https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 21 Jun 2026 01:36:34 +0000 https://db.gcve.eu/sighting/db9363a6-4f99-4783-abba-ecb822bb3e04/export {"uuid": "db9363a6-4f99-4783-abba-ecb822bb3e04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51495", "type": "seen", "source": "https://t.me/cvedetector/11096", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51495 - LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-51495 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the \"overwrite_ip\" parameter when editing a device. This vulnerability results in the execution of malicious code when the device overview page is visited, potentially compromising the accounts of other users. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:12.000000Z"} {"uuid": "db9363a6-4f99-4783-abba-ecb822bb3e04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51495", "type": "seen", "source": "https://t.me/cvedetector/11096", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51495 - LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-51495 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the \"overwrite_ip\" parameter when editing a device. This vulnerability results in the execution of malicious code when the device overview page is visited, potentially compromising the accounts of other users. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:12.000000Z"} https://db.gcve.eu/sighting/db9363a6-4f99-4783-abba-ecb822bb3e04/export Fri, 15 Nov 2024 18:17:12 +0000 https://db.gcve.eu/sighting/1f8e6479-4789-4442-8c21-d5c04347c3a6/export {"uuid": "1f8e6479-4789-4442-8c21-d5c04347c3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51497", "type": "seen", "source": "https://t.me/cvedetector/11098", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51497 - LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-51497 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Custom OID\" tab of a device allows authenticated users to inject arbitrary JavaScript through the \"unit\" parameter when creating a new OID. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:13.000000Z"} {"uuid": "1f8e6479-4789-4442-8c21-d5c04347c3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51497", "type": "seen", "source": "https://t.me/cvedetector/11098", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51497 - LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-51497 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Custom OID\" tab of a device allows authenticated users to inject arbitrary JavaScript through the \"unit\" parameter when creating a new OID. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:13.000000Z"} https://db.gcve.eu/sighting/1f8e6479-4789-4442-8c21-d5c04347c3a6/export Fri, 15 Nov 2024 18:17:13 +0000 https://db.gcve.eu/sighting/27317974-210e-45b7-a8b1-3e107d05055a/export {"uuid": "27317974-210e-45b7-a8b1-3e107d05055a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51496", "type": "seen", "source": "https://t.me/cvedetector/11097", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51496 - LibreNMS Reflected Cross-Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2024-51496 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the \"metric\" parameter of the \"/wireless\" and \"/health\" endpoints allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious \"metric\" parameter, potentially compromising their session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:13.000000Z"} {"uuid": "27317974-210e-45b7-a8b1-3e107d05055a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51496", "type": "seen", "source": "https://t.me/cvedetector/11097", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51496 - LibreNMS Reflected Cross-Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2024-51496 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the \"metric\" parameter of the \"/wireless\" and \"/health\" endpoints allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious \"metric\" parameter, potentially compromising their session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:13.000000Z"} https://db.gcve.eu/sighting/27317974-210e-45b7-a8b1-3e107d05055a/export Fri, 15 Nov 2024 18:17:13 +0000 https://db.gcve.eu/sighting/97744e40-574a-4204-a5b1-27e634ea64fb/export {"uuid": "97744e40-574a-4204-a5b1-27e634ea64fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51499", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113505730866493568", "content": "", "creation_timestamp": "2024-11-18T20:00:05.304140Z"} {"uuid": "97744e40-574a-4204-a5b1-27e634ea64fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51499", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113505730866493568", "content": "", "creation_timestamp": "2024-11-18T20:00:05.304140Z"} https://db.gcve.eu/sighting/97744e40-574a-4204-a5b1-27e634ea64fb/export Mon, 18 Nov 2024 20:00:05 +0000 https://db.gcve.eu/sighting/0ccddc54-290a-4a8b-9200-ca95c2eb4b84/export {"uuid": "0ccddc54-290a-4a8b-9200-ca95c2eb4b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51499", "type": "seen", "source": "https://t.me/cvedetector/11380", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51499 - MarkUs Arbitrary File Write Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-51499 \nPublished : Nov. 18, 2024, 8:15 p.m. | 16\u00a0minutes ago \nDescription : MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the update_files method of the SubmissionsController allows authenticated users (e.g. students) to write arbitrary files to any location on the web server MarkUs is running on (depending on the permissions of the underlying filesystem). e.