hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 2933 个文件 - 2026-03-18 11:36:11

浏览代码
这个提交包含在:
hao
2026-03-18 11:36:12 -07:00
父节点 1e9522e1a8
当前提交 13d341e71f
修改 2933 个文件,包含 115508 行新增1353 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

58
08-threat-intel/registry/advisories/adobe-commerce--047932676d.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--047932676d",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB26-05 \u00a0: Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb26-05.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--0a62931b31.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--0a62931b31",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB21-86 \u00a0Security\u202fupdates available\u202ffor Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb21-86.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--0eb3765231.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--0eb3765231",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB20-22 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--1040fafca2.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--1040fafca2",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB20-41 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb20-41.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--1255668bf0.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--1255668bf0",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB24-61 \u00a0: Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--12ae93f161.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--12ae93f161",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB25-88 : Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb25-88.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--3f204ca99f.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--3f204ca99f",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB22-38\u00a0 :\u00a0Security update available for Adobe\u00a0Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--4db71027f6.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--4db71027f6",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB23-42 \u00a0: Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--5451447fe7.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--5451447fe7",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB21-30 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--54dc24517c.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--54dc24517c",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB25-26\u00a0 : Security update available for Adobe\u00a0Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--5cb7420cf3.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--5cb7420cf3",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "Back to top",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--8c1e29399c.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--8c1e29399c",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB24-73\u00a0 :\u00a0Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--8ecb2a63a5.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--8ecb2a63a5",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB23-17\u00a0 : Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-17.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--933ad16ad5.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--933ad16ad5",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB24-18 \u00a0: Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-18.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--934b38c7e3.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--934b38c7e3",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB23-50 \u00a0: Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--979640da01.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--979640da01",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB23-35 \u00a0:\u00a0Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2021-36035.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2021-36035",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2021-36035",
"summary": "Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could make a crafted request to the Adobe Stock API to achieve remote code execution.",
"published_at": "2021-09-01T15:15:09.860",
"updated_at": "2024-11-21T06:12:59.820",
"severity": "critical",
"cvss_score": 9.1,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2021-36035"
],
"cve_ids": [
"CVE-2021-36035"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2021-39864.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2021-39864",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2021-39864",
"summary": "Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to the admin console is not required for successful exploitation.",
"published_at": "2021-10-15T15:15:08.460",
"updated_at": "2024-11-21T06:20:25.057",
"severity": "medium",
"cvss_score": 6.5,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb21-86.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2021-39864"
],
"cve_ids": [
"CVE-2021-39864"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

64
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-24086.json 普通文件
查看文件

@@ -0,0 +1,64 @@
{
"canonical_id": "adobe-commerce--CVE-2022-24086",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-24086",
"summary": "Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.",
"published_at": "2022-02-16T17:15:13.307",
"updated_at": "2025-10-23T14:51:16.013",
"severity": "critical",
"cvss_score": 9.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-12.html",
"secondary_source_urls": [
"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086"
],
"aliases": [
"CVE-2022-24086"
],
"cve_ids": [
"CVE-2022-24086"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-24093.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-24093",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-24093",
"summary": "Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution.",
"published_at": "2023-09-12T08:15:12.960",
"updated_at": "2024-11-21T06:49:47.413",
"severity": "critical",
"cvss_score": 9.1,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-13.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-24093"
],
"cve_ids": [
"CVE-2022-24093"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-34253.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-34253",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-34253",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction.",
"published_at": "2022-08-16T21:15:09.973",
"updated_at": "2024-11-21T07:09:09.320",
"severity": "high",
"cvss_score": 7.2,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-34253"
],
"cve_ids": [
"CVE-2022-34253"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

