netbird/advisory-database
0
0
Fork 0
mirror of https://github.com/netbirdio/advisory-database.git synced 2026-05-22 18:04:22 -07:00
Code Issues Packages Projects Releases Wiki Activity

Publish Advisories

Browse Source 
GHSA-9hx9-w2j6-rw76
GHSA-g7pj-3v97-3vxp
GHSA-rvq6-mrpv-m6rm
This commit is contained in:
advisory-database[bot]
2025-04-13 23:27:33 +00:00
parent 680afefb43
commit 21a9489f2a
3 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
advisories/github-reviewed/2017/10/GHSA-9hx9-w2j6-rw76/GHSA-9hx9-w2j6-rw76.json
+3 -3
View File
@@ -1,7 +1,7 @@
{
"schema_version": "1.4.0",
"id": "GHSA-9hx9-w2j6-rw76",
"modified": "2023-07-05T18:52:49Z",
"modified": "2025-04-13T23:26:43Z",
"published": "2017-10-24T18:33:37Z",
"aliases": [
"CVE-2013-2105"
@@ -30,8 +30,8 @@
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84378"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-9hx9-w2j6-rw76"
"type": "PACKAGE",
"url": "https://github.com/jonleung/show_in_browser"
},
{
"type": "WEB",
advisories/github-reviewed/2022/05/GHSA-g7pj-3v97-3vxp/GHSA-g7pj-3v97-3vxp.json
+15 -2
View File
@@ -1,14 +1,19 @@
{
"schema_version": "1.4.0",
"id": "GHSA-g7pj-3v97-3vxp",
"modified": "2023-08-16T23:23:36Z",
"modified": "2025-04-13T23:25:48Z",
"published": "2022-05-17T04:46:09Z",
"aliases": [
"CVE-2014-2921"
],
"summary": "Pimcore Vulnerable to PHP Object Injection Attacks",
"details": "The `getObjectByToken` function in `Newsletter.php` in the `Pimcore_Tool_Newsletter` module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via vectors involving a `Zend_Pdf_ElementFactory_Proxy` object and a pathname with a trailing `\\0` character.",
"severity": [],
"severity": [
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"
}
],
"affected": [
{
"package": {
@@ -43,6 +48,14 @@
"type": "WEB",
"url": "https://github.com/pedrib/PoC/blob/caa03645e256a8b50f1101c983d39586ebc467ee/advisories/pimcore-2.1.0.txt"
},
{
"type": "WEB",
"url": "https://github.com/pedrib/PoC/blob/master/pimcore-2.1.0.txt"
},
{
"type": "PACKAGE",
"url": "https://github.com/pimcore/pimcore"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2014/04/21/1"
advisories/github-reviewed/2022/05/GHSA-rvq6-mrpv-m6rm/GHSA-rvq6-mrpv-m6rm.json
+1 -1
View File
@@ -1,7 +1,7 @@
{
"schema_version": "1.4.0",
"id": "GHSA-rvq6-mrpv-m6rm",
"modified": "2024-09-16T22:13:37Z",
"modified": "2025-04-13T23:27:03Z",
"published": "2022-05-17T03:07:04Z",
"aliases": [
"CVE-2014-0472"