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. MarkUs v2.4.8 has addressed this issue. No known workarounds are available at the application level aside from upgrading. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T21:34:12.000000Z"} {"uuid": "0ccddc54-290a-4a8b-9200-ca95c2eb4b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51499", "type": "seen", "source": "https://t.me/cvedetector/11380", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51499 - MarkUs Arbitrary File Write Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-51499 \nPublished : Nov. 18, 2024, 8:15 p.m. | 16\u00a0minutes ago \nDescription : MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the update_files method of the SubmissionsController allows authenticated users (e.g. students) to write arbitrary files to any location on the web server MarkUs is running on (depending on the permissions of the underlying filesystem). e.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. MarkUs v2.4.8 has addressed this issue. No known workarounds are available at the application level aside from upgrading. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T21:34:12.000000Z"} https://db.gcve.eu/sighting/0ccddc54-290a-4a8b-9200-ca95c2eb4b84/export Mon, 18 Nov 2024 21:34:12 +0000 https://db.gcve.eu/sighting/431c70cb-fc7b-4ee1-9a9e-241c3278647c/export {"uuid": "431c70cb-fc7b-4ee1-9a9e-241c3278647c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113823227726464727", "content": "", "creation_timestamp": "2025-01-13T21:43:42.882137Z"} {"uuid": "431c70cb-fc7b-4ee1-9a9e-241c3278647c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113823227726464727", "content": "", "creation_timestamp": "2025-01-13T21:43:42.882137Z"} https://db.gcve.eu/sighting/431c70cb-fc7b-4ee1-9a9e-241c3278647c/export Mon, 13 Jan 2025 21:43:42 +0000 https://db.gcve.eu/sighting/c461c345-8775-476e-8398-33263bc1c4bd/export {"uuid": "c461c345-8775-476e-8398-33263bc1c4bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1418", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-51491\n\ud83d\udd39 Description: notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature.\nAfter retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating system-specific limitations, particularly when the source and destination paths are on different mount points. This failure could lead to an unexpected program termination. In method `crl.(*FileCache).Set`, a temporary file is created in the OS dedicated area (like /tmp for, usually, Linux/Unix). The file is written and then it is tried to move it to the dedicated `notation` cache directory thanks `os.Rename`. As specified in Go documentation, OS specific restriction may apply. When used with Linux OS, it is relying on rename syscall from the libc and as per the documentation, moving a file to a different mountpoint raises an EXDEV error, interpreted as Cross device link not permitted error. Some Linux distribution, like RedHat use a dedicated filesystem (tmpfs), mounted on a specific mountpoint (usually /tmp) for temporary files. When using such OS, revocation check based on CRL will repeatedly crash notation. As a result the signature verification process is aborted as process crashes. This issue has been addressed in version 1.3.0-rc.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-01-13T21:42:11.493Z\n\ud83d\udccf Modified: 2025-01-13T21:42:11.493Z\n\ud83d\udd17 References:\n1. https://github.com/notaryproject/notation-go/security/advisories/GHSA-qjh3-4j3h-vmwp\n2. https://github.com/notaryproject/notation-go/commit/3c3302258ad510fbca2f8a73731569d91f07d196\n3. https://man7.org/linux/man-pages/man2/rename.2.html", "creation_timestamp": "2025-01-13T22:10:33.000000Z"} {"uuid": "c461c345-8775-476e-8398-33263bc1c4bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1418", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-51491\n\ud83d\udd39 Description: notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature.\nAfter retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating system-specific limitations, particularly when the source and destination paths are on different mount points. This failure could lead to an unexpected program termination. In method `crl.(*FileCache).Set`, a temporary file is created in the OS dedicated area (like /tmp for, usually, Linux/Unix). The file is written and then it is tried to move it to the dedicated `notation` cache directory thanks `os.Rename`. As specified in Go documentation, OS specific restriction may apply. When used with Linux OS, it is relying on rename syscall from the libc and as per the documentation, moving a file to a different mountpoint raises an EXDEV error, interpreted as Cross device link not permitted error. Some Linux distribution, like RedHat use a dedicated filesystem (tmpfs), mounted on a specific mountpoint (usually /tmp) for temporary files. When using such OS, revocation check based on CRL will repeatedly crash notation. As a result the signature verification process is aborted as process crashes. This issue has been addressed in version 1.3.0-rc.