csaf_suse - suse-su-2024:3950-1

suse-su-2024:3950-1

Vulnerability from csaf_suse

Published

2024-11-08 07:57

Modified

2024-11-08 07:57

Summary

Security update for govulncheck-vulndb

Notes

Title of the patch

Security update for govulncheck-vulndb

Description of the patch

This update for govulncheck-vulndb fixes the following issues: - Update to version 0.0.20241104T154416 2024-11-04T15:44:16Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3233 CVE-2024-46872 GHSA-762g-9p7f-mrww * GO-2024-3234 CVE-2024-47401 GHSA-762v-rq7q-ff97 * GO-2024-3235 CVE-2024-50052 GHSA-g376-m3h3-mj4r * GO-2024-3237 CVE-2024-0133 GHSA-f748-7hpg-88ch * GO-2024-3239 CVE-2024-0132 GHSA-mjjw-553x-87pq * GO-2024-3240 CVE-2024-10452 GHSA-66c4-2g2v-54qw * GO-2024-3241 CVE-2024-10006 GHSA-5c4w-8hhh-3c3h * GO-2024-3242 CVE-2024-10086 GHSA-99wr-c2px-grmh * GO-2024-3243 CVE-2024-10005 GHSA-chgm-7r52-whjj - Update to version 0.0.20241101T215616 2024-11-01T21:56:16Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3244 CVE-2024-50354 GHSA-cph5-3pgr-c82g * GO-2024-3245 CVE-2024-39720 * GO-2024-3246 CVE-2024-8185 GHSA-g233-2p4r-3q7v

Patchnames

SUSE-2024-3950,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3950,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3950,openSUSE-SLE-15.5-2024-3950,openSUSE-SLE-15.6-2024-3950

