diff --git a/mapping.csv b/mapping.csv index def43e3e03..c97771d23d 100644 --- a/mapping.csv +++ b/mapping.csv @@ -262837,3 +262837,31 @@ vulnerability,CVE-2024-54887,vulnerability--db6f47e0-ea76-43e1-8b86-85e5d5cd8c0e vulnerability,CVE-2024-54762,vulnerability--3c7377b8-b6f3-4d9e-ab5d-dc79b02eb8a3 vulnerability,CVE-2024-10215,vulnerability--d0fc6524-8e19-4628-b87c-52392194fa67 vulnerability,CVE-2024-46505,vulnerability--6170e2aa-ae29-4b21-b4cb-be59b082e954 +vulnerability,CVE-2024-48806,vulnerability--9d8c5f2a-732a-483c-b55d-ca0e6edd74a9 +vulnerability,CVE-2024-13302,vulnerability--edf36a48-4d0c-48e6-b021-6db2470dc720 +vulnerability,CVE-2024-13301,vulnerability--640be19e-328a-47b2-87de-c4f82a8fb4da +vulnerability,CVE-2024-13287,vulnerability--961a2acb-f1db-4bf1-91ae-2f9d735bdb94 +vulnerability,CVE-2024-13299,vulnerability--efbb088c-d8ec-4460-8b5e-736c8f02c12d +vulnerability,CVE-2024-13289,vulnerability--d9039382-78a3-48c9-9b08-8d2c88942618 +vulnerability,CVE-2024-13285,vulnerability--7a7e4e67-1c38-4dd3-905a-30710171c85d +vulnerability,CVE-2024-13291,vulnerability--95070168-3b88-4639-9054-b8c9b05e4907 +vulnerability,CVE-2024-13286,vulnerability--d9aa9d07-873c-46a1-b046-3d1ecc4e207a +vulnerability,CVE-2024-13300,vulnerability--b1c1f701-37ee-43f4-94fa-1517c46fafd6 +vulnerability,CVE-2024-13288,vulnerability--514c597e-88f1-4b1c-beda-ba86ffe6877c +vulnerability,CVE-2024-13292,vulnerability--591abfca-2668-47d3-9761-83104e21f425 +vulnerability,CVE-2024-13298,vulnerability--5296cbd0-e62c-4e7f-9f84-4f168b927849 +vulnerability,CVE-2024-13312,vulnerability--7cdf6b38-00a0-41f9-a8ee-85aa52d24af7 +vulnerability,CVE-2024-13310,vulnerability--d14cdb04-609d-464c-98d2-a5fdfdabe7ea +vulnerability,CVE-2024-13311,vulnerability--ee275885-47b9-4418-a599-64ab9e85b1a2 +vulnerability,CVE-2024-13303,vulnerability--642e1ef0-224d-4964-80b9-95cfa59e3e5e +vulnerability,CVE-2024-13309,vulnerability--84e8cd50-70cf-4d86-bfe4-66cc7572b6fe +vulnerability,CVE-2024-13304,vulnerability--0c081694-7dd4-49cc-b49d-c24554961fdb +vulnerability,CVE-2024-13294,vulnerability--6547f1da-4ec2-4856-b29f-56946a35dfd3 +vulnerability,CVE-2024-13297,vulnerability--513331df-e61c-49df-bbf1-b1350fb02f13 +vulnerability,CVE-2024-13305,vulnerability--7a2ed63c-6de0-42b7-87c7-ad936996012c +vulnerability,CVE-2024-13293,vulnerability--746fc268-90e8-4875-ad09-d7450c298b46 +vulnerability,CVE-2024-13296,vulnerability--75e8f749-5f15-4a69-b303-82bddf10b4fa +vulnerability,CVE-2024-13290,vulnerability--e2db6a63-47d8-4305-afce-9bc88305b6d1 +vulnerability,CVE-2024-13295,vulnerability--dd948502-94a1-428a-aec5-b1b08f07a040 +vulnerability,CVE-2024-13308,vulnerability--b3aa267f-c5fc-4e41-8a30-ac90998f56c1 +vulnerability,CVE-2024-42898,vulnerability--2877ef80-089a-4cae-bb05-60dc34f7b197 diff --git a/objects/vulnerability/vulnerability--0c081694-7dd4-49cc-b49d-c24554961fdb.json b/objects/vulnerability/vulnerability--0c081694-7dd4-49cc-b49d-c24554961fdb.json new file mode 100644 index 0000000000..7d386ffe5e --- /dev/null +++ b/objects/vulnerability/vulnerability--0c081694-7dd4-49cc-b49d-c24554961fdb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--36d9c5f9-ec51-4e2b-a106-08d5be88983e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0c081694-7dd4-49cc-b49d-c24554961fdb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.569667Z", + "modified": "2025-01-09T21:18:39.569667Z", + "name": "CVE-2024-13304", + "description": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request Forgery.This issue affects Minify JS: from 0.0.0 before 3.0.3.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13304" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2877ef80-089a-4cae-bb05-60dc34f7b197.json b/objects/vulnerability/vulnerability--2877ef80-089a-4cae-bb05-60dc34f7b197.json new file mode 100644 index 0000000000..274d2b9d05 --- /dev/null +++ b/objects/vulnerability/vulnerability--2877ef80-089a-4cae-bb05-60dc34f7b197.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dd976bc5-ab8b-4292-8c0a-2ab6c2f74b89", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2877ef80-089a-4cae-bb05-60dc34f7b197", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.825144Z", + "modified": "2025-01-09T21:18:39.825144Z", + "name": "CVE-2024-42898", + "description": "A cross-site scripting (XSS) vulnerability in Nagios XI 2024R1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Account Settings page.