.000000Z"}, {"uuid": "208e893d-3e39-4693-aac9-3a1aa50551bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12791", "type": "seen", "source": "https://t.me/cvedetector/13357", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12791 - Codezips E-Commerce Site SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12791 \nPublished : Dec. 19, 2024, 6:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T19:50:18.000000Z"}, {"uuid": "14c2d03c-e491-45c1-9fd9-6301b02ec0d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12793", "type": "seen", "source": "https://t.me/cvedetector/13355", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12793 - PbootCMS Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12793 \nPublished : Dec. 19, 2024, 6:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.2.4 is able to address this issue. It is recommended to upgrade the affected component. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T19:50:13.000000Z"}, {"uuid": "17e82166-da5c-44fa-a03f-a233eba16e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12790", "type": "seen", "source": "https://t.me/cvedetector/13348", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12790 - Code-Projects Hostel Management Site Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12790 \nPublished : Dec. 19, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Hostel Management Site 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file room-details.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T19:00:02.000000Z"}, {"uuid": "ab4e3c8e-bb92-468a-b55b-96d736b05067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12798", "type": "seen", "source": "https://t.me/cvedetector/13342", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12798 - Logback Core JaninoEventEvaluator Code Execution Armstrong\", \n  \"Content\": \"CVE ID : CVE-2024-12798 \nPublished : Dec. 19, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : ACE vulnerability in JaninoEventEvaluator  by QOS.CH logback-core  \n      upto and including version 1.5.12 in Java applications allows  \n      attacker to execute arbitrary code by compromising an existing  \n      logback configuration file or by injecting an environment variable  \n      before program execution.  \n  \n  \n  \n  \n  \nMalicious logback configuration files can allow the attacker to execute   \narbitrary code using the JaninoEventEvaluator extension.  \n  \n  \n  \nA successful attack requires the user to have write access to a   \nconfiguration file. Alternatively, the attacker could inject a malicious   \nenvironment variable pointing to a malicious configuration file. In both   \ncases, the attack requires existing privilege. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T18:09:50.000000Z"}, {"uuid": "56e166cb-e89f-4996-b9ec-17c16167cdd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://t.me/ctinow/230743", "content": "OpenSSL patched high-severity flaw CVE-2024-12797\nhttps://ift.tt/PQwVhu7", "creation_timestamp": "2025-02-11T22:54:05.000000Z"}, {"uuid": "40f8594e-7caa-4d57-a7b1-ff7a261e2ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "Telegram/0OKLswXosOTSdD7vyDBRQqLCjWkZAUSEQtrSX3nomLwKk1cc", "content": "", "creation_timestamp": "2025-02-18T21:11:31.000000Z"}, {"uuid": "5589e23e-2cd0-4d3d-bc64-a96e52bd55dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12799", "type": "seen", "source": "https://t.me/CyberBulletin/2552", "content": "\u26a1CVE-2024-12799 (CVSS 10): OpenText Identity Manager Vulnerability Exposes Sensitive Information.