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for govulncheck-vulndb",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for govulncheck-vulndb fixes the following issues:\n\n- Update to version 0.0.20241104T154416 2024-11-04T15:44:16Z.\n  Refs jsc#PED-11136\n  Go CVE Numbering Authority IDs added or updated with aliases:\n  * GO-2024-3233 CVE-2024-46872 GHSA-762g-9p7f-mrww\n  * GO-2024-3234 CVE-2024-47401 GHSA-762v-rq7q-ff97\n  * GO-2024-3235 CVE-2024-50052 GHSA-g376-m3h3-mj4r\n  * GO-2024-3237 CVE-2024-0133 GHSA-f748-7hpg-88ch\n  * GO-2024-3239 CVE-2024-0132 GHSA-mjjw-553x-87pq\n  * GO-2024-3240 CVE-2024-10452 GHSA-66c4-2g2v-54qw\n  * GO-2024-3241 CVE-2024-10006 GHSA-5c4w-8hhh-3c3h\n  * GO-2024-3242 CVE-2024-10086 GHSA-99wr-c2px-grmh\n  * GO-2024-3243 CVE-2024-10005 GHSA-chgm-7r52-whjj\n\n- Update to version 0.0.20241101T215616 2024-11-01T21:56:16Z.\n  Refs jsc#PED-11136\n  Go CVE Numbering Authority IDs added or updated with aliases:\n  * GO-2024-3244 CVE-2024-50354 GHSA-cph5-3pgr-c82g\n  * GO-2024-3245 CVE-2024-39720\n  * GO-2024-3246 CVE-2024-8185 GHSA-g233-2p4r-3q7v\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-3950,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3950,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3950,openSUSE-SLE-15.5-2024-3950,openSUSE-SLE-15.6-2024-3950",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3950-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:3950-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243950-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:3950-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019795.html"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0132 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0132/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0133 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0133/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10005 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10005/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10006 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10006/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10086 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10086/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-10452 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-10452/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-39720 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-39720/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-46872 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-46872/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-47401 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-47401/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50052 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50052/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50354 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50354/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8185 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8185/"
      }
    ],
    "title": "Security update for govulncheck-vulndb",
    "tracking": {
      "current_release_date": "2024-11-08T07:57:33Z",
      "generator": {
        "date": "2024-11-08T07:57:33Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:3950-1",
      "initial_release_date": "2024-11-08T07:57:33Z",
      "revision_history": [
        {
          "date": "2024-11-08T07:57:33Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
                "product": {
                  "name": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
                  "product_id": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        },
        "product_reference": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        },
        "product_reference": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        },
        "product_reference": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        },
        "product_reference": "govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-0132",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0132"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0132",
          "url": "https://www.suse.com/security/cve/CVE-2024-0132"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231033 for CVE-2024-0132",
          "url": "https://bugzilla.suse.com/1231033"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-0132"
    },
    {
      "cve": "CVE-2024-0133",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0133"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0133",
          "url": "https://www.suse.com/security/cve/CVE-2024-0133"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231032 for CVE-2024-0133",
          "url": "https://bugzilla.suse.com/1231032"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-0133"
    },
    {
      "cve": "CVE-2024-10005",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10005"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was identified in Consul and Consul Enterprise (\"Consul\") such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10005",
          "url": "https://www.suse.com/security/cve/CVE-2024-10005"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-10005"
    },
    {
      "cve": "CVE-2024-10006",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10006"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was identified in Consul and Consul Enterprise (\"Consul\") such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10006",
          "url": "https://www.suse.com/security/cve/CVE-2024-10006"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-10006"
    },
    {
      "cve": "CVE-2024-10086",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10086"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10086",
          "url": "https://www.suse.com/security/cve/CVE-2024-10086"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-10086"
    },
    {
      "cve": "CVE-2024-10452",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-10452"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Organization admins can delete pending invites created in an organization they are not part of.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-10452",
          "url": "https://www.suse.com/security/cve/CVE-2024-10452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232569 for CVE-2024-10452",
          "url": "https://bugzilla.suse.com/1232569"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "low"
        }
      ],
      "title": "CVE-2024-10452"
    },
    {
      "cve": "CVE-2024-39720",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-39720"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-39720",
          "url": "https://www.suse.com/security/cve/CVE-2024-39720"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232794 for CVE-2024-39720",
          "url": "https://bugzilla.suse.com/1232794"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-39720"
    },
    {
      "cve": "CVE-2024-46872",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-46872"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 9.10.x \u003c= 9.10.2, 9.11.x \u003c= 9.11.1, 9.5.x \u003c= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in Playbooks",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-46872",
          "url": "https://www.suse.com/security/cve/CVE-2024-46872"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-46872"
    },
    {
      "cve": "CVE-2024-47401",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-47401"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 9.10.x \u003c= 9.10.2, 9.11.x \u003c= 9.11.1 and 9.5.x \u003c= 9.5.9 fail to  prevent detailed error messages from being displayed  in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by sending a specially crafted request to Playbooks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-47401",
          "url": "https://www.suse.com/security/cve/CVE-2024-47401"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-47401"
    },
    {
      "cve": "CVE-2024-50052",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50052"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mattermost versions 9.10.x \u003c= 9.10.2, 9.11.x \u003c= 9.11.1, 9.5.x \u003c= 9.5.9 fail to  check that the origin of the message in an integration action matches with the original post metadata  which allows an authenticated user to delete an arbitrary post.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50052",
          "url": "https://www.suse.com/security/cve/CVE-2024-50052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-50052"
    },
    {
      "cve": "CVE-2024-50354",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50354"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot of resources and triggering a crash with the error fatal error: runtime: out of memory.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50354",
          "url": "https://www.suse.com/security/cve/CVE-2024-50354"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-50354"
    },
    {
      "cve": "CVE-2024-8185",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8185"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vault Community and Vault Enterprise (\"Vault\") clusters using Vault\u0027s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself.\n\nThis vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
          "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8185",
          "url": "https://www.suse.com/security/cve/CVE-2024-8185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232752 for CVE-2024-8185",
          "url": "https://bugzilla.suse.com/1232752"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch",
            "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-08T07:57:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-8185"
    }
  ]
}

CVE-2024-46872 (GCVE-0-2024-46872)

Vulnerability from cvelistv5

Published

2024-10-29 08:12

Modified

2024-10-29 12:51

Severity ?

