diff --git a/data/cvex_data/cvex_v2.json b/data/cvex_data/cvex_v2.json index 0d37cf5..4170401 100755 --- a/data/cvex_data/cvex_v2.json +++ b/data/cvex_data/cvex_v2.json @@ -28,7 +28,7 @@ "authors":["racheljiang310"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2023-28155.docker-compose.yml", + "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2023-28155.docker-compose.yml", "images": ["cvex-2023-28155/listener", "cvex-2023-28155/client", "cvex-2023-28155/bad_server", "cvex-2023-28155/php_server"], "description": "The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.", "page": "/CVEX-2023-28155/" @@ -39,7 +39,7 @@ "authors":["racheljiang310"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2023-31419.docker-compose.yml", + "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2023-31419.docker-compose.yml", "images": ["cvex-2023-31419/client","cvex-2023-31419/server","cvex-2023-31419/listener"], "description": "A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.", "page": "/CVEX-2023-31419/" @@ -50,7 +50,7 @@ "authors":["racheljiang310"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link":"https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2023-42282.docker-compose.yml", + "link":"https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2023-42282.docker-compose.yml", "images": ["cvex-2023-42282/client", "cvex-2023-42282/server", "cvex-2023-42282/listener"], "description": "The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.", "page": "/CVEX-2023-42282/" @@ -61,7 +61,7 @@ "authors":["racheljiang310"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2024-21508.docker-compose.yml", + "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2024-21508.docker-compose.yml", "images": ["cvex-2023-42282/client", "cvex-2023-42282/server", "cvex-2023-42282/listener"], "description": "Found in versions of the mysql2 <= 3.9.4, this vulnerability allows for Remote Code Execution (RCE) through the readCodeFor function, due to improper validation of the supportBigNumbers and bigNumberStrings values. The potential impact includes high integrity and confidentiality impact, as well as high availability impact.", "page": "/CVEX-2024-21508/" @@ -72,7 +72,7 @@ "authors":["yarwinliu"], "version": 2.0, "domain": "ghcr.io/ucsb-seclab", - "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/CVEX-2023-0286.docker-compose.yml", + "link": "https://github.com/ucsb-seclab/xplor-cvex/blob/main/data/cvex_data/compose-files/cvex-2023-0286.docker-compose.yml", "images": ["cvex-2024-21508/listener", "cvex-2024-21508/server", "cvex-2024-21508/client"], "description": "Clones openssl version 3.0.7, containing a vulnerability that attributes the wrong variable type (ASN1_TYPE rather than ASN1_STRING) to a x509 address, allowing elevation of privilege.", "page": "/CVEX-2023-0286/"