\n\n#CyberBulletin", "creation_timestamp": "2025-03-10T14:44:35.000000Z"}, {"uuid": "daa45084-18f8-4c3c-b592-a6683ea760a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "Telegram/7dZORug9wlYgQr8SgDaF1frGuxN2bNwOCI7flDB74Lc3L0yt", "content": "", "creation_timestamp": "2025-02-14T10:04:01.000000Z"}, {"uuid": "dda6a01d-b410-4237-a17a-1711dba1a1a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://t.me/true_secator/6723", "content": "Apple \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OpenSSL, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0443\u044e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f MitM-\u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 OpenSSL \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0438 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u0439 \u0437\u0430 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435.\u00a0\n\nCVE-2024-12797\u00a0\u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c c OpenSSL 3.2 \u0441 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 RPK.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u043c\u0438 \u043d\u0435\u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 RFC7250 (RPK) \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0440\u0435\u0436\u0438\u043c\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 SSL_VERIFY_PEER \u0440\u0443\u043a\u043e\u043f\u043e\u0436\u0430\u0442\u0438\u044f \u043d\u0435 \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u044e\u0442\u0441\u044f, \u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u043b\u043e\u0441\u044c, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u043c\u043e\u0433\u0443\u0442 \u043d\u0435 \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u0435\u0440\u0432\u0435\u0440 \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u043b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\u00a0\n\n\u0415\u0441\u043b\u0438 \u043a\u043b\u0438\u0435\u043d\u0442 \u043d\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u0442 \u0441\u0431\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b \u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 MitM \u043d\u0430 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f\u0445 TLS \u0438 DTLS, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 RPK.\n\nRPK \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043a\u0430\u043a \u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u0445, \u0442\u0430\u043a \u0438 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 TLS. \n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u043e\u0433\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u044b TLS \u044f\u0432\u043d\u043e \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 RPK \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c, \u0430 \u0441\u0435\u0440\u0432\u0435\u0440, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 RPK \u0432\u043c\u0435\u0441\u0442\u043e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 X.509.\n\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0440\u0443\u043a\u043e\u043f\u043e\u0436\u0430\u0442\u0438\u0435 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u043e, \u043a\u043e\u0433\u0434\u0430 RPK \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043d\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043e\u0434\u043d\u043e\u043c\u0443 \u0438\u0437 \u043e\u0436\u0438\u0434\u0430\u0435\u043c\u044b\u0445 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u043a\u043b\u044e\u0447\u0435\u0439, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044f \u0440\u0435\u0436\u0438\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043d\u0430 SSL_VERIFY_PEER.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043d\u0435\u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0435\u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u0430\u0441\u044c, \u0432\u044b\u0437\u0432\u0430\u0432 SSL_get_verify_result(), \u0430 \u0442\u0435, \u043a\u0442\u043e \u044d\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u043d\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u044e\u0442.