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-42898" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--513331df-e61c-49df-bbf1-b1350fb02f13.json b/objects/vulnerability/vulnerability--513331df-e61c-49df-bbf1-b1350fb02f13.json new file mode 100644 index 0000000000..2be26269d9 --- /dev/null +++ b/objects/vulnerability/vulnerability--513331df-e61c-49df-bbf1-b1350fb02f13.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--33ef7be2-1dff-4050-9c17-03ff6838d9b0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--513331df-e61c-49df-bbf1-b1350fb02f13", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.572128Z", + "modified": "2025-01-09T21:18:39.572128Z", + "name": "CVE-2024-13297", + "description": "Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This issue affects Eloqua: from 7.X-* before 7.X-1.15.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13297" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--514c597e-88f1-4b1c-beda-ba86ffe6877c.json b/objects/vulnerability/vulnerability--514c597e-88f1-4b1c-beda-ba86ffe6877c.json new file mode 100644 index 0000000000..2fee545195 --- /dev/null +++ b/objects/vulnerability/vulnerability--514c597e-88f1-4b1c-beda-ba86ffe6877c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6d628df8-6ef6-4b9d-9316-e1eb476fe0c6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--514c597e-88f1-4b1c-beda-ba86ffe6877c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.557632Z", + "modified": "2025-01-09T21:18:39.557632Z", + "name": "CVE-2024-13288", + "description": "Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.This issue affects Monster Menus: from 0.0.0 before 9.3.4, from 9.4.0 before 9.4.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13288" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5296cbd0-e62c-4e7f-9f84-4f168b927849.json b/objects/vulnerability/vulnerability--5296cbd0-e62c-4e7f-9f84-4f168b927849.json new file mode 100644 index 0000000000..8c419191b3 --- /dev/null +++ b/objects/vulnerability/vulnerability--5296cbd0-e62c-4e7f-9f84-4f168b927849.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d8d050e7-c407-4eb7-a2c5-ce006b1664c6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5296cbd0-e62c-4e7f-9f84-4f168b927849", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.561093Z", + "modified": "2025-01-09T21:18:39.561093Z", + "name": "CVE-2024-13298", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Tarte au Citron allows Cross-Site Scripting (XSS).This issue affects Tarte au Citron: from 2.0.0 before 2.0.5.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13298" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--591abfca-2668-47d3-9761-83104e21f425.json b/objects/vulnerability/vulnerability--591abfca-2668-47d3-9761-83104e21f425.json new file mode 100644 index 0000000000..76ed170341 --- /dev/null +++ b/objects/vulnerability/vulnerability--591abfca-2668-47d3-9761-83104e21f425.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b36edf49-2ebc-47a8-b410-eac000fe40b0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--591abfca-2668-47d3-9761-83104e21f425", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.559723Z", + "modified": "2025-01-09T21:18:39.559723Z", + "name": "CVE-2024-13292", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Tooltip allows Cross-Site Scripting (XSS).This issue affects Tooltip: from 0.0.0 before 1.1.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13292" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--640be19e-328a-47b2-87de-c4f82a8fb4da.json b/objects/vulnerability/vulnerability--640be19e-328a-47b2-87de-c4f82a8fb4da.json new file mode 100644 index 0000000000..8755a9f868 --- /dev/null +++ b/objects/vulnerability/vulnerability--640be19e-328a-47b2-87de-c4f82a8fb4da.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--75365370-164a-4d77-96b2-f604086cfcca", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--640be19e-328a-47b2-87de-c4f82a8fb4da", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.543473Z", + "modified": "2025-01-09T21:18:39.543473Z", + "name": "CVE-2024-13301", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) allows Cross-Site Scripting (XSS).This issue affects OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client): from 3.0.0 before 3.44.0, from 4.0.0 before 4.0.19.