63
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-34254.json 普通文件
查看文件

@@ -0,0 +1,63 @@
{
"canonical_id": "adobe-commerce--CVE-2022-34254",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-34254",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction.",
"published_at": "2022-08-16T21:15:10.040",
"updated_at": "2024-11-21T07:09:09.437",
"severity": "high",
"cvss_score": 8.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-34254"
],
"cve_ids": [
"CVE-2022-34254"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-34255.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-34255",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-34255",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker with a low privilege account could leverage this vulnerability to perform an account takeover for a victim. Exploitation of this issue does not require user interaction.",
"published_at": "2022-08-16T21:15:10.100",
"updated_at": "2024-11-21T07:09:09.567",
"severity": "high",
"cvss_score": 8.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-34255"
],
"cve_ids": [
"CVE-2022-34255"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-34256.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-34256",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-34256",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction.",
"published_at": "2022-08-16T21:15:10.163",
"updated_at": "2024-11-21T07:09:09.690",
"severity": "high",
"cvss_score": 7.5,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-34256"
],
"cve_ids": [
"CVE-2022-34256"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-34257.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-34257",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-34257",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field.",
"published_at": "2022-08-16T21:15:10.220",
"updated_at": "2024-11-21T07:09:09.827",
"severity": "medium",
"cvss_score": 6.1,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-34257"
],
"cve_ids": [
"CVE-2022-34257"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-34258.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-34258",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-34258",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field.",
"published_at": "2022-08-16T21:15:10.280",
"updated_at": "2024-11-21T07:09:09.953",
"severity": "medium",
"cvss_score": 4.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-34258"
],
"cve_ids": [
"CVE-2022-34258"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-34259.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-34259",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-34259",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.",
"published_at": "2022-08-16T21:15:10.340",
"updated_at": "2024-11-21T07:09:10.063",
"severity": "medium",
"cvss_score": 5.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-34259"
],
"cve_ids": [
"CVE-2022-34259"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-35689.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-35689",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-35689",
"summary": "Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.",
"published_at": "2022-10-14T20:15:10.223",
"updated_at": "2024-11-21T07:11:28.990",
"severity": "medium",
"cvss_score": 5.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-48.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-35689"
],
"cve_ids": [
"CVE-2022-35689"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-35692.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-35692",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-35692",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to leak minor information of another user's account detials. Exploitation of this issue does not require user interaction.",
"published_at": "2022-08-19T23:15:09.857",
"updated_at": "2024-11-21T07:11:29.357",
"severity": "medium",
"cvss_score": 5.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-35692"
],
"cve_ids": [
"CVE-2022-35692"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-35698.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-35698",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-35698",
"summary": "Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution.",
"published_at": "2022-10-14T20:15:11.770",
"updated_at": "2024-11-21T07:11:30.073",
"severity": "critical",
"cvss_score": 10.0,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-48.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-35698"
],
"cve_ids": [
"CVE-2022-35698"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2022-42344.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2022-42344",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2022-42344",
"summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Incorrect Authorization vulnerability. An authenticated attacker can exploit this vulnerability to achieve information exposure and privilege escalation.",
"published_at": "2022-10-20T17:15:10.723",
"updated_at": "2024-11-21T07:24:47.620",
"severity": "high",
"cvss_score": 8.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2022-42344"
],
"cve_ids": [
"CVE-2022-42344"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-22247.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-22247",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-22247",
"summary": "Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An unauthenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.",
"published_at": "2023-03-27T21:15:10.727",
"updated_at": "2024-11-21T07:44:23.737",
"severity": "high",
"cvss_score": 7.5,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-17.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-22247"
],
"cve_ids": [
"CVE-2023-22247"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-22248.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-22248",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-22248",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to leak another user's data. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:10.413",
"updated_at": "2024-11-21T07:44:23.877",
"severity": "high",
"cvss_score": 7.5,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-22248"
],
"cve_ids": [
"CVE-2023-22248"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-22249.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-22249",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-22249",
"summary": "Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field.",
"published_at": "2023-03-27T21:15:10.797",
"updated_at": "2024-11-21T07:44:24.003",
"severity": "medium",
"cvss_score": 4.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-17.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-22249"
],
"cve_ids": [
"CVE-2023-22249"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-22250.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-22250",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-22250",
"summary": "Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.",
"published_at": "2023-03-27T21:15:10.860",
"updated_at": "2024-11-21T07:44:24.110",
"severity": "medium",
"cvss_score": 5.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-17.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-22250"
],
"cve_ids": [
"CVE-2023-22250"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-22251.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-22251",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-22251",
"summary": "Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Incorrect Authorization vulnerability. A low-privileged authenticated attacker could leverage this vulnerability to achieve minor information disclosure.",
"published_at": "2023-03-27T21:15:10.923",
"updated_at": "2024-11-21T07:44:24.210",
"severity": "medium",
"cvss_score": 4.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-17.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-22251"
],
"cve_ids": [
"CVE-2023-22251"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

