Publish Advisories

GHSA-8cvq-3jjp-ph9p GHSA-c3h5-h73c-29hq GHSA-8cvq-3jjp-ph9p
github · Jan 14, 2025 · 2f9b91d · 2f9b91d
1 parent c493dc9
commit 2f9b91d
Show file tree

Hide file tree

Showing 3 changed files with 139 additions and 46 deletions.
diff --git a/advisories/github-reviewed/2025/01/GHSA-8cvq-3jjp-ph9p/GHSA-8cvq-3jjp-ph9p.json b/advisories/github-reviewed/2025/01/GHSA-8cvq-3jjp-ph9p/GHSA-8cvq-3jjp-ph9p.json
@@ -0,0 +1,65 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-8cvq-3jjp-ph9p",
+  "modified": "2025-01-14T20:07:31Z",
+  "published": "2025-01-14T18:31:59Z",
+  "aliases": [
+    "CVE-2024-45627"
+  ],
+  "summary": "Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability",
+  "details": "# Affected versions:\n\n- Apache Linkis Metadata Query Service JDBC 1.5.0 before 1.7.0\n\n# Description:\n\nIn Apache Linkis <1.7.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will allow the attacker to read arbitrary files from the Linkis server. Therefore, the parameters in the Mysql JDBC URL should be blacklisted. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. Versions of Apache Linkis < 1.6.0 will be affected.\n\nWe recommend users upgrade the version of Linkis to version 1.7.0.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Maven",
+        "name": "org.apache.linkis:linkis-metadata-query-service-jdbc"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "1.5.0"
+            },
+            {
+              "fixed": "1.7.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45627"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/apache/linkis"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.apache.org/thread/0zzx8lldwoqgzq98mg61hojgpvn76xsh"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.openwall.com/lists/oss-security/2025/01/14/1"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-552"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-01-14T20:07:31Z",
+    "nvd_published_at": "2025-01-14T17:15:17Z"
+  }
+}
diff --git a/...A-c3h5-h73c-29hq/GHSA-c3h5-h73c-29hq.json → ...A-c3h5-h73c-29hq/GHSA-c3h5-h73c-29hq.json b/...A-c3h5-h73c-29hq/GHSA-c3h5-h73c-29hq.json → ...A-c3h5-h73c-29hq/GHSA-c3h5-h73c-29hq.json
@@ -1,14 +1,78 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c3h5-h73c-29hq",
-  "modified": "2025-01-14T18:32:00Z",
+  "modified": "2025-01-14T20:07:51Z",
   "published": "2025-01-14T18:32:00Z",
   "aliases": [
     "CVE-2025-23081"
   ],
+  "summary": "Mediawiki - DataTransfer Extension Cross-Site Request Forgery (CSRF) and Cross-site Scripting (XSS)",
   "details": "Cross-Site Request Forgery (CSRF), Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects Mediawiki - DataTransfer Extension: from 1.39.X before 1.39.11, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2.",
-  "severity": [],
-  "affected": [],
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "mediawiki/data-transfer"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "1.39.0"
+            },
+            {
+              "fixed": "1.39.11"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "mediawiki/data-transfer"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "1.41.0"
+            },
+            {
+              "fixed": "1.41.3"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "mediawiki/data-transfer"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "1.42.0"
+            },
+            {
+              "fixed": "1.42.2"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
@@ -38,6 +102,10 @@
       "type": "WEB",
       "url": "https://gerrit.wikimedia.org/r/q/I9223c31f02f31f1e06e1a8cddf7d539cc8d3a3d9"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/wikimedia/mediawiki-extensions-DataTransfer"
+    },
     {
       "type": "WEB",
       "url": "https://phabricator.wikimedia.org/T379749"
@@ -47,9 +115,9 @@
     "cwe_ids": [
       "CWE-79"
     ],
-    "severity": null,
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-01-14T20:07:51Z",
     "nvd_published_at": "2025-01-14T17:15:21Z"
   }
 }
diff --git a/advisories/unreviewed/2025/01/GHSA-8cvq-3jjp-ph9p/GHSA-8cvq-3jjp-ph9p.json b/advisories/unreviewed/2025/01/GHSA-8cvq-3jjp-ph9p/GHSA-8cvq-3jjp-ph9p.json