4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

CWE

CWE-352 - Cross-Site Request Forgery (CSRF)

Summary

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in Playbooks

References

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 9.10.0 ≤ 9.10.2 Version: 9.11.0 ≤ 9.11.1 Version: 9.5.0 ≤ 9.5.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-46872",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-29T12:51:01.235547Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T12:51:14.111Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "9.10.2",
              "status": "affected",
              "version": "9.10.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.1",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.5.9",
              "status": "affected",
              "version": "9.5.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.0.0"
            },
            {
              "status": "unaffected",
              "version": "9.10.3"
            },
            {
              "status": "unaffected",
              "version": "9.11.2"
            },
            {
              "status": "unaffected",
              "version": "9.5.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "DoyenSec"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 9.10.x \u0026lt;= 9.10.2, 9.11.x \u0026lt;= 9.11.1, 9.5.x \u0026lt;= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in Playbooks\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 9.10.x \u003c= 9.10.2, 9.11.x \u003c= 9.11.1, 9.5.x \u003c= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in Playbooks"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CWE-352: Cross-Site Request Forgery (CSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-29T08:12:12.736Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.0.0, 9.10.3, 9.11.2, 9.5.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.0.0, 9.10.3, 9.11.2, 9.5.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00366",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-58842"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Client-Side Path Traversal Leading to CSRF in Playbooks",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2024-46872",
    "datePublished": "2024-10-29T08:12:12.736Z",
    "dateReserved": "2024-10-21T16:12:47.134Z",
    "dateUpdated": "2024-10-29T12:51:14.111Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-0133 (GCVE-0-2024-0133)

Vulnerability from cvelistv5

Published

2024-09-26 05:21

Modified

2024-09-26 13:30

Severity ?

4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N

CWE

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Summary

NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.

References

URL

Tags

https://nvidia.custhelp.com/app/answers/detail/a_id/5582

Impacted products

Vendor

Product

Version

NVIDIA

Container Toolkit

Version: All versions up to and including v1.16.1

NVIDIA

GPU Operator

Version: All versions up to and including 24.6.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0133",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T13:30:24.651473Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-26T13:30:42.127Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "Container Toolkit",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions up to and including v1.16.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "GPU Operator",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions up to and including 24.6.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.\u003c/span\u003e"
            }
          ],
          "value": "NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Data tampering"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-26T05:21:33.599Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5582"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2024-0133",
    "datePublished": "2024-09-26T05:21:33.599Z",
    "dateReserved": "2023-12-02T00:42:44.017Z",
    "dateUpdated": "2024-09-26T13:30:42.127Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10005 (GCVE-0-2024-10005)

Vulnerability from cvelistv5

Published

2024-10-30 21:19

Modified

2025-01-10 13:06

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)

Summary

A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.

References

URL

Tags

https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass

Impacted products

Vendor

Product

Version

Version: 1.9.0 ≤

Version: 1.9.0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hashicorp:consul:-:*:*:*:enterprise:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "consul",
            "vendor": "hashicorp",
            "versions": [
              {
                "lessThan": "1.20.1",
                "status": "affected",
                "version": "1.9.0",
                "versionType": "semver"
              },
              {
                "status": "unaffected",
                "version": "1.19.3"
              },
              {
                "status": "unaffected",
                "version": "1.18.5"
              },
              {
                "status": "unaffected",
                "version": "1.15.15"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "consul",
            "vendor": "hashicorp",
            "versions": [
              {
                "lessThan": "1.20.1",
                "status": "affected",
                "version": "1.9.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10005",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-31T13:59:37.966921Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T14:01:55.370Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-10T13:06:39.935Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250110-0004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Consul",
          "repo": "https://github.com/hashicorp/consul",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "1.20.1",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Consul Enterprise",
          "repo": "https://github.com/hashicorp/consul",
          "vendor": "HashiCorp",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.19.3",
                  "status": "unaffected"
                },
                {
                  "at": "1.18.5",
                  "status": "unaffected"
                },
                {
                  "at": "1.15.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "1.20.1",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.\u003c/p\u003e\u003cbr/\u003e"
            }
          ],
          "value": "A vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-126",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-126: Path Traversal"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-30T21:19:22.576Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass"
        }
      ],
      "source": {
        "advisory": "HCSEC-2024-22",
        "discovery": "EXTERNAL"
      },
      "title": "Consul L7 Intentions Vulnerable To URL Path Bypass"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2024-10005",
    "datePublished": "2024-10-30T21:19:22.576Z",
    "dateReserved": "2024-10-15T17:46:30.633Z",
    "dateUpdated": "2025-01-10T13:06:39.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10086 (GCVE-0-2024-10086)

Vulnerability from cvelistv5

Published

2024-10-30 21:21

Modified

2025-01-10 13:06

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation

Summary

A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.