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13301" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--642e1ef0-224d-4964-80b9-95cfa59e3e5e.json b/objects/vulnerability/vulnerability--642e1ef0-224d-4964-80b9-95cfa59e3e5e.json new file mode 100644 index 0000000000..b46d8630f7 --- /dev/null +++ b/objects/vulnerability/vulnerability--642e1ef0-224d-4964-80b9-95cfa59e3e5e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2a810ae6-6639-4f43-8c05-c7b13b9f4f20", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--642e1ef0-224d-4964-80b9-95cfa59e3e5e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.567613Z", + "modified": "2025-01-09T21:18:39.567613Z", + "name": "CVE-2024-13303", + "description": "Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This issue affects Download All Files: from 0.0.0 before 2.0.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13303" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6547f1da-4ec2-4856-b29f-56946a35dfd3.json b/objects/vulnerability/vulnerability--6547f1da-4ec2-4856-b29f-56946a35dfd3.json new file mode 100644 index 0000000000..e52f0a1245 --- /dev/null +++ b/objects/vulnerability/vulnerability--6547f1da-4ec2-4856-b29f-56946a35dfd3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--80707a29-79f3-45ec-b61a-0eee1ca8bfee", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6547f1da-4ec2-4856-b29f-56946a35dfd3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.57125Z", + "modified": "2025-01-09T21:18:39.57125Z", + "name": "CVE-2024-13294", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal POST File allows Cross-Site Scripting (XSS).This issue affects POST File: from 0.0.0 before 1.0.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13294" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--746fc268-90e8-4875-ad09-d7450c298b46.json b/objects/vulnerability/vulnerability--746fc268-90e8-4875-ad09-d7450c298b46.json new file mode 100644 index 0000000000..16b8c03f93 --- /dev/null +++ b/objects/vulnerability/vulnerability--746fc268-90e8-4875-ad09-d7450c298b46.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6ce6d72c-7b6e-4f36-9898-7fef7acdff0b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--746fc268-90e8-4875-ad09-d7450c298b46", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.574932Z", + "modified": "2025-01-09T21:18:39.574932Z", + "name": "CVE-2024-13293", + "description": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects POST File: from 0.0.0 before 1.0.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13293" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--75e8f749-5f15-4a69-b303-82bddf10b4fa.json b/objects/vulnerability/vulnerability--75e8f749-5f15-4a69-b303-82bddf10b4fa.json new file mode 100644 index 0000000000..409acefcf2 --- /dev/null +++ b/objects/vulnerability/vulnerability--75e8f749-5f15-4a69-b303-82bddf10b4fa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0e20ada4-c09c-462a-893c-c4c22172f959", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--75e8f749-5f15-4a69-b303-82bddf10b4fa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.576027Z", + "modified": "2025-01-09T21:18:39.576027Z", + "name": "CVE-2024-13296", + "description": "Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This issue affects Mailjet: from 0.0.0 before 4.0.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13296" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7a2ed63c-6de0-42b7-87c7-ad936996012c.json b/objects/vulnerability/vulnerability--7a2ed63c-6de0-42b7-87c7-ad936996012c.json new file mode 100644 index 0000000000..40e22c5618 --- /dev/null +++ b/objects/vulnerability/vulnerability--7a2ed63c-6de0-42b7-87c7-ad936996012c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--25fda93f-59dd-4be8-8f2c-aa87dd609e96", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7a2ed63c-6de0-42b7-87c7-ad936996012c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.573697Z", + "modified": "2025-01-09T21:18:39.573697Z", + "name": "CVE-2024-13305", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Entity Form Steps allows Cross-Site Scripting (XSS).This issue affects Entity Form Steps: from 0.0.0 before 1.1.