\n\nOpenSSL 3.4, 3.3 \u0438 3.2 \u0443\u044f\u0437\u0432\u0438\u043c\u044b. CVE-2024-12797 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c 3.4.1, 3.3.2 \u0438 3.2.4.", "creation_timestamp": "2025-02-12T10:04:38.000000Z"}, {"uuid": "4221b2a4-1003-4333-91f3-272632b9acb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://t.me/information_security_channel/53076", "content": "High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks\nhttps://www.securityweek.com/high-severity-openssl-vulnerability-found-by-apple-allows-mitm-attacks/\n\nOpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks.\nThe post High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks (https://www.securityweek.com/high-severity-openssl-vulnerability-found-by-apple-allows-mitm-attacks/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-02-11T20:10:22.000000Z"}, {"uuid": "d3d3a3d9-760b-4f43-90ac-d466cf4503c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1279", "type": "seen", "source": "https://t.me/ctinow/204973", "content": "https://ift.tt/yYx2pTR\nCVE-2024-1279", "creation_timestamp": "2024-03-11T19:27:18.000000Z"}, {"uuid": "4cf355f7-5c31-4916-9763-0719d97a8dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12798", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3ml6w2j5p2y2b", "content": "\ud83d\udd17 CVE : CVE-2016-1000027, CVE-2024-12798, CVE-2026-23949, CVE-2026-24049, CVE-2026-27140, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32285, CVE-2026-32288, CVE-2026-32289, CVE-2026-33810, CVE-2026-34040, CVE-2026-39883", "creation_timestamp": "2026-05-06T14:30:22.480978Z"}, {"uuid": "df73a8a8-f291-48dd-91e1-7f71edf0ee51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12797", "type": "seen", "source": "https://gist.github.com/sruthi-parthasarathi-ai/f233e53a928e386fffc3053e894ba089", "content": "# MB 1.71 CVE Remediation \u2014 Go + Python Action Plan\n\n**Customer context:** Mercedes-Benz's Security Command Center flagged 272 CVEs on the 1.71 canary cluster. This document covers the **Go (23) and Python (26) CVEs only**. The Maven/Spark CVEs (~120) are being handled separately via a cluster config change (disabling Spark 3.4) and are not in scope here.\n\n**Target:** PRs up by EOD Thursday, June 12, ahead of the June 15 MB meeting.\n\n---\n\n## How to read this doc\n\nThis is organized by team, matching the Slack thread. Each section has:\n- The exact version bumps needed\n- Which files to change\n- A brief note on why a particular fix is scoped the way it is\n\nTwo questions come up repeatedly, so the answers are here upfront:\n\n**Why are `py38` lockfiles being skipped for some packages?**\nThree of the packages \u2014 `aiohttp`, `lxml`, and `pillow` \u2014 have CVE fix versions that dropped Python 3.8 support (`aiohttp >= 3.13.3`, `lxml >= 6.1`, `Pillow >= 11.0` all require Python 3.9+). Fixing the py38 lockfiles would require upgrading our Python 3.8 toolchain first, which is out of scope for June 15. The py38 lockfiles will retain a residual CVE for those three packages until a follow-on py38 retirement effort. This is an accepted risk for now.\n\n**Why focus on these packages and not others?**\nThese are the packages the GCP Security Command Center specifically flagged. The remaining CVEs outside this list (e.g., grpcio, protobuf, numpy, docker) are also present but were either (a) not included in the MB-specific SCC report, (b) already fixed in the versions we're running, or (c) identified as requiring a more complex effort that can't land by June 15. The `govulncheck` and `pip-audit` follow-ons at the bottom of this doc will surface those.\n\n---\n\n## Dev Frameworks\n\n### Go: bump the toolchain \u2014 fixes 15 CVEs including 1 CRITICAL\n\nThe Go runtime on 1.71 is `1.25.5`. The CVE fix requires `1.25.11`. The Go version is pinned in **two separate places** and both need to change:\n\n**1. `WORKSPACE`** \u2014 this is the Bazel build-time toolchain, controls all compiled Go binaries:\n```\n# Change this line:\ngo_register_toolchains(\n    version = \"1.25.5\",\n)\n# To:\ngo_register_toolchains(\n    version = \"1.25.11\",\n)\n```\n\n**2. `go.mod` files** \u2014 the `go` directive and `toolchain` directive are separate from the Bazel pin. Files to update:\n\n| File | What to change |\n|---|---|\n| `go.mod` (root) | `go 1.25.5` \u2192 `go 1.25.11` |\n| `internal_apps/apps/apx/go.mod` | `go 1.25.0` \u2192 `go 1.25.11` |\n| `apps_platform/lib/*/go.mod` (8 files) | `toolchain go1.25.8` \u2192 `toolchain go1.25.11` |\n| `apps_platform/platform/*/go.mod` (6 files) | `toolchain go1.25.5` or `go1.25.8` \u2192 `toolchain go1.25.11` |\n\nThere are no breaking changes between 1.25.5 and 1.25.11 \u2014 this is a patch-series security release.