References

URL

Tags

https://discuss.hashicorp.com/t/hcsec-2024-24-consul-vulnerable-to-reflected-xss-on-content-type-error-manipulation

Impacted products

Vendor

Product

Version

Version: 1.4.1 ≤

Version: 1.4.1 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10086",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-31T13:49:16.403136Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T13:49:28.120Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-10T13:06:42.658Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250110-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Consul",
          "repo": "https://github.com/hashicorp/consul",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "1.20.0",
              "status": "affected",
              "version": "1.4.1",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Consul Enterprise",
          "repo": "https://github.com/hashicorp/consul",
          "vendor": "HashiCorp",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.19.3",
                  "status": "unaffected"
                },
                {
                  "at": "1.18.5",
                  "status": "unaffected"
                },
                {
                  "at": "1.15.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "1.20.0",
              "status": "affected",
              "version": "1.4.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.\u003c/p\u003e\u003cbr/\u003e"
            }
          ],
          "value": "A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-63",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-63: Cross-Site Scripting (XSS)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-30T21:21:46.559Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2024-24-consul-vulnerable-to-reflected-xss-on-content-type-error-manipulation"
        }
      ],
      "source": {
        "advisory": "HCSEC-2024-24",
        "discovery": "EXTERNAL"
      },
      "title": "Consul Vulnerable To Reflected XSS On Content-Type Error Manipulation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2024-10086",
    "datePublished": "2024-10-30T21:21:46.559Z",
    "dateReserved": "2024-10-17T15:23:28.133Z",
    "dateUpdated": "2025-01-10T13:06:42.658Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39720 (GCVE-0-2024-39720)

Vulnerability from cvelistv5

Published

2024-10-31 00:00

Modified

2024-11-01 15:20

Severity ?

8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

CWE

Summary

An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation).

References

URL

Tags

	https://github.com/ollama/ollama/compare/v0.1.45...v0.1.46#diff-782c2737eecfa83b7cb46a77c8bdaf40023e7067baccd4f806ac5517b4563131L417
	https://oligo.security/blog/more-models-more-probllms

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ollama",
            "vendor": "ollama",
            "versions": [
              {
                "lessThan": "0.1.46",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.2,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-39720",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-01T15:18:50.666671Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T15:20:12.939Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-01T13:44:48.589574",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ollama/ollama/compare/v0.1.45...v0.1.46#diff-782c2737eecfa83b7cb46a77c8bdaf40023e7067baccd4f806ac5517b4563131L417"
        },
        {
          "url": "https://oligo.security/blog/more-models-more-probllms"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-39720",
    "datePublished": "2024-10-31T00:00:00",
    "dateReserved": "2024-06-28T00:00:00",
    "dateUpdated": "2024-11-01T15:20:12.939Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47401 (GCVE-0-2024-47401)

Vulnerability from cvelistv5

Published

2024-10-29 08:11

Modified

2024-10-29 12:52

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Summary

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1 and 9.5.x <= 9.5.9 fail to prevent detailed error messages from being displayed in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by sending a specially crafted request to Playbooks.

References

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 9.10.0 ≤ 9.10.2 Version: 9.11.0 ≤ 9.11.1 Version: 9.5.0 ≤ 9.5.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47401",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-29T12:51:53.557835Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T12:52:04.161Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "9.10.2",
              "status": "affected",
              "version": "9.10.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.1",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.5.9",
              "status": "affected",
              "version": "9.5.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.0.0"
            },
            {
              "status": "unaffected",
              "version": "9.10.3"
            },
            {
              "status": "unaffected",
              "version": "9.11.2"
            },
            {
              "status": "unaffected",
              "version": "9.5.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "DoyenSec"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 9.10.x \u0026lt;= 9.10.2, 9.11.x \u0026lt;= 9.11.1 and 9.5.x \u0026lt;= 9.5.9 fail to\u0026nbsp;prevent detailed error messages from being displayed\u0026nbsp;in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by sending a specially crafted request to Playbooks.\u0026nbsp;\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 9.10.x \u003c= 9.10.2, 9.11.x \u003c= 9.11.1 and 9.5.x \u003c= 9.5.9 fail to\u00a0prevent detailed error messages from being displayed\u00a0in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by sending a specially crafted request to Playbooks."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-29T08:11:17.553Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.0.0, 9.10.3, 9.11.2, 9.5.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.0.0, 9.10.3, 9.11.2, 9.5.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00360",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-58790"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "DoS via Amplified GraphQL Response in Playbooks",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2024-47401",
    "datePublished": "2024-10-29T08:11:17.553Z",
    "dateReserved": "2024-10-21T16:12:47.128Z",
    "dateUpdated": "2024-10-29T12:52:04.161Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-50354 (GCVE-0-2024-50354)

Vulnerability from cvelistv5

Published

2024-10-31 15:59

Modified

2024-10-31 16:53

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot of resources and triggering a crash with the error fatal error: runtime: out of memory.