63
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-26366.json 普通文件
查看文件

@@ -0,0 +1,63 @@
{
"canonical_id": "adobe-commerce--CVE-2023-26366",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-26366",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction, scope is changed due to the fact that an attacker can enforce file read outside the application's path boundary.",
"published_at": "2023-10-13T07:15:38.933",
"updated_at": "2024-11-21T07:51:12.390",
"severity": "medium",
"cvss_score": 6.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-26366"
],
"cve_ids": [
"CVE-2023-26366"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy",
"ssrf-url-validation"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-26367.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-26367",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-26367",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction.",
"published_at": "2023-10-13T07:15:39.767",
"updated_at": "2024-11-21T07:51:12.530",
"severity": "medium",
"cvss_score": 4.9,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-26367"
],
"cve_ids": [
"CVE-2023-26367"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29287.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29287",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29287",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Information Exposure vulnerability that could lead to a security feature bypass. An attacker could leverage this vulnerability to leak minor user data. Exploitation of this issue does not require user interaction..",
"published_at": "2023-06-15T19:15:10.603",
"updated_at": "2024-11-21T07:56:48.080",
"severity": "medium",
"cvss_score": 5.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29287"
],
"cve_ids": [
"CVE-2023-29287"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29288.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29288",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29288",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A privileged attacker could leverage this vulnerability to modify a minor functionality of another user's data. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:10.673",
"updated_at": "2024-11-21T07:56:48.197",
"severity": "medium",
"cvss_score": 4.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29288"
],
"cve_ids": [
"CVE-2023-29288"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29289.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29289",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29289",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an XML Injection vulnerability. An attacker with low privileges can trigger a specially crafted script to a security feature bypass. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:10.743",
"updated_at": "2024-11-21T07:56:48.313",
"severity": "medium",
"cvss_score": 6.5,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29289"
],
"cve_ids": [
"CVE-2023-29289"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29290.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29290",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29290",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:10.817",
"updated_at": "2024-11-21T07:56:48.423",
"severity": "medium",
"cvss_score": 5.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29290"
],
"cve_ids": [
"CVE-2023-29290"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

63
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29291.json 普通文件
查看文件

@@ -0,0 +1,63 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29291",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29291",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:10.887",
"updated_at": "2024-11-21T07:56:48.530",
"severity": "medium",
"cvss_score": 4.9,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29291"
],
"cve_ids": [
"CVE-2023-29291"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy",
"ssrf-url-validation"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

