-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcvedep.json
105 lines (105 loc) · 3.99 KB
/
cvedep.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
{
"vulnerabilities": [
{
"id": "CVE-2021-40438",
"description": "Server-Side Request Forgery (SSRF) vulnerability",
"known_exploited": true,
"dependencies": {
"features": [
"mod_proxy"
],
"conditions": [
"reverse proxy mode"
],
"configuration": [
""
],
"notes": [
"Requires enabling mod_proxy and setup for reverse proxy to be exploitable."
]
},
"resources": {
"nvd": "https://nvd.nist.gov/vuln/detail/cve-2021-40438",
"epss": "https://api.first.org/data/v1/epss?cve=CVE-2021-40438",
"official_advisory": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-40438",
"poc": "https://firzen.de/building-a-poc-for-cve-2021-40438",
"bugs": "https://bugzilla.redhat.com/show_bug.cgi?id=2005117",
"patches": "https://svn.apache.org/viewvc?view=revision&revision=1892814"
},
"metadata": {
"date_added": "2024-10-16",
"last_updated": "2024-10-16",
"contributor": "@nickpending"
}
},
{
"id": "CVE-2020-11984",
"description": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE",
"known_exploited": false,
"dependencies": {
"features": [
"proxy_uwsgi",
"mod_http2"
],
"conditions": [
"LimitRequestFieldSize"
],
"configuration": [
"The server must be configured to use mod_proxy_uwsgi to forward requests to a backend uWSGI server"
],
"notes": [
"If UWSGI is explicitly configured in persistent mode (puwsgi), this can also be used to smuggle a second UWSGI request leading to remote code execution.",
"In its standard configuration UWSGI only supports a single request per connection, making request smuggling impossible",
"mod_http2 incorrectly enforced LimitRequestFieldSize before R1863276"
]
},
"resources": {
"nvd": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984",
"epss": "https://api.first.org/data/v1/epss?cve=CVE-2021-11984",
"official_advisory": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984",
"poc": "https://github.com/RubenBar/MLW-upcrans",
"bugs": "https://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html",
"patches": "https://svn.apache.org/viewvc?view=revision&revision=1880251"
},
"metadata": {
"date_added": "2024-10-16",
"last_updated": "2024-10-16",
"contributor": "@nickpending"
}
},
{
"id": "CVE-2024-53677",
"description": "File upload logic is flawed vulnerability in Apache Struts.",
"known_exploited": false,
"dependencies": {
"features": [
"FileUploadInterceptor"
],
"conditions": [
"Accessible upload endpoint"
],
"configuration": [
"The server must be using the deprecated FileUploadInterceptor"
],
"notes": [
"This issue affects Apache Struts: from 2.0.0 before 6.4.0.",
"This change isn't backward compatible as you must rewrite your actions to start using the new Action File Upload mechanism and related interceptor. Keep using the old File Upload mechanism keeps you vulnerable to this attack.",
"Applications NOT using FileUploadInterceptor are safe"
]
},
"resources": {
"nvd": "https://nvd.nist.gov/vuln/detail/CVE-2024-53677",
"epss": "https://api.first.org/data/v1/epss?cve=CVE-2024-53677",
"official_advisory": "https://cwiki.apache.org/confluence/display/WW/S2-067",
"poc": "https://github.com/TAM-K592/CVE-2024-53677-S2-067",
"bugs": "",
"patches": ""
},
"metadata": {
"date_added": "2024-12-17",
"last_updated": "2024-12-17",
"contributor": "@nickpending"
}
}
]
}