CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52314 – data.all admin user may access potentially sensitive data stored by producers via logs
https://notcve.org/view.php?id=CVE-2024-52314
09 Nov 2024 — A data.all admin team member who has access to the customer-owned AWS Account where data.all is deployed may be able to extract user data from data.all application logs in data.all via CloudWatch log scanning for particular operations that interact with customer producer teams data. • https://aws.amazon.com/security/security-bulletins/AWS-2024-013 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52312 – data.all authenticated users can perform restricted operations against DataSets and Environments
https://notcve.org/view.php?id=CVE-2024-52312
09 Nov 2024 — Due to inconsistent authorization permissions, data.all may allow an external actor with an authenticated account to perform restricted operations against DataSets and Environments. • https://aws.amazon.com/security/security-bulletins/AWS-2024-013 • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52313 – data.all authenticated users can obtain incorrect object level authorizations
https://notcve.org/view.php?id=CVE-2024-52313
09 Nov 2024 — An authenticated data.all user is able to manipulate a getDataset query to fetch additional information regarding the parent Environment resource that the user otherwise would not able to fetch by directly querying the object via getEnvironment in data.all. • https://aws.amazon.com/security/security-bulletins/AWS-2024-013 • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10953 – data.all authenticated users can perform mutating update operations on persisted notification records
https://notcve.org/view.php?id=CVE-2024-10953
09 Nov 2024 — An authenticated data.all user is able to perform mutating UPDATE operations on persisted Notification records in data.all for group notifications that their user is not a member of. • https://aws.amazon.com/security/security-bulletins/AWS-2024-013 • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52311 – data.all does not invalidate authentication token upon user logout
https://notcve.org/view.php?id=CVE-2024-52311
09 Nov 2024 — Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired. • https://aws.amazon.com/security/security-bulletins/AWS-2024-013 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51643 – WordPress Amazon Associate Filter plugin <= 0.4 - CSRF to Stored XSS vulnerability
https://notcve.org/view.php?id=CVE-2024-51643
01 Nov 2024 — Cross-Site Request Forgery (CSRF) vulnerability in Rajan Agaskar Amazon Associate Filter allows Stored XSS.This issue affects Amazon Associate Filter: from n/a through 0.4. The Amazon Associate Filter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.4. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they ... • https://patchstack.com/database/vulnerability/amazon-associate-filter/wordpress-amazon-associate-filter-plugin-0-4-csrf-to-stored-xss-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10125 – Lack of JWT issuer and signer validation
https://notcve.org/view.php?id=CVE-2024-10125
21 Oct 2024 — The Amazon.ApplicationLoadBalancer.Identity.AspNetCore repo https://github.com/awslabs/aws-alb-identity-aspnetcore#validatetokensignature contains Middleware that can be used in conjunction with the Application Load Balancer (ALB) OpenId Connect integration and can be used in any ASP.NET http://asp.net/ Core deployment scenario, including Fargate, EKS, ECS, EC2, and Lambda. In the JWT handling code, it performs signature validation but fails to validate the JWT issuer and signer identity. The signer omissio... • https://aws.amazon.com/security/security-bulletins/AWS-2024-012 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8901 – Lack of JWT issuer and signer validation
https://notcve.org/view.php?id=CVE-2024-8901
21 Oct 2024 — The AWS ALB Route Directive Adapter For Istio repo https://github.com/awslabs/aws-alb-route-directive-adapter-for-istio/tree/master provides an OIDC authentication mechanism that was integrated into the open source Kubeflow project. The adapter uses JWT for authentication, but lacks proper signer and issuer validation. In uncommon deployments of ALB, wherein endpoints are exposed to internet traffic, an actor can provide a JWT signed by an untrusted entity in order to spoof OIDC-federated sessions and succe... • https://aws.amazon.com/security/security-bulletins/AWS-2024-011 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.4EPSS: 0%CPEs: 41EXPL: 0CVE-2024-21217 – JDK: Unbounded allocation leads to out-of-memory error (8331446)
https://notcve.org/view.php?id=CVE-2024-21217
15 Oct 2024 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM f... • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-502: Deserialization of Untrusted Data CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 10.0EPSS: 34%CPEs: 36EXPL: 2CVE-2024-9680 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-9680
09 Oct 2024 — An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, and Firefox ESR < 115.16.1. An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. • https://github.com/tdonaworth/Firefox-CVE-2024-9680 • CWE-416: Use After Free •