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13305" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7a7e4e67-1c38-4dd3-905a-30710171c85d.json b/objects/vulnerability/vulnerability--7a7e4e67-1c38-4dd3-905a-30710171c85d.json new file mode 100644 index 0000000000..189c47081b --- /dev/null +++ b/objects/vulnerability/vulnerability--7a7e4e67-1c38-4dd3-905a-30710171c85d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--abf7552d-1d50-450c-9a85-5585268b26f8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7a7e4e67-1c38-4dd3-905a-30710171c85d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.551662Z", + "modified": "2025-01-09T21:18:39.551662Z", + "name": "CVE-2024-13285", + "description": "Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13285" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7cdf6b38-00a0-41f9-a8ee-85aa52d24af7.json b/objects/vulnerability/vulnerability--7cdf6b38-00a0-41f9-a8ee-85aa52d24af7.json new file mode 100644 index 0000000000..5b8ca11742 --- /dev/null +++ b/objects/vulnerability/vulnerability--7cdf6b38-00a0-41f9-a8ee-85aa52d24af7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7e67d0fd-a998-474b-874e-96ccdf6139ae", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7cdf6b38-00a0-41f9-a8ee-85aa52d24af7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.56303Z", + "modified": "2025-01-09T21:18:39.56303Z", + "name": "CVE-2024-13312", + "description": "Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 11.8.0 before 12.3.10, from 12.4.0 before 12.4.9.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13312" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--84e8cd50-70cf-4d86-bfe4-66cc7572b6fe.json b/objects/vulnerability/vulnerability--84e8cd50-70cf-4d86-bfe4-66cc7572b6fe.json new file mode 100644 index 0000000000..41957657ad --- /dev/null +++ b/objects/vulnerability/vulnerability--84e8cd50-70cf-4d86-bfe4-66cc7572b6fe.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c8cc6105-62d9-4f82-8ebc-7e9a5be7e33e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--84e8cd50-70cf-4d86-bfe4-66cc7572b6fe", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.568683Z", + "modified": "2025-01-09T21:18:39.568683Z", + "name": "CVE-2024-13309", + "description": "Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13309" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--95070168-3b88-4639-9054-b8c9b05e4907.json b/objects/vulnerability/vulnerability--95070168-3b88-4639-9054-b8c9b05e4907.json new file mode 100644 index 0000000000..cde4ce22f8 --- /dev/null +++ b/objects/vulnerability/vulnerability--95070168-3b88-4639-9054-b8c9b05e4907.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2f88af6f-a441-4134-b37a-8e4c1e18d9d9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--95070168-3b88-4639-9054-b8c9b05e4907", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.553074Z", + "modified": "2025-01-09T21:18:39.553074Z", + "name": "CVE-2024-13291", + "description": "Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful Browsing.This issue affects Basic HTTP Authentication: from 7.X-1.0 before 7.X-1.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13291" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--961a2acb-f1db-4bf1-91ae-2f9d735bdb94.json b/objects/vulnerability/vulnerability--961a2acb-f1db-4bf1-91ae-2f9d735bdb94.json new file mode 100644 index 0000000000..242c09c671 --- /dev/null +++ b/objects/vulnerability/vulnerability--961a2acb-f1db-4bf1-91ae-2f9d735bdb94.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--38a375b7-e0ff-4565-b5ff-7a48d09a0044", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--961a2acb-f1db-4bf1-91ae-2f9d735bdb94", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.544576Z", + "modified": "2025-01-09T21:18:39.544576Z", + "name": "CVE-2024-13287", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting (XSS).This issue affects Views SVG Animation: from 0.0.0 before 1.0.