From d4d5cbf6c5b681779dfe308b21f05bef5b4b14f2 Mon Sep 17 00:00:00 2001 From: Sometimes_Puzzled Date: Fri, 7 Jun 2024 12:54:42 -0700 Subject: [PATCH] Update cvex_v2.json typo --- data/cvex_data/cvex_v2.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/data/cvex_data/cvex_v2.json b/data/cvex_data/cvex_v2.json index 0d37cf5..4170401 100755 --- a/data/cvex_data/cvex_v2.json +++ b/data/cvex_data/cvex_v2.json @@ -28,7 +28,7 @@ "authors":["racheljiang310"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2023-28155.docker-compose.yml", + "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2023-28155.docker-compose.yml", "images": ["cvex-2023-28155/listener", "cvex-2023-28155/client", "cvex-2023-28155/bad_server", "cvex-2023-28155/php_server"], "description": "The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.", "page": "/CVEX-2023-28155/" @@ -39,7 +39,7 @@ "authors":["racheljiang310"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2023-31419.docker-compose.yml", + "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2023-31419.docker-compose.yml", "images": ["cvex-2023-31419/client","cvex-2023-31419/server","cvex-2023-31419/listener"], "description": "A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.", "page": "/CVEX-2023-31419/" @@ -50,7 +50,7 @@ "authors":["racheljiang310"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link":"https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2023-42282.docker-compose.yml", + "link":"https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2023-42282.docker-compose.yml", "images": ["cvex-2023-42282/client", "cvex-2023-42282/server", "cvex-2023-42282/listener"], "description": "The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.", "page": "/CVEX-2023-42282/" @@ -61,7 +61,7 @@ "authors":["racheljiang310"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2024-21508.docker-compose.yml", + "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2024-21508.docker-compose.yml", "images": ["cvex-2023-42282/client", "cvex-2023-42282/server", "cvex-2023-42282/listener"], "description": "Found in versions of the mysql2 <= 3.9.4, this vulnerability allows for Remote Code Execution (RCE) through the readCodeFor function, due to improper validation of the supportBigNumbers and bigNumberStrings values. The potential impact includes high integrity and confidentiality impact, as well as high availability impact.", "page": "/CVEX-2024-21508/" @@ -72,7 +72,7 @@ "authors":["yarwinliu"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2023-0286.docker-compose.yml", + "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2023-0286.docker-compose.yml", "images": ["cvex-2024-21508/listener", "cvex-2024-21508/server", "cvex-2024-21508/client"], "description": "Clones openssl version 3.0.7, containing a vulnerability that attributes the wrong variable type (ASN1_TYPE rather than ASN1_STRING) to a x509 address, allowing elevation of privilege.", "page": "/CVEX-2023-0286/"