{"vulnerability": "cve-2024-4337", "sightings": [{"uuid": "83a572a9-df8f-4371-afba-be64f76669a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43379", "type": "seen", "source": "https://t.me/cvedetector/3518", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43379 - TruffleHog Unauthenticated Endpoint Request Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43379 \nPublished : Aug. 19, 2024, 3:15 p.m. | 26\u00a0minutes ago \nDescription : TruffleHog is a secrets scanning tool. Prior to v3.81.9, this vulnerability allows a malicious actor to craft data in a way that, when scanned by specific detectors, could trigger the detector to make an unauthorized request to an endpoint chosen by the attacker. For an exploit to be effective, the target endpoint must be an unauthenticated GET endpoint that produces side effects. The victim must scan the maliciously crafted data and have such an endpoint targeted for the exploit to succeed. The vulnerability has been resolved in TruffleHog v3.81.9 and later versions. \nSeverity: 3.4 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T17:41:45.000000Z"}, {"uuid": "23173283-7415-4998-9f4c-1879e2eade0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43378", "type": "seen", "source": "https://t.me/cvedetector/3317", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43378 - Calamares Nixos Extensions LUKS Key Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43378 \nPublished : Aug. 16, 2024, 2:15 a.m. | 37\u00a0minutes ago \nDescription : calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitions are encrypted; but the partitions containing either `/` or `/boot` are unencrypted; have their LUKS disk encryption key file in plain text either in `/crypto_keyfile.bin`, or in a CPIO archive attached to their NixOS initrd. `nixos-install` is not affected, nor are UEFI installations, nor was the default automatic partitioning configuration on legacy BIOS systems. The problem has been fixed in calamares-nixos-extensions 0.3.17, which was included in NixOS. The current installer images for the NixOS 24.05 and unstable (24.11) channels are unaffected. The fix reached 24.05 at 2024-08-13 20:06:59 UTC, and unstable at 2024-08-15 09:00:20 UTC. Installer images downloaded before those times may be vulnerable. The best solution for affected users is probably to back up their data and do a complete reinstallation. However, the mitigation procedure in GHSA-3rvf-24q2-24ww should work solely for the case where `/` is encrypted but `/boot` is not. If `/` is unencrypted, then the `/crypto_keyfile.bin` file will need to be deleted in addition to the remediation steps in the previous advisory. This issue is a partial regression of CVE-2023-36476 / GHSA-3rvf-24q2-24ww, which was more severe as it applied to the default configuration on BIOS systems. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T05:21:43.000000Z"}, {"uuid": "53e7d6fc-38c7-4218-8299-51f1ec68cdc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43370", "type": "seen", "source": "https://t.me/cvedetector/3315", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43370 - Gettext.js: Cross-Site Scripting (XSS) Injection\", \n  \"Content\": \"CVE ID : CVE-2024-43370 \nPublished : Aug. 16, 2024, 2:15 a.m. | 37\u00a0minutes ago \nDescription : gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this flaw in the definition of plural forms. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T05:21:42.000000Z"}, {"uuid": "c2fec622-a22a-4836-b28f-aaa3de78ba86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43374", "type": "seen", "source": "https://t.me/cvedetector/3316", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43374 - \"Vim Use-After-Free Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-43374 \nPublished : Aug. 16, 2024, 2:15 a.m. | 37\u00a0minutes ago \nDescription : The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (including the window where it is shown), this causes the window structure to be freed which contains a reference to the argument list that we are actually modifying. Once the autocommands are completed, the references to the window and argument list are no longer valid and as such cause an use-after-free. Impact is low since the user must either intentionally add some unusual autocommands that wipe a buffer during creation (either manually or by sourcing a malicious plugin), but it will crash Vim. The issue has been fixed as of Vim patch v9.1.0678. \nSeverity: 4.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T05:21:43.000000Z"}, {"uuid": "e82cc451-7a0a-4e9d-bf8f-5d2b8bd0900f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43373", "type": "seen", "source": "https://t.me/cvedetector/3247", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43373 - Webcrack Node.js Arbitrary File Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43373 \nPublished : Aug. 15, 2024, 3:15 p.m. | 22\u00a0minutes ago \nDescription : webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving feature. If a module name includes a path traversal sequence with Windows path separators, an attacker can exploit this to overwrite files on the host system. This vulnerability allows an attacker to write arbitrary `.js` files to the host system, which can be leveraged to hijack legitimate Node.js modules to gain arbitrary code execution. This vulnerability has been patched in version 2.14.1. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-15T17:38:21.000000Z"}, {"uuid": "acc3033a-c4a0-44b9-910d-389d9821e956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43371", "type": "seen", "source": "https://t.me/cvedetector/3772", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43371 - CKAN Server Side Request Forgery (SSRF) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43371 \nPublished : Aug. 21, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : CKAN is an open-source data management system for powering data hubs and data portals. There are a number of CKAN plugins, including XLoader, DataPusher, Resource proxy and ckanext-archiver, that work by downloading the contents of local or remote files in order to perform some actions with their contents (e.g. pushing to the DataStore, streaming contents or saving a local copy). All of them use the resource URL, and there are currently no checks to limit what URLs can be requested. This means that a malicious (or unaware) user can create a resource with a URL pointing to a place where they should not have access in order for one of the previous tools to retrieve it (known as a Server Side Request Forgery). Users wanting to protect against these kinds of attacks can use one or a combination of the following approaches: (1) Use a separate HTTP proxy like Squid that can be used to allow / disallow IPs, domains etc as needed, and make CKAN extensions aware of this setting via the ckan.download_proxy config option. (2) Implement custom firewall rules to prevent access to restricted resources. (3) Use custom validators on the resource url field to block/allow certain domains or IPs. All latest versions of the plugins listed above support the ckan.download_proxy settings. Support for this setting in the Resource Proxy plugin was included in CKAN 2.10.5 and 2.11.0. \nSeverity: 4.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T18:14:46.000000Z"}, {"uuid": "0f74c7fb-c51c-4411-8bcb-d6703c7073c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43376", "type": "seen", "source": "https://t.me/cvedetector/3651", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43376 - Umbraco Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-43376 \nPublished : Aug. 20, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : Umbraco is an ASP.NET CMS. Some endpoints in the Management API can return stack trace information, even when Umbraco is not in debug mode. This vulnerability is fixed in 14.1.2. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T17:58:21.000000Z"}, {"uuid": "85ef4641-930c-4430-9937-5cdfbdf1adfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43377", "type": "seen", "source": "https://t.me/cvedetector/3648", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43377 - Umbraco CMS Unauthorized Endpoints Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-43377 \nPublished : Aug. 20, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : Umbraco CMS is an ASP.NET CMS. An authenticated user can access a few unintended endpoints. This issue is fixed in 14.1.2. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T17:58:15.000000Z"}, {"uuid": "a51afbac-c1bb-4b3a-a7c8-e8afa1af715c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43374", "type": "seen", "source": "https://gist.github.com/jamincollins/eeeaa5b5a021f181d02cd557edf76515", "content": "", "creation_timestamp": "2025-07-09T21:28:20.000000Z"}]}