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13287" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9d8c5f2a-732a-483c-b55d-ca0e6edd74a9.json b/objects/vulnerability/vulnerability--9d8c5f2a-732a-483c-b55d-ca0e6edd74a9.json new file mode 100644 index 0000000000..0448d2bcce --- /dev/null +++ b/objects/vulnerability/vulnerability--9d8c5f2a-732a-483c-b55d-ca0e6edd74a9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--09e62772-8b6d-451e-b188-3cf78fd8785c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9d8c5f2a-732a-483c-b55d-ca0e6edd74a9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:37.947804Z", + "modified": "2025-01-09T21:18:37.947804Z", + "name": "CVE-2024-48806", + "description": "Buffer Overflow vulnerability in Neat Board NFC v.1.20240620.0015 allows a physically proximate attackers to escalate privileges via a crafted payload to the password field", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-48806" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b1c1f701-37ee-43f4-94fa-1517c46fafd6.json b/objects/vulnerability/vulnerability--b1c1f701-37ee-43f4-94fa-1517c46fafd6.json new file mode 100644 index 0000000000..a80daef812 --- /dev/null +++ b/objects/vulnerability/vulnerability--b1c1f701-37ee-43f4-94fa-1517c46fafd6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0d001353-a7da-4a60-bafd-8d4051371e45", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b1c1f701-37ee-43f4-94fa-1517c46fafd6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.555466Z", + "modified": "2025-01-09T21:18:39.555466Z", + "name": "CVE-2024-13300", + "description": "Vulnerability in Drupal Print Anything.This issue affects Print Anything: *.*.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13300" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b3aa267f-c5fc-4e41-8a30-ac90998f56c1.json b/objects/vulnerability/vulnerability--b3aa267f-c5fc-4e41-8a30-ac90998f56c1.json new file mode 100644 index 0000000000..34431e9324 --- /dev/null +++ b/objects/vulnerability/vulnerability--b3aa267f-c5fc-4e41-8a30-ac90998f56c1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d80f0b84-e884-4227-b191-1918c007bef6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b3aa267f-c5fc-4e41-8a30-ac90998f56c1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.579703Z", + "modified": "2025-01-09T21:18:39.579703Z", + "name": "CVE-2024-13308", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Button: from 1.0.0 before 2.0.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13308" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d14cdb04-609d-464c-98d2-a5fdfdabe7ea.json b/objects/vulnerability/vulnerability--d14cdb04-609d-464c-98d2-a5fdfdabe7ea.json new file mode 100644 index 0000000000..e4577486b0 --- /dev/null +++ b/objects/vulnerability/vulnerability--d14cdb04-609d-464c-98d2-a5fdfdabe7ea.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5f6b9087-1a8e-4de6-9f7b-4400a528e32a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d14cdb04-609d-464c-98d2-a5fdfdabe7ea", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.564377Z", + "modified": "2025-01-09T21:18:39.564377Z", + "name": "CVE-2024-13310", + "description": "Vulnerability in Drupal Git Utilities for Drupal.This issue affects Git Utilities for Drupal: *.*.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13310" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d9039382-78a3-48c9-9b08-8d2c88942618.json b/objects/vulnerability/vulnerability--d9039382-78a3-48c9-9b08-8d2c88942618.json new file mode 100644 index 0000000000..2843037235 --- /dev/null +++ b/objects/vulnerability/vulnerability--d9039382-78a3-48c9-9b08-8d2c88942618.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4ab125b8-fac0-4eab-adde-d14af5c88f57", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d9039382-78a3-48c9-9b08-8d2c88942618", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.549652Z", + "modified": "2025-01-09T21:18:39.549652Z", + "name": "CVE-2024-13289", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Cookiebot + GTM allows Cross-Site Scripting (XSS).This issue affects Cookiebot + GTM: from 0.0.0 before 1.0.18.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13289" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d9aa9d07-873c-46a1-b046-3d1ecc4e207a.json b/objects/vulnerability/vulnerability--d9aa9d07-873c-46a1-b046-3d1ecc4e207a.json new file mode 100644 index 0000000000..1b6cde4afb --- /dev/null +++ b/objects/vulnerability/vulnerability--d9aa9d07-873c-46a1-b046-3d1ecc4e207a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--71b4c1af-cd73-40c1-bebb-718e94d1c1cc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d9aa9d07-873c-46a1-b046-3d1ecc4e207a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.554153Z", + "modified": "2025-01-09T21:18:39.554153Z", + "name": "CVE-2024-13286", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal SVG Embed allows Cross-Site Scripting (XSS).This issue affects SVG Embed: from 0.0.0 before 2.1.