\n\n---\n\n### Go: bump `go-jose/v4` \u2014 quick win\n\n| Package | Current | Fix | Where |\n|---|---|---|---|\n| `github.com/go-jose/go-jose/v4` | `v4.1.3` (main go.mod, indirect) | `v4.1.5` | `go.mod` + all `apps_platform/*/go.mod` |\n\nThis is an indirect dependency pulled in through OIDC/OAuth libraries. Fix: `go get github.com/go-jose/go-jose/v4@v4.1.5 && go mod tidy`. No API changes.\n\n---\n\n### Python: lockfile bumps\n\nFor Python fixes, the workflow is: bump the version in the relevant `requirements.txt` input files, then regenerate the compiled lockfiles. The compiled lockfiles (`requirements_compiled_*.txt`) are what actually gets installed \u2014 they need to be regenerated after any input change.\n\n#### `h11` \u2192 `0.16.0` \u2014 **CRITICAL, highest priority Python fix**\n\n`h11` is uvicorn's HTTP/1.1 implementation. CVE-2025-43859 allows HTTP request smuggling via malformed chunked encoding. Services using uvicorn (`web_services/sre/`, model_management autodistill server, `gen_ai/spec_in_the_loop/server/`) are the exposed surface.\n\nLockfiles to regenerate (the `py39` and `py310` lockfiles are already at `0.16.0` \u2014 only these need updating):\n\n| File | Current |\n|---|---|\n| `tools/build/requirements_compiled_py311.txt` | `0.14.0` |\n| `tools/build/requirements_compiled_py311_windows.txt` | `0.14.0` |\n| `tools/build/requirements_compiled_py312.txt` | `0.14.0` |\n| `tools/build/requirements_compiled_py312_windows.txt` | `0.14.0` |\n| `tools/build/requirements_compiled_tools.txt` | `0.14.0` |\n| `dev/containers/ci/requirements_compiled_buildkite.txt` | `0.14.0` |\n| `dev/containers/dev/requirements_compiled_devdocker.txt` | `0.14.0` |\n\nNo API changes. Fastest fix in the entire list.\n\n---\n\n#### `cryptography` \u2192 `44.0.1+`\n\nCVE-2024-26130 / CVE-2024-12797. Used in TLS cert handling, JWT signing, image signing. Most affected path: the cluster cert pipeline (`tools/scripts/minikube/setup/tls.py`, `tools/scripts/sign_images.py`).\n\nThe `buildkite` (`44.0.3`) and `devdocker` (`46.0.5`) containers are already fixed. The following still need updating:\n\n| File | Current |\n|---|---|\n| `tools/build/requirements_compiled_py38.txt` | `43.0.3` |\n| `tools/build/requirements_compiled_py39.txt` | `43.0.3` |\n| `tools/build/requirements_compiled_py310.txt` | `43.0.3` |\n| `tools/build/requirements_compiled_py311.txt` | `43.0.3` |\n| `tools/build/requirements_compiled_py312.txt` | `43.0.3` |\n| `tools/build/requirements_compiled_tools.txt` | `43.0.3` |\n| `dev/containers/genai-dev/requirements_compiled_genai-dev.txt` | `43.0.3` |\n| `adp/services/scenario_post_processor/requirements_compiled_py311.txt` | `43.0.3` |\n| `adp/services/axion_rl/genesis/requirements_compiled_py311.txt` | `43.0.3` |\n| All Windows variants (py38\u2013py312) | `43.0.3` |\n\nNote: `cryptography` has a Rust extension \u2014 make sure the build environment has Cargo. CI containers already do.\n\nNo breaking changes in the 43 \u2192 44 bump for the usages in this codebase.\n\n---\n\n#### `gitpython` \u2192 `3.1.44+`\n\nCVE-2024-22190 (shell injection via malformed git URLs). Used in CI tooling and workbench release scripts \u2014 not in any running cluster service. This is a pure patch release with no API changes, and importantly it **does support py38**, so all lockfiles get the fix (no py38 exception here).\n\nAll 10 lockfiles need updating: `py38`, `py39`, `py310`, `py311`, `py312` (Linux + Windows).