{"vulnerability": "cve-2024-4530", "sightings": [{"uuid": "de3a8d6c-09e9-4d1d-89a9-007800f78acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "https://t.me/cvedetector/8499", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45309 - OneDev Path Traversal File Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45309 \nPublished : Oct. 21, 2024, 3:15 p.m. | 23\u00a0minutes ago \nDescription : OneDev is a Git server with CI/CD, kanban, and packages. A vulnerability in versions prior to 11.0.9 allows unauthenticated users to read arbitrary files accessible by the OneDev server process. This issue has been fixed in version 11.0.9. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T17:41:24.000000Z"}, {"uuid": "c1ccc29b-0074-4721-8398-e98fbef7f403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45302", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/4478", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45302 - RestSharp CRLF Injectionenario Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45302 \nPublished : Aug. 29, 2024, 10:15 p.m. | 42\u00a0minutes ago \nDescription : RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to `RestRequest.AddHeader` (the header value) is vulnerable to CRLF injection. The same applies to `RestRequest.AddOrUpdateHeader` and `RestClient.AddDefaultHeader`. The way HTTP headers are added to a request is via the `HttpHeaders.TryAddWithoutValidation` method which does not check for CRLF characters in the header value. This means that any headers from a `RestSharp.RequestHeaders` object are added to the request in such a way that they are vulnerable to CRLF-injection. In general, CRLF-injection into a HTTP header (when using HTTP/1.1) means that one can inject additional HTTP headers or smuggle whole HTTP requests. If an application using the RestSharp library passes a user-controllable value through to a header, then that application becomes vulnerable to CRLF-injection. This is not necessarily a security issue for a command line application like the one above, but if such code were present in a web application then it becomes vulnerable to request splitting (as shown in the PoC) and thus Server Side Request Forgery. Strictly speaking this is a potential vulnerability in applications using RestSharp, not in RestSharp itself, but I would argue that at the very least there needs to be a warning about this behaviour in the RestSharp documentation. RestSharp has addressed this issue in version 112.0.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-30T01:25:55.000000Z"}, {"uuid": "65b573a9-9f11-470a-a223-6d9eb68c2cb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "5b54df3a-1a39-462c-a822-5fbb5ab677f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:04.000000Z"}, {"uuid": "cccc92dc-612a-42e0-b95a-06994e95a7dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "27ace543-57e6-49f9-bd98-be9e15a5d001", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "https://t.me/CyberBulletin/1192", "content": "\u26a1\ufe0fOneDev DevOps Platform Patches Critical Security Flaw Exposing Sensitive Data \u2013 (CVE-2024-45309).\n\n#CyberBulletin", "creation_timestamp": "2024-10-22T14:41:58.000000Z"}, {"uuid": "de55194c-1c45-4985-8df3-abe36a16b6c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45300", "type": "seen", "source": "https://t.me/cvedetector/4961", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45300 - Alf.io Promo Code Limit Bypass vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45300 \nPublished : Sept. 6, 2024, 1:15 p.m. | 23\u00a0minutes ago \nDescription : alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In \"alf.io\", an event organizer can apply price discounts by using promo codes to your events. The organizer can limit the number of promo codes that will be used for this, but the time-gap between checking the number of codes and restricting the use of the codes allows a threat actor to bypass the promo code limit. Version 2.0-M5 fixes this issue. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-06T15:45:59.000000Z"}, {"uuid": "2fa7d6a4-739c-4938-9a4b-b7e4697de616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45307", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/4709", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45307 - SudoBot Discord Moderation Bot Config Command Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-45307 \nPublished : Sept. 3, 2024, 7:15 p.m. | 23\u00a0minutes ago \nDescription : SudoBot, a Discord moderation bot, is vulnerable to privilege escalation and exploit of the `-config` command in versions prior to 9.26.7. Anyone is theoretically able to update any configuration of the bot and potentially gain control over the bot's settings. Every version of v9 before v9.26.7 is affected. Other versions (e.g. v8) are not affected. Users should upgrade to version 9.26.7 to receive a patch. A workaround would be to create a command permission overwrite in the Database. A SQL statement provided in the GitHub Security Advisor can be executed to create a overwrite that disallows users without `ManageGuild` permission to run the `-config` command. Run the SQL statement for every server the bot is in, and replace `` with the appropriate Guild ID each time. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T21:39:25.000000Z"}, {"uuid": "73263235-1efc-4a08-b581-cac4f2a48639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45305", "type": "seen", "source": "https://t.me/cvedetector/4650", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45305 - Apple Git Git Stored Cross-Site Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2024-45305 \nPublished : Sept. 2, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : gix-path is a crate of the gitoxide project dealing with git paths and their conversions. `gix-path` executes `git` to find the path of a configuration file that belongs to the `git` installation itself, but mistakenly treats the local repository's configuration as system-wide if no higher scoped configuration is found. In rare cases, this causes a less trusted repository to be treated as more trusted, or leaks sensitive information from one repository to another, such as sending credentials to another repository's remote. In `gix_path::env`, the underlying implementation of the `installation_config` and `installation_config_prefix` functions calls `git config -l --show-origin` and parses the first line of the output to extract the path to the configuration file holding the configuration variable of highest scope. It is believed to be very difficult to exploit this vulnerability deliberately, due to the need either to anticipate a situation in which higher-scoped configuration variables would be absent, or to arrange for this to happen. Although any operating system may be affected, users running Apple Git on macOS are much less likely to be affected. This issue has been addressed in release version 0.10.10. All users are advised to upgrade. \nSeverity: 2.