63
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29292.json 普通文件
查看文件

@@ -0,0 +1,63 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29292",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29292",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:10.957",
"updated_at": "2024-11-21T07:56:48.640",
"severity": "medium",
"cvss_score": 4.9,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29292"
],
"cve_ids": [
"CVE-2023-29292"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy",
"ssrf-url-validation"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29293.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29293",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29293",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An admin privileged attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:11.020",
"updated_at": "2024-11-21T07:56:48.747",
"severity": "low",
"cvss_score": 2.7,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29293"
],
"cve_ids": [
"CVE-2023-29293"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29294.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29294",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29294",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:11.090",
"updated_at": "2024-11-21T07:56:48.850",
"severity": "medium",
"cvss_score": 4.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29294"
],
"cve_ids": [
"CVE-2023-29294"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29295.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29295",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29295",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:11.163",
"updated_at": "2024-11-21T07:56:48.960",
"severity": "medium",
"cvss_score": 4.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29295"
],
"cve_ids": [
"CVE-2023-29295"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29296.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29296",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29296",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to modify a minor functionality of another user's data. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:11.240",
"updated_at": "2024-11-21T07:56:49.063",
"severity": "medium",
"cvss_score": 4.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29296"
],
"cve_ids": [
"CVE-2023-29296"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-29297.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-29297",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-29297",
"summary": "Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Improper Neutralization of Special Elements Used in a Template Engine vulnerability that could lead to arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction.",
"published_at": "2023-06-15T19:15:11.310",
"updated_at": "2024-11-21T07:56:49.170",
"severity": "critical",
"cvss_score": 9.1,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-35.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-29297"
],
"cve_ids": [
"CVE-2023-29297"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38207.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38207",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38207",
"summary": "Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by a XML Injection (aka Blind XPath Injection) vulnerability that could lead in minor arbitrary file system read. Exploitation of this issue does not require user interaction.",
"published_at": "2023-08-09T08:15:09.443",
"updated_at": "2024-11-21T08:13:05.193",
"severity": "high",
"cvss_score": 7.5,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38207"
],
"cve_ids": [
"CVE-2023-38207"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38208.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38208",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38208",
"summary": "Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead to arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction.",
"published_at": "2023-08-09T08:15:09.563",
"updated_at": "2024-11-21T08:13:05.317",
"severity": "critical",
"cvss_score": 9.1,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38208"
],
"cve_ids": [
"CVE-2023-38208"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38209.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38209",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38209",
"summary": "Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction.",
"published_at": "2023-08-09T08:15:09.660",
"updated_at": "2024-11-21T08:13:05.447",
"severity": "medium",
"cvss_score": 6.5,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38209"
],
"cve_ids": [
"CVE-2023-38209"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38218.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38218",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38218",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Incorrect Authorization . An authenticated attacker can exploit this to achieve information exposure and privilege escalation.",
"published_at": "2023-10-13T07:15:40.047",
"updated_at": "2024-11-21T08:13:06.583",
"severity": "high",
"cvss_score": 8.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38218"
],
"cve_ids": [
"CVE-2023-38218"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38219.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38219",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38219",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. Payload is stored in an admin area, resulting in high confidentiality and integrity impact.",
"published_at": "2023-10-13T07:15:40.327",
"updated_at": "2024-11-21T08:13:06.720",
"severity": "high",
"cvss_score": 8.7,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38219"
],
"cve_ids": [
"CVE-2023-38219"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38220.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38220",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38220",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Authorization vulnerability that could lead in a security feature bypass in a way that an attacker could access unauthorised data. Exploitation of this issue does not require user interaction.",
"published_at": "2023-10-13T07:15:40.557",
"updated_at": "2024-11-21T08:13:06.863",
"severity": "high",
"cvss_score": 7.5,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38220"
],
"cve_ids": [
"CVE-2023-38220"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38221.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38221",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38221",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.",
"published_at": "2023-10-13T07:15:40.777",
"updated_at": "2024-11-21T08:13:07.010",
"severity": "high",
"cvss_score": 8.0,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38221"
],
"cve_ids": [
"CVE-2023-38221"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38249.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38249",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38249",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.",
"published_at": "2023-10-13T07:15:41.037",
"updated_at": "2024-11-21T08:13:10.773",
"severity": "high",
"cvss_score": 8.0,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38249"
],
"cve_ids": [
"CVE-2023-38249"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38250.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38250",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38250",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.",
"published_at": "2023-10-13T07:15:41.420",
"updated_at": "2024-11-21T08:13:10.920",
"severity": "high",
"cvss_score": 8.0,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38250"
],
"cve_ids": [
"CVE-2023-38250"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2023-38251.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2023-38251",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2023-38251",
"summary": "Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Uncontrolled Resource Consumption vulnerability that could lead in minor application denial-of-service. Exploitation of this issue does not require user interaction.",
"published_at": "2023-10-13T07:15:41.577",
"updated_at": "2024-11-21T08:13:11.070",
"severity": "medium",
"cvss_score": 5.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2023-38251"
],
"cve_ids": [
"CVE-2023-38251"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2024-20716.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2024-20716",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2024-20716",
"summary": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resources, causing the application to slow down or crash. Exploitation of this issue does not require user interaction.",
"published_at": "2024-02-15T14:15:45.463",
"updated_at": "2024-11-21T08:52:59.103",
"severity": "medium",
"cvss_score": 4.9,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2024-20716"
],
"cve_ids": [
"CVE-2024-20716"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2024-20717.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2024-20717",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2024-20717",
"summary": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field.",
"published_at": "2024-02-15T14:15:45.663",
"updated_at": "2024-11-21T08:52:59.233",
"severity": "medium",
"cvss_score": 5.4,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2024-20717"
],
"cve_ids": [
"CVE-2024-20717"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2024-20718.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2024-20718",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2024-20718",
"summary": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to trick a victim into performing actions they did not intend to do, which could be used to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction, typically in the form of the victim clicking a link or visiting a malicious website.",
"published_at": "2024-02-15T14:15:45.870",
"updated_at": "2024-11-21T08:53:00.647",
"severity": "medium",
"cvss_score": 4.3,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2024-20718"
],
"cve_ids": [
"CVE-2024-20718"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2024-20719.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2024-20719",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2024-20719",
"summary": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field, that could be leveraged to gain admin access. ",
"published_at": "2024-02-15T14:15:46.077",
"updated_at": "2024-11-21T08:53:00.843",
"severity": "critical",
"cvss_score": 9.1,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2024-20719"
],
"cve_ids": [
"CVE-2024-20719"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2024-20720.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2024-20720",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2024-20720",
"summary": "Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.",
"published_at": "2024-02-15T14:15:46.283",
"updated_at": "2024-11-21T08:53:01.000",
"severity": "critical",
"cvss_score": 9.1,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2024-20720"
],
"cve_ids": [
"CVE-2024-20720"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2024-20758.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2024-20758",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2024-20758",
"summary": "Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution on the underlying filesystem. Exploitation of this issue does not require user interaction, but the attack complexity is high.",
"published_at": "2024-04-10T12:15:08.567",
"updated_at": "2025-04-16T14:53:40.187",
"severity": "critical",
"cvss_score": 9.0,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-18.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2024-20758"
],
"cve_ids": [
"CVE-2024-20758"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