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-01-13T21:42:11.493Z\n\ud83d\udccf Modified: 2025-01-13T21:42:11.493Z\n\ud83d\udd17 References:\n1. https://github.com/notaryproject/notation-go/security/advisories/GHSA-qjh3-4j3h-vmwp\n2. https://github.com/notaryproject/notation-go/commit/3c3302258ad510fbca2f8a73731569d91f07d196\n3. https://man7.org/linux/man-pages/man2/rename.2.html", "creation_timestamp": "2025-01-13T22:10:33.000000Z"} https://db.gcve.eu/sighting/c461c345-8775-476e-8398-33263bc1c4bd/export Mon, 13 Jan 2025 22:10:33 +0000 https://db.gcve.eu/sighting/47f717e3-da1b-4866-987e-f0d0416691b8/export {"uuid": "47f717e3-da1b-4866-987e-f0d0416691b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfnrbbhgkh2p", "content": "", "creation_timestamp": "2025-01-13T22:17:14.768700Z"} {"uuid": "47f717e3-da1b-4866-987e-f0d0416691b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfnrbbhgkh2p", "content": "", "creation_timestamp": "2025-01-13T22:17:14.768700Z"} https://db.gcve.eu/sighting/47f717e3-da1b-4866-987e-f0d0416691b8/export Mon, 13 Jan 2025 22:17:14 +0000 https://db.gcve.eu/sighting/023ced97-3e92-40b1-a1e9-22a0d9ada4fa/export {"uuid": "023ced97-3e92-40b1-a1e9-22a0d9ada4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://t.me/cvedetector/15194", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51491 - Notion-go Linux Mountpoint Renaming Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-51491 \nPublished : Jan. 13, 2025, 10:15 p.m. | 25\u00a0minutes ago \nDescription : notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature. \nAfter retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating system-specific limitations, particularly when the source and destination paths are on different mount points. This failure could lead to an unexpected program termination. In method `crl.(*FileCache).Set`, a temporary file is created in the OS dedicated area (like /tmp for, usually, Linux/Unix). The file is written and then it is tried to move it to the dedicated `notation` cache directory thanks `os.Rename`. As specified in Go documentation, OS specific restriction may apply. When used with Linux OS, it is relying on rename syscall from the libc and as per the documentation, moving a file to a different mountpoint raises an EXDEV error, interpreted as Cross device link not permitted error. Some Linux distribution, like RedHat use a dedicated filesystem (tmpfs), mounted on a specific mountpoint (usually /tmp) for temporary files. When using such OS, revocation check based on CRL will repeatedly crash notation. As a result the signature verification process is aborted as process crashes. This issue has been addressed in version 1.3.0-rc.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T23:46:28.000000Z"} {"uuid": "023ced97-3e92-40b1-a1e9-22a0d9ada4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://t.me/cvedetector/15194", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-51491 - Notion-go Linux Mountpoint Renaming Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-51491 \nPublished : Jan. 13, 2025, 10:15 p.m. | 25\u00a0minutes ago \nDescription : notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature. \nAfter retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating system-specific limitations, particularly when the source and destination paths are on different mount points. This failure could lead to an unexpected program termination. In method `crl.(*FileCache).Set`, a temporary file is created in the OS dedicated area (like /tmp for, usually, Linux/Unix). The file is written and then it is tried to move it to the dedicated `notation` cache directory thanks `os.Rename`. As specified in Go documentation, OS specific restriction may apply. When used with Linux OS, it is relying on rename syscall from the libc and as per the documentation, moving a file to a different mountpoint raises an EXDEV error, interpreted as Cross device link not permitted error. Some Linux distribution, like RedHat use a dedicated filesystem (tmpfs), mounted on a specific mountpoint (usually /tmp) for temporary files. When using such OS, revocation check based on CRL will repeatedly crash notation. As a result the signature verification process is aborted as process crashes. This issue has been addressed in version 1.3.0-rc.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T23:46:28.000000Z"} https://db.gcve.eu/sighting/023ced97-3e92-40b1-a1e9-22a0d9ada4fa/export Mon, 13 Jan 2025 23:46:28 +0000 https://db.gcve.eu/sighting/4320d951-6db6-40d4-a181-94d7b411a76a/export {"uuid": "4320d951-6db6-40d4-a181-94d7b411a76a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfpi7dnzvz27", "content": "", "creation_timestamp": "2025-01-14T14:40:25.790117Z"} {"uuid": "4320d951-6db6-40d4-a181-94d7b411a76a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfpi7dnzvz27", "content": "", "creation_timestamp": "2025-01-14T14:40:25.790117Z"} https://db.gcve.eu/sighting/4320d951-6db6-40d4-a181-94d7b411a76a/export Tue, 14 Jan 2025 14:40:25 +0000