\n\n---\n\n#### `aiohttp` \u2192 `3.13.3+` (py39\u2013py312 only)\n\nUsed in `lilypad/images/ray_history_server/`, `tools/gen_ai/crashbot/`, `tools/log_flume/`, and as a transitive dependency via `aioboto3` in the data access layer.\n\n**py38 lockfiles (`requirements_compiled_py38.txt`, `requirements_compiled_py38_windows.txt`) are intentionally skipped** \u2014 `aiohttp >= 3.13.3` requires Python 3.9+, so these files cannot receive the fix without a Python toolchain upgrade.\n\nLockfiles to regenerate: `py39`, `py310`, `py311`, `py312` (Linux + Windows, 8 files) + `dev/containers/genai-dev/requirements_compiled_genai-dev.txt`.\n\n---\n\n#### `pillow` \u2192 `11.0.0+` (py39\u2013py312 only)\n\nUsed in `gen_ai/` Triton inference pipelines, `synthetic_datasets/`, `tools/vehiclesim/`. The `axion_rl/genesis` lockfile is already at `12.1.1` and the `helix hdp_3_11` lockfile is at `11.3.0` \u2014 those are fine.\n\n**py38 lockfiles are intentionally skipped** \u2014 Pillow 11.x dropped Python 3.8 support.\n\nLockfiles to regenerate: `py39`\u2013`py312` (Linux + Windows), `tools` lockfile, `genai-dev`, `helix hdp_3_9`.\n\n---\n\n#### `lxml` \u2192 `6.1+` (py39\u2013py312 only)\n\nUsed in OpenDrive and VTD XML map parsers (`simian/modules/map/opendrive/`, `simian/modules/vtd/vtd_parser.py`), OpenScenario exporter, and map conversion pipeline.\n\n**py38 lockfiles are intentionally skipped** \u2014 lxml 6.x dropped Python 3.8 support.\n\n\u26a0\ufe0f lxml 5.x \u2192 6.x is a major version bump. The XML parser has stricter defaults in 6.0. The OpenDrive and OSC parsers use `lxml.etree` directly \u2014 do a quick test pass to make sure scenario XML and map XML still parse correctly before merging.\n\nLockfiles to regenerate: `py39`\u2013`py312` (Linux + Windows), `tools` lockfile, `helix hdp_3_9` (helix team owns this one), `helix hdp_3_11` (currently at `6.0.2`, still needs bump to `6.1+`).\n\n---\n\n## Cloud Infra (Antonia Adler)\n\n### `azure-core` \u2192 `1.38.0+`\n\nUsed in `adp/lib/secrets/azure_key_vault.py`, `adp/lib/postgres/auth/azure_get_managed_identity_token.py`, and the Azure Blob Storage access layer (`adp/lib/file_access_layer/py/az/`). Particularly relevant for the MB cluster since it uses Azure Managed Identity for Postgres auth.\n\nWhen bumping `azure-core`, check `azure-identity` and `azure-storage-blob` versions in the same lockfiles for compatibility \u2014 they may need to be bumped in tandem.\n\n| File | Current |\n|---|---|\n| `tools/build/requirements_compiled_py39.txt` | `1.28.0` |\n| `tools/build/requirements_compiled_py310.txt` | `1.28.0` |\n| `tools/build/requirements_compiled_py311.txt` | `1.28.0` |\n| `tools/build/requirements_compiled_py312.txt` | `1.36.0` |\n| All Windows variants (py39\u2013py312) | `1.28.0` / `1.36.0` |\n| `dev/containers/ci/requirements_compiled_buildkite.txt` | `1.36.0` |\n| `dev/containers/genai-dev/requirements_compiled_genai-dev.txt` | `1.32.0` |\n\nPure Python library, no compiled extensions. Should be straightforward.\n\n---\n\n### `h11` in infra containers\n\nThe two infra-owned containers also need `h11` updated (listed in the Dev Frameworks section above but owned here):\n- `dev/containers/ci/requirements_compiled_buildkite.txt`\n- `dev/containers/dev/requirements_compiled_devdocker.txt`\n\n---\n\n### `cryptography` in infra-owned lockfiles\n\n- `tools/on_prem/cluster_creation/requirements_compiled_on_prem.txt` \u2014 `43.0.3` \u2192 `44.0.1+`\n- `spectral/dev/containers/dev/requirements_compiled_spectral_devdocker.txt` \u2014 `43.0.3` \u2192 `44.0.1+` (coordinate with Spectral team if they own this container)\n\n---\n\n### Longer-term flag: `docker/docker` (`v25.0.12` \u2192 `v27.x`)\n\n`github.com/docker/docker` is at `v25.0.12+incompatible` in the main `go.mod`. The CVE fix requires `v27.x`, which is a **major API migration** \u2014 not feasible for June 15. Services using the Docker API directly: `sim_orchestrator/worker/executor/`, `sensor_sim_pool/`, `sensor_sim_downloader/`, `scenario_preview/`, `edge_recorder/`. Worth scheduling as a follow-on sprint item.