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13286" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--dd948502-94a1-428a-aec5-b1b08f07a040.json b/objects/vulnerability/vulnerability--dd948502-94a1-428a-aec5-b1b08f07a040.json new file mode 100644 index 0000000000..c003fc9fdf --- /dev/null +++ b/objects/vulnerability/vulnerability--dd948502-94a1-428a-aec5-b1b08f07a040.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--beda32ae-92a1-4430-9112-00fc96c655d4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--dd948502-94a1-428a-aec5-b1b08f07a040", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.578692Z", + "modified": "2025-01-09T21:18:39.578692Z", + "name": "CVE-2024-13295", + "description": "Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection.This issue affects Node export: from 7.X-* before 7.X-3.3.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13295" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e2db6a63-47d8-4305-afce-9bc88305b6d1.json b/objects/vulnerability/vulnerability--e2db6a63-47d8-4305-afce-9bc88305b6d1.json new file mode 100644 index 0000000000..04c3a3ac96 --- /dev/null +++ b/objects/vulnerability/vulnerability--e2db6a63-47d8-4305-afce-9bc88305b6d1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--022dd133-4311-4cb1-ba40-5ea6738bf5f8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e2db6a63-47d8-4305-afce-9bc88305b6d1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.577194Z", + "modified": "2025-01-09T21:18:39.577194Z", + "name": "CVE-2024-13290", + "description": "Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This issue affects OhDear Integration: from 0.0.0 before 2.0.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13290" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--edf36a48-4d0c-48e6-b021-6db2470dc720.json b/objects/vulnerability/vulnerability--edf36a48-4d0c-48e6-b021-6db2470dc720.json new file mode 100644 index 0000000000..a83805074a --- /dev/null +++ b/objects/vulnerability/vulnerability--edf36a48-4d0c-48e6-b021-6db2470dc720.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a02113f4-2181-45b7-b06c-83685127c1bb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--edf36a48-4d0c-48e6-b021-6db2470dc720", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.541974Z", + "modified": "2025-01-09T21:18:39.541974Z", + "name": "CVE-2024-13302", + "description": "Incorrect Authorization vulnerability in Drupal Pages Restriction Access allows Forceful Browsing.This issue affects Pages Restriction Access: from 2.0.0 before 2.0.3.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13302" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ee275885-47b9-4418-a599-64ab9e85b1a2.json b/objects/vulnerability/vulnerability--ee275885-47b9-4418-a599-64ab9e85b1a2.json new file mode 100644 index 0000000000..50467916a2 --- /dev/null +++ b/objects/vulnerability/vulnerability--ee275885-47b9-4418-a599-64ab9e85b1a2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2c05b448-341e-4aa1-80c9-d96e7fbd91cb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ee275885-47b9-4418-a599-64ab9e85b1a2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.566015Z", + "modified": "2025-01-09T21:18:39.566015Z", + "name": "CVE-2024-13311", + "description": "Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All File Extensions for file fields: *.*.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13311" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--efbb088c-d8ec-4460-8b5e-736c8f02c12d.json b/objects/vulnerability/vulnerability--efbb088c-d8ec-4460-8b5e-736c8f02c12d.json new file mode 100644 index 0000000000..451c9b4c9b --- /dev/null +++ b/objects/vulnerability/vulnerability--efbb088c-d8ec-4460-8b5e-736c8f02c12d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--25b7374a-e768-487d-ae33-6f3109970bca", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--efbb088c-d8ec-4460-8b5e-736c8f02c12d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T21:18:39.548022Z", + "modified": "2025-01-09T21:18:39.548022Z", + "name": "CVE-2024-13299", + "description": "Vulnerability in Drupal Megamenu Framework.This issue affects Megamenu Framework: *.*.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13299" + } + ] + } + ] +} \ No newline at end of file