62
08-threat-intel/registry/advisories/adobe-commerce--CVE-2024-20759.json 普通文件
查看文件

@@ -0,0 +1,62 @@
{
"canonical_id": "adobe-commerce--CVE-2024-20759",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "CVE-2024-20759",
"summary": "Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. Confidentiality and integrity are considered high due to having admin impact.",
"published_at": "2024-04-10T12:15:08.893",
"updated_at": "2025-02-11T15:59:16.957",
"severity": "high",
"cvss_score": 8.1,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-18.html",
"secondary_source_urls": [],
"aliases": [
"CVE-2024-20759"
],
"cve_ids": [
"CVE-2024-20759"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Adobe Commerce"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--a0a29ab7eb.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--a0a29ab7eb",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB25-71\u00a0 : Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--a5f12e77b4.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--a5f12e77b4",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB22-12 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-12.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--a7b623e0d8.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--a7b623e0d8",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB21-08 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--ac73b00a05.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--ac73b00a05",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB24-40 \u00a0:\u00a0Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--c1c61771df.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--c1c61771df",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB24-90 :\u00a0Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-90.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--ce8484a7ed.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--ce8484a7ed",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB25-08\u00a0 : Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--d3476d6b14.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--d3476d6b14",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB25-94\u00a0 : Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--d4e4aff8b8.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--d4e4aff8b8",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB22-48 : Security updates available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-48.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--d688572a39.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--d688572a39",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB20-02 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--d88dbef013.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--d88dbef013",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB20-59 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--da91b15885.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--da91b15885",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB22-13 \u00a0:\u00a0Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb22-13.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--ef1f4e7ed5.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--ef1f4e7ed5",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB21-64 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--f2ffd83268.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--f2ffd83268",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB25-50\u00a0: Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--f35cbfee30.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--f35cbfee30",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB24-03 \u00a0: Security update available for Adobe Commerce",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