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-02T21:24:24.000000Z"}, {"uuid": "2e495cad-ad47-4d5c-b0e5-4942faf3cadc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45306", "type": "seen", "source": "https://t.me/cvedetector/4649", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45306 - Vim Heap Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-45306 \nPublished : Sept. 2, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of  \na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at  \nthe specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade. \nSeverity: 4.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-02T21:24:20.000000Z"}, {"uuid": "5100d6b5-5945-4771-8715-0ee9df588688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45308", "type": "seen", "source": "https://t.me/cvedetector/4644", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45308 - HedgeDoc MySQL/MariaDB Note Alias Manipulation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45308 \nPublished : Sept. 2, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc 1 with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one. When the freeURL feature is enabled (by setting the `allowFreeURL` config option or the `CMD_ALLOW_FREEURL` environment variable to `true`), any user with the appropriate permissions can create a note with an arbitrary alias, e.g. by accessing it in the browser. When MySQL or MariaDB are used, it is possible to create a new note with an alias that matches the lower-cased ID of a different note. HedgeDoc then always presents the new note to users, as these databases perform case-insensitive matching and the lower-cased alias is found first. This issue only affects HedgeDoc instances that use MySQL or MariaDB. Depending on the permission settings of the HedgeDoc instance, the issue can be exploited only by logged-in users or by all (including non-logged-in) users. The exploit requires knowledge of the ID of the target note. Attackers could use this issue to present a manipulated copy of the original note to the user, e.g. by replacing the links with malicious ones. Attackers can also use this issue to prevent access to the original note, causing a denial of service. No data is lost, as the original content of the affected notes is still present in the database. Users are advised to upgrade to version 1.10.0 which addresses this issue. Users unable to upgrade may disable freeURL mode which prevents the exploitation of this issue. The impact can also be limited by restricting freeURL note creation to trusted, logged-in users by enabling `requireFreeURLAuthentication`/`CMD_REQUIRE_FREEURL_AUTHENTICATION`. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-02T21:24:13.000000Z"}, {"uuid": "9e502843-c382-475d-8c8c-36f6250a291d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "https://t.me/InfoSecInsider/514", "content": "\u26a1\ufe0fOneDev DevOps Platform Patches Critical Security Flaw Exposing Sensitive Data \u2013 (CVE-2024-45309).\n\n#CyberBulletin", "creation_timestamp": "2024-10-22T15:06:35.000000Z"}, {"uuid": "52d23a50-3ae0-4fe6-bee0-bc8eef5e07a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45301", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-026/", "content": "", "creation_timestamp": "2025-01-10T05:00:00.000000Z"}, {"uuid": "a4bc65cd-efae-4505-82ce-b99f4ccb142e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/onedev_arbitrary_file_read.rb", "content": "", "creation_timestamp": "2025-01-07T03:04:28.000000Z"}, {"uuid": "cce7af1c-96d8-42f8-98a6-591e627e3d57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45301", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5hgyzlf7e26", "content": "", "creation_timestamp": "2025-11-12T20:02:21.128887Z"}, {"uuid": "69d6d869-1406-4b0c-890d-c413eab203d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45303", "type": "seen", "source": "https://t.me/cvedetector/5520", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45303 - Discourse Calendar XSS Stored\", \n  \"Content\": \"CVE ID : CVE-2024-45303 \nPublished : Sept. 12, 2024, 7:15 p.m. | 35\u00a0minutes ago \nDescription : Discourse Calendar plugin adds the ability to create a dynamic calendar in the first post of a topic to Discourse. Rendering event names can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse\u2019s default Content Security Policy. The issue is patched in version 0.5 of the Discourse Calendar plugin. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-12T21:53:43.000000Z"}, {"uuid": "eea5711d-8f7e-4d63-b0e4-9b6231aa882b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45304", "type": "seen", "source": "https://t.me/cvedetector/4559", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45304 - Starknet Cairo-Contracts Unauthenticated Ownership Transfer Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45304 \nPublished : Aug. 31, 2024, 12:15 a.m. | 41\u00a0minutes ago \nDescription : Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's intention of leaving the contract without an owner. It introduces a security risk where an unintended party (pending owner) can gain control of the contract after the original owner has renounced ownership. This could also be used by a malicious owner to simulate leaving a contract without an owner, to later regain ownership by previously having proposed himself as a pending owner. This issue has been addressed in release version 0.16.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-31T03:21:41.000000Z"}, {"uuid": "82bd4008-f6d8-4b5f-ba03-43c4195c8f3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "https://t.me/InfoSecInsider/24127", "content": "\u26a1\ufe0fOneDev DevOps Platform Patches Critical Security Flaw Exposing Sensitive Data \u2013 (CVE-2024-45309).\n\n#CyberBulletin", "creation_timestamp": "2024-10-22T15:06:21.000000Z"}, {"uuid": "6221f13e-bf73-4ca9-a278-4640775228e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "https://t.me/CyberBulletin/26125", "content": "\u26a1\ufe0fOneDev DevOps Platform Patches Critical Security Flaw Exposing Sensitive Data \u2013 (CVE-2024-45309).\n\n#CyberBulletin", "creation_timestamp": "2024-10-22T14:41:58.000000Z"}, {"uuid": "983f9660-1323-410c-b2fc-c446d3dbc7db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45309", "type": "seen", "source": "https://bsky.app/profile/rajsamani.bsky.social/post/3lfmiaw27ps2r", "content": "", "creation_timestamp": "2025-01-13T10:03:20.678758Z"}]}