References

URL

Tags

	https://github.com/Consensys/gnark/security/advisories/GHSA-cph5-3pgr-c82g	x_refsource_CONFIRM
	https://github.com/Consensys/gnark/pull/1307	x_refsource_MISC
	https://github.com/Consensys/gnark/commit/47ae846339add2bdf9983e499342bfdfe195191d	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Consensys	gnark	Version: <= 0.11.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:consensys:gnark:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "gnark",
            "vendor": "consensys",
            "versions": [
              {
                "lessThanOrEqual": "0.11.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50354",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-31T16:52:29.171674Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T16:53:21.298Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gnark",
          "vendor": "Consensys",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 0.11.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot of resources and triggering a crash with the error fatal error: runtime: out of memory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-31T15:59:30.063Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Consensys/gnark/security/advisories/GHSA-cph5-3pgr-c82g",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Consensys/gnark/security/advisories/GHSA-cph5-3pgr-c82g"
        },
        {
          "name": "https://github.com/Consensys/gnark/pull/1307",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Consensys/gnark/pull/1307"
        },
        {
          "name": "https://github.com/Consensys/gnark/commit/47ae846339add2bdf9983e499342bfdfe195191d",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Consensys/gnark/commit/47ae846339add2bdf9983e499342bfdfe195191d"
        }
      ],
      "source": {
        "advisory": "GHSA-cph5-3pgr-c82g",
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-memory during deserialization with crafted inputs"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-50354",
    "datePublished": "2024-10-31T15:59:30.063Z",
    "dateReserved": "2024-10-22T17:54:40.958Z",
    "dateUpdated": "2024-10-31T16:53:21.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8185 (GCVE-0-2024-8185)

Vulnerability from cvelistv5

Published

2024-10-31 15:14

Modified

2024-10-31 17:11

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-636 - Not Failing Securely (Failing Open)

Summary

Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself. This vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12.

References

URL

Tags

https://discuss.hashicorp.com/t/hcsec-2024-26-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-processing-raft-cluster-join-requests/71047

Impacted products

Vendor

Product

Version

Version: 1.2.0 ≤

Version: 1.2.0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "vault",
            "vendor": "hashicorp",
            "versions": [
              {
                "lessThan": "1.18.1",
                "status": "affected",
                "version": "1.2.0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "1.17.8"
              },
              {
                "status": "unaffected",
                "version": "1.16.12"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hashicorp:vault:*:*:*:*:community:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "vault",
            "vendor": "hashicorp",
            "versions": [
              {
                "lessThan": "1.18.1",
                "status": "affected",
                "version": "1.2.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8185",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-31T16:54:01.728268Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T17:11:35.647Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Vault",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "1.18.1",
              "status": "affected",
              "version": "1.2.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Vault Enterprise",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.17.8",
                  "status": "unaffected"
                },
                {
                  "at": "1.16.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "1.18.1",
              "status": "affected",
              "version": "1.2.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eVault Community and Vault Enterprise (\u201cVault\u201d) clusters using Vault\u2019s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself.\n\nThis vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12.\u003c/p\u003e\u003cbr/\u003e"
            }
          ],
          "value": "Vault Community and Vault Enterprise (\u201cVault\u201d) clusters using Vault\u2019s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself.\n\nThis vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-469",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-469: HTTP DoS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-636",
              "description": "CWE-636: Not Failing Securely (Failing Open)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-31T15:14:55.145Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2024-26-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-processing-raft-cluster-join-requests/71047"
        }
      ],
      "source": {
        "advisory": "HCSEC-2024-26",
        "discovery": "INTERNAL"
      },
      "title": "Vault Vulnerable to Denial of Service When Processing Raft Join Requests"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2024-8185",
    "datePublished": "2024-10-31T15:14:55.145Z",
    "dateReserved": "2024-08-26T16:24:04.547Z",
    "dateUpdated": "2024-10-31T17:11:35.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-0132 (GCVE-0-2024-0132)

Vulnerability from cvelistv5

Published

2024-09-26 05:18

Modified

2024-09-27 03:55

Severity ?

