{"vulnerability": "cve-2024-5149", "sightings": [{"uuid": "864c0623-c565-412a-93e9-8d5f0b87c895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51493", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431751259368922", "content": "", "creation_timestamp": "2024-11-05T18:26:06.104956Z"}, {"uuid": "97744e40-574a-4204-a5b1-27e634ea64fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51499", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113505730866493568", "content": "", "creation_timestamp": "2024-11-18T20:00:05.304140Z"}, {"uuid": "0ccddc54-290a-4a8b-9200-ca95c2eb4b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51499", "type": "seen", "source": "https://t.me/cvedetector/11380", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51499 - MarkUs Arbitrary File Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51499 \nPublished : Nov. 18, 2024, 8:15 p.m. | 16\u00a0minutes ago \nDescription : MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the update_files method of the SubmissionsController allows authenticated users (e.g. students) to write arbitrary files to any location on the web server MarkUs is running on (depending on the permissions of the underlying filesystem). e.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. MarkUs v2.4.8 has addressed this issue. No known workarounds are available at the application level aside from upgrading. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T21:34:12.000000Z"}, {"uuid": "514dcf0c-030c-432c-b83f-178c7bad04e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51490", "type": "seen", "source": "https://t.me/cvedetector/10537", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51490 - Ampache Cross-Site Scripting (XS)\", \n  \"Content\": \"CVE ID : CVE-2024-51490 \nPublished : Nov. 11, 2024, 8:15 p.m. | 37\u00a0minutes ago \nDescription : Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change \"Custom URL - Logo\". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-11T21:57:55.000000Z"}, {"uuid": "1f8e6479-4789-4442-8c21-d5c04347c3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51497", "type": "seen", "source": "https://t.me/cvedetector/11098", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51497 - LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51497 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Custom OID\" tab of a device allows authenticated users to inject arbitrary JavaScript through the \"unit\" parameter when creating a new OID. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:13.000000Z"}, {"uuid": "27317974-210e-45b7-a8b1-3e107d05055a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51496", "type": "seen", "source": "https://t.me/cvedetector/11097", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51496 - LibreNMS Reflected Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-51496 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the \"metric\" parameter of the \"/wireless\" and \"/health\" endpoints allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious \"metric\" parameter, potentially compromising their session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:13.000000Z"}, {"uuid": "db9363a6-4f99-4783-abba-ecb822bb3e04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51495", "type": "seen", "source": "https://t.me/cvedetector/11096", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51495 - LibreNMS Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51495 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the \"overwrite_ip\" parameter when editing a device. This vulnerability results in the execution of malicious code when the device overview page is visited, potentially compromising the accounts of other users. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:12.000000Z"}, {"uuid": "c0933158-4e80-41eb-b86e-b43b9834a133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51494", "type": "seen", "source": "https://t.me/cvedetector/11095", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51494 - LibreNMS Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-51494 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Port Settings\" page allows authenticated users to inject arbitrary JavaScript through the \"descr\" parameter when editing a device's port settings. This vulnerability can lead to the execution of malicious code when the \"Port Settings\" page is visited, potentially compromising the user's session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:11.000000Z"}, {"uuid": "b4cc2f17-2b75-4248-9812-df6a0bc495e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51498", "type": "seen", "source": "https://t.me/cvedetector/9805", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51498 - \"Cobalt Cross-site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-51498 \nPublished : Nov. 5, 2024, 12:15 a.m. | 37\u00a0minutes ago \nDescription : cobalt is a media downloader that doesn't piss you off. A malicious cobalt instance could serve links with the `javascript:` protocol, resulting in Cross-site Scripting (XSS) when the user tries to download an item from a picker. This issue has been present since commit `66bac03e`, was mitigated in commit `97977efa` (correctly configured web instances were no longer vulnerable) and fully fixed in commit `c4be1d3a` (included in release version 10.2.1). Users are advised to upgrade. Users unable to upgrade should enable a content-security-policy. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T02:09:21.000000Z"}, {"uuid": "15503ca0-4d76-4386-8aec-5cadadfc612e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51492", "type": "seen", "source": "https://t.me/cvedetector/9620", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51492 - Zusam SVG Image File Code Execution and Session Token Stealing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51492 \nPublished : Nov. 1, 2024, 5:15 p.m. | 17\u00a0minutes ago \nDescription : Zusam is a free and open-source way to self-host private forums. Prior to version 0.5.6, specially crafted SVG files uploaded to the service as images allow for unrestricted script execution on (raw) image load. With certain payloads, theft of the target user\u2019s long-lived session token is possible. Note that Zusam, at the time of writing, uses a user\u2019s static API key as a long-lived session token, and these terms can be used interchangeably on the platform. This session token/API key remains valid indefinitely, so long as the user doesn\u2019t expressly request a new one via their Settings page. Version 0.5.6 fixes the cross-site scripting vulnerability. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T18:42:01.000000Z"}, {"uuid": "6ca4f57a-3416-4f05-bef7-9ccc206a70c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51493", "type": "seen", "source": "https://t.me/cvedetector/9941", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51493 - OctoPrint Cross-Site Request Forgery\", \n  \"Content\": \"CVE ID : CVE-2024-51493 \nPublished : Nov. 5, 2024, 7:15 p.m. | 42\u00a0minutes ago \nDescription : OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.2 contain a vulnerability that allows an attacker that has gained temporary control over an authenticated victim's OctoPrint browser session to retrieve/recreate/delete the user's or - if the victim has admin permissions - the global API key without having to reauthenticate by re-entering the user account's password. An attacker could use a stolen API key to access OctoPrint through its API, or disrupt workflows depending on the API key they deleted. This vulnerability will be patched in version 1.10.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T21:25:43.000000Z"}, {"uuid": "4320d951-6db6-40d4-a181-94d7b411a76a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfpi7dnzvz27", "content": "", "creation_timestamp": "2025-01-14T14:40:25.790117Z"}, {"uuid": "431c70cb-fc7b-4ee1-9a9e-241c3278647c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113823227726464727", "content": "", "creation_timestamp": "2025-01-13T21:43:42.882137Z"}, {"uuid": "47f717e3-da1b-4866-987e-f0d0416691b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfnrbbhgkh2p", "content": "", "creation_timestamp": "2025-01-13T22:17:14.768700Z"}, {"uuid": "c461c345-8775-476e-8398-33263bc1c4bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1418", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-51491\n\ud83d\udd39 Description: notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature.\nAfter retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating system-specific limitations, particularly when the source and destination paths are on different mount points. This failure could lead to an unexpected program termination. In method `crl.(*FileCache).Set`, a temporary file is created in the OS dedicated area (like /tmp for, usually, Linux/Unix). The file is written and then it is tried to move it to the dedicated `notation` cache directory thanks `os.Rename`. As specified in Go documentation, OS specific restriction may apply. When used with Linux OS, it is relying on rename syscall from the libc and as per the documentation, moving a file to a different mountpoint raises an EXDEV error, interpreted as Cross device link not permitted error. Some Linux distribution, like RedHat use a dedicated filesystem (tmpfs), mounted on a specific mountpoint (usually /tmp) for temporary files. When using such OS, revocation check based on CRL will repeatedly crash notation. As a result the signature verification process is aborted as process crashes. This issue has been addressed in version 1.3.0-rc.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-01-13T21:42:11.493Z\n\ud83d\udccf Modified: 2025-01-13T21:42:11.493Z\n\ud83d\udd17 References:\n1. https://github.com/notaryproject/notation-go/security/advisories/GHSA-qjh3-4j3h-vmwp\n2. https://github.com/notaryproject/notation-go/commit/3c3302258ad510fbca2f8a73731569d91f07d196\n3. https://man7.org/linux/man-pages/man2/rename.2.html", "creation_timestamp": "2025-01-13T22:10:33.000000Z"}, {"uuid": "023ced97-3e92-40b1-a1e9-22a0d9ada4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51491", "type": "seen", "source": "https://t.me/cvedetector/15194", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51491 - Notion-go Linux Mountpoint Renaming Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51491 \nPublished : Jan. 13, 2025, 10:15 p.m. | 25\u00a0minutes ago \nDescription : notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature.  \nAfter retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating system-specific limitations, particularly when the source and destination paths are on different mount points. This failure could lead to an unexpected program termination. In method `crl.(*FileCache).Set`, a temporary file is created in the OS dedicated area (like /tmp for, usually, Linux/Unix). The file is written and then it is tried to move it to the dedicated `notation` cache directory thanks `os.Rename`. As specified in Go documentation, OS specific restriction may apply. When used with Linux OS, it is relying on rename syscall from the libc and as per the documentation, moving a file to a different mountpoint raises an EXDEV error, interpreted as Cross device link not permitted error. Some Linux distribution, like RedHat use a dedicated filesystem (tmpfs), mounted on a specific mountpoint (usually /tmp) for temporary files. When using such OS, revocation check based on CRL will repeatedly crash notation. As a result the signature verification process is aborted as process crashes. This issue has been addressed in version 1.3.0-rc.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T23:46:28.000000Z"}]}