58
08-threat-intel/registry/advisories/adobe-commerce--fc2e2dc6d1.json 普通文件
查看文件

@@ -0,0 +1,58 @@
{
"canonical_id": "adobe-commerce--fc2e2dc6d1",
"system_id": "adobe-commerce",
"display_name": "Adobe Commerce",
"category": "ecommerce",
"advisory_mode": "core",
"title": "APSB20-47 \u00a0Security\u202fupdates available\u202ffor Magento",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"authz-server-side-recheck",
"file-upload-validation",
"xss-output-encoding",
"plugin-extension-trust-policy"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"metadata": {
"source_names": [
"Adobe Magento Security Index"
],
"source_kinds": [
"vendor-index"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--02cba8895c.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--02cba8895c",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "libapreq",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://httpd.apache.org/apreq/",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--05cc1afdb1.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--05cc1afdb1",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "Trunk",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://svn.apache.org/viewvc/httpd/httpd/trunk/",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--07805b501b.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--07805b501b",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2025-59775",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2025-59775",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--0a6be3d9f9.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--0a6be3d9f9",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2022-28330",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2022-28330",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--0bc105963e.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--0bc105963e",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "Documentation",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://httpd.apache.org/docs/",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--0ca4c19a23.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--0ca4c19a23",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2024-38473",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2024-38473",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--0dbcc731e3.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--0dbcc731e3",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "Flood",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://httpd.apache.org/test/flood/",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--0e5b8af55a.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--0e5b8af55a",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "Mailing Lists",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://httpd.apache.org/lists.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--101f2d16a4.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--101f2d16a4",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2024-40725",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2024-40725",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--1110a7f1d2.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--1110a7f1d2",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2024-38472",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2024-38472",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--172cdd59be.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--172cdd59be",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2025-66200",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2025-66200",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--1afb0f2b13.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--1afb0f2b13",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "Wiki",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://wiki.apache.org/httpd/",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--1c11edba84.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--1c11edba84",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2025-54090",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2025-54090",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--1e9218e776.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--1e9218e776",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "impact rating",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://httpd.apache.org/security/impact_levels.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--20376e1d55.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--20376e1d55",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2024-47252",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2024-47252",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--203c36ee66.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--203c36ee66",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2025-23048",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2025-23048",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--219b6d2e94.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--219b6d2e94",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2025-55753",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.cve.org/CVERecord?id=CVE-2025-55753",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--22307e5b33.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--22307e5b33",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "Sponsorship",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://www.apache.org/foundation/sponsorship.html",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

57
08-threat-intel/registry/advisories/apache-httpd--22e8d8544b.json 普通文件
查看文件

@@ -0,0 +1,57 @@
{
"canonical_id": "apache-httpd--22e8d8544b",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "FAQ",
"summary": "",
"published_at": null,
"updated_at": null,
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "https://wiki.apache.org/httpd/FAQ",
"secondary_source_urls": [],
"aliases": [],
"cve_ids": [],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "proxy-boundary-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"Apache HTTPD Security"
],
"source_kinds": [
"html-links"
],
"candidate_count": 1
}
}

某些文件未显示,因为此 diff 中更改的文件太多 显示更多