9.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Summary

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

References

URL

Tags

https://nvidia.custhelp.com/app/answers/detail/a_id/5582

Impacted products

Vendor

Product

Version

NVIDIA

Container Toolkit

Version: All versions up to and including v1.16.1

NVIDIA

GPU Operator

Version: All versions up to and including 24.6.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:nvidia:container_toolkit:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "container_toolkit",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThanOrEqual": "1.16.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:nvidia:gpu_operator:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "gpu_operator",
            "vendor": "nvidia",
            "versions": [
              {
                "lessThanOrEqual": "24.6.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0132",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-27T03:55:16.649Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "Container Toolkit",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions up to and including v1.16.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "GPU Operator",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions up to and including 24.6.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\u003c/span\u003e"
            }
          ],
          "value": "NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-26T05:18:33.211Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5582"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2024-0132",
    "datePublished": "2024-09-26T05:18:33.211Z",
    "dateReserved": "2023-12-02T00:42:43.107Z",
    "dateUpdated": "2024-09-27T03:55:16.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-50052 (GCVE-0-2024-50052)

Vulnerability from cvelistv5

Published

2024-10-29 08:10

Modified

2024-10-29 12:52

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-862 - Missing Authorization

Summary

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to check that the origin of the message in an integration action matches with the original post metadata which allows an authenticated user to delete an arbitrary post.

References

URL

Tags

https://mattermost.com/security-updates

Impacted products

	Vendor	Product	Version
	Mattermost	Mattermost	Version: 9.10.0 ≤ 9.10.2 Version: 9.11.0 ≤ 9.11.1 Version: 9.5.0 ≤ 9.5.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-50052",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-29T12:52:23.171944Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T12:52:31.657Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "9.10.2",
              "status": "affected",
              "version": "9.10.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.1",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.5.9",
              "status": "affected",
              "version": "9.5.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.0.0"
            },
            {
              "status": "unaffected",
              "version": "9.10.3"
            },
            {
              "status": "unaffected",
              "version": "9.11.2"
            },
            {
              "status": "unaffected",
              "version": "9.5.10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jesse Hallam"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost versions 9.10.x \u0026lt;= 9.10.2, 9.11.x \u0026lt;= 9.11.1, 9.5.x \u0026lt;= 9.5.9 fail to\u0026nbsp;check that the origin of the message in an integration action matches with the original post metadata\u0026nbsp;which allows an authenticated user to delete an arbitrary post.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost versions 9.10.x \u003c= 9.10.2, 9.11.x \u003c= 9.11.1, 9.5.x \u003c= 9.5.9 fail to\u00a0check that the origin of the message in an integration action matches with the original post metadata\u00a0which allows an authenticated user to delete an arbitrary post."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862: Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-29T08:10:17.129Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.0.0, 9.10.3, 9.11.2, 9.5.10 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.0.0, 9.10.3, 9.11.2, 9.5.10 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00350",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-58431"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Arbitrary post deletion via Playbooks /ignore-thread endpoint",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2024-50052",
    "datePublished": "2024-10-29T08:10:17.129Z",
    "dateReserved": "2024-10-21T16:12:47.116Z",
    "dateUpdated": "2024-10-29T12:52:31.657Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10452 (GCVE-0-2024-10452)

Vulnerability from cvelistv5

Published

2024-10-29 15:16

Modified

2024-10-29 15:35

Severity ?

2.2 (Low) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-639 - Authorization Bypass Through User-Controlled Key

Summary

Organization admins can delete pending invites created in an organization they are not part of.