\n\n---\n\n## Sim Execution (Henry Chen / Sahil Goyal / Conor Martin)\n\n### `pgx/v5` \u2192 `v5.7.4+` in `internal_apps/apps/apx/go.mod` \u2014 CRITICAL\n\n`pgx/v5` (the PostgreSQL driver) has a CRITICAL CVE. The main `go.mod` is at `v5.7.2` which is already above the known vulnerable threshold, but `internal_apps/apps/apx/go.mod` is at `v5.6.0` and needs to be bumped.\n\nThe fix is narrow \u2014 just the `apx` go.mod:\n```\n# internal_apps/apps/apx/go.mod\ngithub.com/jackc/pgx/v5 v5.6.0  \u2192  v5.7.4 (or latest v5.7.x)\n```\n\nRun `go mod tidy` in `internal_apps/apps/apx/` after the bump. No API changes within the v5.7.x series.\n\nNote: If `govulncheck` reveals a separate newer advisory affecting the main `go.mod`'s `v5.7.2`, the scope expands \u2014 that would require bumping the root `go.mod` and recompiling all ~110 Postgres-backed services. That's worth confirming before starting (see the \"next steps\" section at the bottom).\n\n---\n\n### `simpleeval` \u2192 `1.0.5+` (via `casbin` in access control)\n\n`simpleeval` is a dependency of `casbin`, which is the policy-based access control library used in `simian/modules/access_control/`. It only appears in py311 and py39 lockfiles (casbin isn't pulled in from other Python version targets).\n\n| File | Current |\n|---|---|\n| `tools/build/requirements_compiled_py311.txt` | `1.0.3` |\n| `tools/build/requirements_compiled_py311_windows.txt` | `1.0.3` |\n| `tools/build/requirements_compiled_py39.txt` | `0.9.12` |\n| `tools/build/requirements_compiled_py39_windows.txt` | `0.9.12` |\n\nExploitability context: the `simpleeval` CVE is an expression injection / code execution issue. In practice, casbin policy rules in this codebase are stored in Postgres and written by engineers \u2014 they're not dynamically constructed from user HTTP input. So the real-world risk is low, but patching removes it from the SCC report. Pure Python, tiny library, no API changes.\n\n---\n\n### `protobuf` in `scenario_post_processor` \u2014 timeline TBD\n\n`adp/services/scenario_post_processor/requirements_compiled_py311.txt` pins `protobuf==3.20.3`, which is very old (the current line is `4.x`/`5.x`). Multiple CVEs are fixed in the `4.x` series. This is a **major version bump** with meaningful API changes \u2014 the protobuf Python API changed significantly between `3.x` and `4.x`. It needs a proper assessment of what scenario_post_processor calls in the protobuf API before committing to a version. Let us know what's realistic timeline-wise and we can scope it separately if it can't land by June 15.\n\n---\n\n## Recommended next steps (not June 15 scope)\n\nOnce the above PRs are merged, two follow-ons will surface and close the remaining CVEs:\n\n1. **`govulncheck -json ./...`** \u2014 run from the repo root in dev docker. This will give exact GHSA IDs for the remaining 6 Go module CVEs (suspected: `golang.org/x/net`, `IBM/sarama`, and potentially a newer `pgx/v5` advisory). Several of the \"remaining 6\" may already be resolved by the Go toolchain bump.\n\n2. **`pip-audit --requirement tools/build/requirements_compiled_py311.txt --format json`** \u2014 this will surface the remaining ~18 Python CVEs not named in the MB report. Likely candidates include `grpcio 1.63.2` (fix: `1.64.1+`, wide distribution across all lockfiles) and `numpy 1.24.4` in py310/py311 lockfiles (fix: `1.26.0+`).\n\n3. **Retire py38 from the build system** \u2014 this unblocks the three packages (`aiohttp`, `lxml`, `pillow`) that couldn't be fully fixed above. Likely a 1-sprint Dev Frameworks project.\n\n---\n\n*Analysis sourced from `applied3` codebase inspection of `go.mod`, `WORKSPACE`, and all `requirements_compiled_*.txt` lockfiles. Go runtime at `1.25.5`, cluster version 1.71.*\n", "creation_timestamp": "2026-06-09T19:20:47.000000Z"}]}