References

URL

Tags

https://grafana.com/security/security-advisories/cve-2024-10452

Impacted products

	Vendor	Product	Version
	Grafana	Grafana	Version: 10.4.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10452",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-29T15:35:24.824806Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T15:35:35.167Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Grafana",
          "vendor": "Grafana",
          "versions": [
            {
              "status": "affected",
              "version": "10.4.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Organization admins can delete pending invites created in an organization they are not part of."
            }
          ],
          "value": "Organization admins can delete pending invites created in an organization they are not part of."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-109",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-109 Object Relational Mapping Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-639",
              "description": "CWE-639 Authorization Bypass Through User-Controlled Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-29T15:16:22.405Z",
        "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "shortName": "GRAFANA"
      },
      "references": [
        {
          "url": "https://grafana.com/security/security-advisories/cve-2024-10452"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
    "assignerShortName": "GRAFANA",
    "cveId": "CVE-2024-10452",
    "datePublished": "2024-10-29T15:16:22.405Z",
    "dateReserved": "2024-10-28T09:08:31.193Z",
    "dateUpdated": "2024-10-29T15:35:35.167Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10006 (GCVE-0-2024-10006)

Vulnerability from cvelistv5

Published

2024-10-30 21:20

Modified

2025-01-10 13:06

Severity ?

8.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CWE

CWE-644 - Improper Neutralization of HTTP Headers

Summary

A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.

References

URL

Tags

https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass

Impacted products

Vendor

Product

Version

Version: 1.9.0 ≤

Version: 1.9.0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hashicorp:consul:-:*:*:*:enterprise:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "consul",
            "vendor": "hashicorp",
            "versions": [
              {
                "lessThan": "1.20.1",
                "status": "affected",
                "version": "1.9.0",
                "versionType": "semver"
              },
              {
                "status": "unaffected",
                "version": "1.19.3"
              },
              {
                "status": "unaffected",
                "version": "1.18.5"
              },
              {
                "status": "unaffected",
                "version": "1.15.15"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hashicorp:consul:*:*:*:*:community:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "consul",
            "vendor": "hashicorp",
            "versions": [
              {
                "lessThan": "1.20.1",
                "status": "affected",
                "version": "1.9.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10006",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-31T13:49:58.696502Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T13:59:13.505Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-10T13:06:41.296Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250110-0005/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Consul",
          "repo": "https://github.com/hashicorp/consul",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "1.20.1",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Consul Enterprise",
          "repo": "https://github.com/hashicorp/consul",
          "vendor": "HashiCorp",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.19.3",
                  "status": "unaffected"
                },
                {
                  "at": "1.18.5",
                  "status": "unaffected"
                },
                {
                  "at": "1.15.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "1.20.1",
              "status": "affected",
              "version": "1.9.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.\u003c/p\u003e\u003cbr/\u003e"
            }
          ],
          "value": "A vulnerability was identified in Consul and Consul Enterprise (\u201cConsul\u201d) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-220",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-220: Client-Server Protocol Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-644",
              "description": "CWE-644: Improper Neutralization of HTTP Headers",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-30T21:20:37.011Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass"
        }
      ],
      "source": {
        "advisory": "HCSEC-2024-23",
        "discovery": "EXTERNAL"
      },
      "title": "Consul L7 Intentions Vulnerable To Headers Bypass"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2024-10006",
    "datePublished": "2024-10-30T21:20:37.011Z",
    "dateReserved": "2024-10-15T17:46:48.500Z",
    "dateUpdated": "2025-01-10T13:06:41.296Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2024:3950-1

Vulnerability from csaf_suse

CVE-2024-46872 (GCVE-0-2024-46872)

Vulnerability from cvelistv5

CVE-2024-0133 (GCVE-0-2024-0133)

Vulnerability from cvelistv5

CVE-2024-10005 (GCVE-0-2024-10005)

Vulnerability from cvelistv5

CVE-2024-10086 (GCVE-0-2024-10086)

Vulnerability from cvelistv5

CVE-2024-39720 (GCVE-0-2024-39720)

Vulnerability from cvelistv5

CVE-2024-47401 (GCVE-0-2024-47401)

Vulnerability from cvelistv5

CVE-2024-50354 (GCVE-0-2024-50354)

Vulnerability from cvelistv5

CVE-2024-8185 (GCVE-0-2024-8185)

Vulnerability from cvelistv5

CVE-2024-0132 (GCVE-0-2024-0132)

Vulnerability from cvelistv5

CVE-2024-50052 (GCVE-0-2024-50052)

Vulnerability from cvelistv5

CVE-2024-10452 (GCVE-0-2024-10452)

Vulnerability from cvelistv5

CVE-2024-10006 (GCVE-0-2024-10006)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature