diff --git a/2018/CVE-2018-14847.json b/2018/CVE-2018-14847.json index f85bdf7d25..9a6fc484b9 100644 --- a/2018/CVE-2018-14847.json +++ b/2018/CVE-2018-14847.json @@ -19,13 +19,13 @@ "stargazers_count": 505, "watchers_count": 505, "has_discussions": false, - "forks_count": 454, + "forks_count": 453, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 454, + "forks": 453, "watchers": 505, "score": 0, "subscribers_count": 58 diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json index 2672d90b5e..81106fab54 100644 --- a/2018/CVE-2018-7600.json +++ b/2018/CVE-2018-7600.json @@ -66,7 +66,7 @@ "forks": 109, "watchers": 348, "score": 0, - "subscribers_count": 78 + "subscribers_count": 77 }, { "id": 129319611, diff --git a/2019/CVE-2019-11157.json b/2019/CVE-2019-11157.json index aaf6c59aef..3f4bf6268f 100644 --- a/2019/CVE-2019-11157.json +++ b/2019/CVE-2019-11157.json @@ -14,7 +14,7 @@ "description": "Tool Suite for V0LTpwn (CVE-2019-11157). Code will be published soon.", "fork": false, "created_at": "2019-12-15T15:11:07Z", - "updated_at": "2024-08-12T19:55:45Z", + "updated_at": "2024-10-19T15:32:17Z", "pushed_at": "2019-12-16T22:32:06Z", "stargazers_count": 7, "watchers_count": 7, diff --git a/2021/CVE-2021-30657.json b/2021/CVE-2021-30657.json index 60d045382b..8c24ad7a37 100644 --- a/2021/CVE-2021-30657.json +++ b/2021/CVE-2021-30657.json @@ -19,13 +19,13 @@ "stargazers_count": 31, "watchers_count": 31, "has_discussions": false, - "forks_count": 7, + "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 7, + "forks": 8, "watchers": 31, "score": 0, "subscribers_count": 5 diff --git a/2021/CVE-2021-32708.json b/2021/CVE-2021-32708.json new file mode 100644 index 0000000000..f462538683 --- /dev/null +++ b/2021/CVE-2021-32708.json @@ -0,0 +1,33 @@ +[ + { + "id": 875233508, + "name": "CVE-2021-32708", + "full_name": "fazilbaig1\/CVE-2021-32708", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2021-32708", + "description": "Affected versions of this package are vulnerable to Race Condition. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely.", + "fork": false, + "created_at": "2024-10-19T12:49:56Z", + "updated_at": "2024-10-19T12:51:26Z", + "pushed_at": "2024-10-19T12:51:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index 897f476e9d..b3b9448264 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -49,10 +49,10 @@ "description": "CVE-2021-4034 1day", "fork": false, "created_at": "2022-01-25T23:51:37Z", - "updated_at": "2024-10-18T06:08:59Z", + "updated_at": "2024-10-19T13:46:18Z", "pushed_at": "2022-06-08T04:00:28Z", - "stargazers_count": 1960, - "watchers_count": 1960, + "stargazers_count": 1961, + "watchers_count": 1961, "has_discussions": false, "forks_count": 511, "allow_forking": true, @@ -61,7 +61,7 @@ "topics": [], "visibility": "public", "forks": 511, - "watchers": 1960, + "watchers": 1961, "score": 0, "subscribers_count": 20 }, @@ -2018,13 +2018,13 @@ "stargazers_count": 338, "watchers_count": 338, "has_discussions": false, - "forks_count": 41, + "forks_count": 43, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 41, + "forks": 43, "watchers": 338, "score": 0, "subscribers_count": 6 diff --git a/2021/CVE-2021-45232.json b/2021/CVE-2021-45232.json index 1d16e01a90..2894ff2fb3 100644 --- a/2021/CVE-2021-45232.json +++ b/2021/CVE-2021-45232.json @@ -281,37 +281,6 @@ "score": 0, "subscribers_count": 0 }, - { - "id": 445756387, - "name": "Demo", - "full_name": "yggcwhat\/Demo", - "owner": { - "login": "yggcwhat", - "id": 91769835, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91769835?v=4", - "html_url": "https:\/\/github.com\/yggcwhat", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/yggcwhat\/Demo", - "description": "CVE-2021-45232批量一键检测", - "fork": false, - "created_at": "2022-01-08T07:42:43Z", - "updated_at": "2022-01-08T07:42:43Z", - "pushed_at": "2022-01-08T07:42:44Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - }, { "id": 445762780, "name": "CVE-2021-45232", diff --git a/2022/CVE-2022-38691.json b/2022/CVE-2022-38691.json index bec9822eef..6399d1ecc9 100644 --- a/2022/CVE-2022-38691.json +++ b/2022/CVE-2022-38691.json @@ -14,10 +14,10 @@ "description": "Let's control Secure Boot Chain ourselves.", "fork": false, "created_at": "2023-12-01T07:32:18Z", - "updated_at": "2024-10-03T05:26:59Z", + "updated_at": "2024-10-19T14:32:39Z", "pushed_at": "2024-02-20T09:05:59Z", - "stargazers_count": 34, - "watchers_count": 34, + "stargazers_count": 35, + "watchers_count": 35, "has_discussions": false, "forks_count": 8, "allow_forking": true, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 8, - "watchers": 34, + "watchers": 35, "score": 0, "subscribers_count": 3 } diff --git a/2022/CVE-2022-38694.json b/2022/CVE-2022-38694.json index e6ddd68b81..57257879c4 100644 --- a/2022/CVE-2022-38694.json +++ b/2022/CVE-2022-38694.json @@ -14,10 +14,10 @@ "description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", "fork": false, "created_at": "2023-06-10T08:31:26Z", - "updated_at": "2024-10-19T06:48:29Z", + "updated_at": "2024-10-19T14:32:35Z", "pushed_at": "2024-08-01T15:09:15Z", - "stargazers_count": 268, - "watchers_count": 268, + "stargazers_count": 269, + "watchers_count": 269, "has_discussions": true, "forks_count": 39, "allow_forking": true, @@ -29,7 +29,7 @@ ], "visibility": "public", "forks": 39, - "watchers": 268, + "watchers": 269, "score": 0, "subscribers_count": 5 }, @@ -48,10 +48,10 @@ "description": "Bootloader unlock using CVE-2022-38694 for Anbernic Unisoc T820 devices", "fork": false, "created_at": "2024-06-27T14:28:13Z", - "updated_at": "2024-10-18T20:53:56Z", + "updated_at": "2024-10-19T17:17:15Z", "pushed_at": "2024-10-15T10:16:57Z", - "stargazers_count": 24, - "watchers_count": 24, + "stargazers_count": 25, + "watchers_count": 25, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -60,7 +60,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 24, + "watchers": 25, "score": 0, "subscribers_count": 1 } diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index de496deb4d..04561951ac 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -107,10 +107,10 @@ "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", "fork": false, "created_at": "2022-12-26T06:56:35Z", - "updated_at": "2024-10-17T05:52:13Z", + "updated_at": "2024-10-19T13:11:43Z", "pushed_at": "2023-08-02T09:35:14Z", - "stargazers_count": 880, - "watchers_count": 880, + "stargazers_count": 882, + "watchers_count": 882, "has_discussions": false, "forks_count": 72, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 72, - "watchers": 880, + "watchers": 882, "score": 0, "subscribers_count": 25 }, diff --git a/2023/CVE-2023-24955.json b/2023/CVE-2023-24955.json index 9149fd5f89..27212a3b1e 100644 --- a/2023/CVE-2023-24955.json +++ b/2023/CVE-2023-24955.json @@ -14,10 +14,10 @@ "description": "Exploit for Microsoft SharePoint 2019", "fork": false, "created_at": "2023-12-28T09:08:47Z", - "updated_at": "2024-10-18T08:42:22Z", + "updated_at": "2024-10-19T13:03:34Z", "pushed_at": "2023-12-28T10:02:02Z", - "stargazers_count": 12, - "watchers_count": 12, + "stargazers_count": 13, + "watchers_count": 13, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 12, + "watchers": 13, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-21111.json b/2024/CVE-2024-21111.json index fd1723cc90..2203d3b895 100644 --- a/2024/CVE-2024-21111.json +++ b/2024/CVE-2024-21111.json @@ -14,10 +14,10 @@ "description": "Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability", "fork": false, "created_at": "2024-04-22T07:05:04Z", - "updated_at": "2024-10-08T19:13:04Z", + "updated_at": "2024-10-19T13:06:32Z", "pushed_at": "2024-05-09T16:39:55Z", - "stargazers_count": 211, - "watchers_count": 211, + "stargazers_count": 212, + "watchers_count": 212, "has_discussions": false, "forks_count": 35, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 35, - "watchers": 211, + "watchers": 212, "score": 0, "subscribers_count": 5 }, diff --git a/2024/CVE-2024-21338.json b/2024/CVE-2024-21338.json index 03c8694735..ed818cca95 100644 --- a/2024/CVE-2024-21338.json +++ b/2024/CVE-2024-21338.json @@ -76,10 +76,10 @@ "description": "PoC for the Untrusted Pointer Dereference in the appid.sys driver", "fork": false, "created_at": "2024-04-23T19:09:22Z", - "updated_at": "2024-10-19T12:08:11Z", + "updated_at": "2024-10-19T14:59:56Z", "pushed_at": "2024-04-23T19:13:53Z", - "stargazers_count": 10, - "watchers_count": 10, + "stargazers_count": 11, + "watchers_count": 11, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 10, + "watchers": 11, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-24401.json b/2024/CVE-2024-24401.json index 09efcf493a..a299859d85 100644 --- a/2024/CVE-2024-24401.json +++ b/2024/CVE-2024-24401.json @@ -19,13 +19,13 @@ "stargazers_count": 29, "watchers_count": 29, "has_discussions": false, - "forks_count": 5, + "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 5, + "forks": 6, "watchers": 29, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-24576.json b/2024/CVE-2024-24576.json index 16d66cb7da..398177b541 100644 --- a/2024/CVE-2024-24576.json +++ b/2024/CVE-2024-24576.json @@ -14,10 +14,10 @@ "description": "Example of CVE-2024-24576 use case.", "fork": false, "created_at": "2024-04-09T21:17:15Z", - "updated_at": "2024-08-05T08:20:10Z", + "updated_at": "2024-10-19T17:00:27Z", "pushed_at": "2024-04-10T14:46:42Z", - "stargazers_count": 56, - "watchers_count": 56, + "stargazers_count": 57, + "watchers_count": 57, "has_discussions": false, "forks_count": 10, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 10, - "watchers": 56, + "watchers": 57, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-30088.json b/2024/CVE-2024-30088.json index 30ac42ad34..a11e205fb4 100644 --- a/2024/CVE-2024-30088.json +++ b/2024/CVE-2024-30088.json @@ -186,7 +186,7 @@ "subscribers_count": 1 }, { - "id": 875191702, + "id": 875255026, "name": "CVE-2024-30088", "full_name": "l0n3m4n\/CVE-2024-30088", "owner": { @@ -197,11 +197,11 @@ "user_view_type": "public" }, "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-30088", - "description": "Windows privilege escalation: Time-of-check Time-of-use (TOCTOU) Race Condition", + "description": "Windows Kernel Elevation of Privilege (PoC) ", "fork": false, - "created_at": "2024-10-19T10:35:04Z", - "updated_at": "2024-10-19T10:36:40Z", - "pushed_at": "2024-10-19T10:36:36Z", + "created_at": "2024-10-19T13:54:33Z", + "updated_at": "2024-10-19T14:41:12Z", + "pushed_at": "2024-10-19T14:41:08Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, diff --git a/2024/CVE-2024-35250.json b/2024/CVE-2024-35250.json index 2f67341f83..c4cda6a66b 100644 --- a/2024/CVE-2024-35250.json +++ b/2024/CVE-2024-35250.json @@ -14,10 +14,10 @@ "description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver", "fork": false, "created_at": "2024-10-13T19:30:20Z", - "updated_at": "2024-10-19T10:20:45Z", + "updated_at": "2024-10-19T16:22:16Z", "pushed_at": "2024-10-17T18:36:54Z", - "stargazers_count": 161, - "watchers_count": 161, + "stargazers_count": 163, + "watchers_count": 163, "has_discussions": false, "forks_count": 40, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 40, - "watchers": 161, + "watchers": 163, "score": 0, "subscribers_count": 2 } diff --git a/2024/CVE-2024-44193.json b/2024/CVE-2024-44193.json index c2e8861031..5e1e3fb90f 100644 --- a/2024/CVE-2024-44193.json +++ b/2024/CVE-2024-44193.json @@ -14,10 +14,10 @@ "description": "Hacking Windows through iTunes - Local Privilege Escalation 0-day", "fork": false, "created_at": "2024-10-04T14:20:15Z", - "updated_at": "2024-10-18T12:16:17Z", + "updated_at": "2024-10-19T13:32:03Z", "pushed_at": "2024-10-04T14:59:50Z", - "stargazers_count": 72, - "watchers_count": 72, + "stargazers_count": 73, + "watchers_count": 73, "has_discussions": false, "forks_count": 9, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 9, - "watchers": 72, + "watchers": 73, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-4577.json b/2024/CVE-2024-4577.json index 736b6f1eb3..7d60f34f4e 100644 --- a/2024/CVE-2024-4577.json +++ b/2024/CVE-2024-4577.json @@ -143,13 +143,13 @@ "stargazers_count": 42, "watchers_count": 42, "has_discussions": false, - "forks_count": 7, + "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 7, + "forks": 8, "watchers": 42, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-47854.json b/2024/CVE-2024-47854.json new file mode 100644 index 0000000000..76013679e5 --- /dev/null +++ b/2024/CVE-2024-47854.json @@ -0,0 +1,33 @@ +[ + { + "id": 875249581, + "name": "CVE-2024-47854", + "full_name": "MarioTesoro\/CVE-2024-47854", + "owner": { + "login": "MarioTesoro", + "id": 62204045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204045?v=4", + "html_url": "https:\/\/github.com\/MarioTesoro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarioTesoro\/CVE-2024-47854", + "description": "Proof of concept of multiple Reflected Cross-Site Scripting (XSS) vulnerabilities discovered in Veritas Data Insight before 7.1.", + "fork": false, + "created_at": "2024-10-19T13:38:23Z", + "updated_at": "2024-10-19T14:45:04Z", + "pushed_at": "2024-10-19T14:45:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index 0cc12cef2f..337d9f1719 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -2404,10 +2404,10 @@ "description": "This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.", "fork": false, "created_at": "2024-07-09T17:40:19Z", - "updated_at": "2024-10-03T05:17:55Z", + "updated_at": "2024-10-19T14:48:00Z", "pushed_at": "2024-07-10T15:24:08Z", - "stargazers_count": 91, - "watchers_count": 91, + "stargazers_count": 92, + "watchers_count": 92, "has_discussions": false, "forks_count": 17, "allow_forking": true, @@ -2416,7 +2416,7 @@ "topics": [], "visibility": "public", "forks": 17, - "watchers": 91, + "watchers": 92, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-6778.json b/2024/CVE-2024-6778.json index 6dc5b62d94..d33e8a2b0a 100644 --- a/2024/CVE-2024-6778.json +++ b/2024/CVE-2024-6778.json @@ -14,10 +14,10 @@ "description": "A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension. ", "fork": false, "created_at": "2024-09-10T06:27:59Z", - "updated_at": "2024-10-19T07:41:30Z", + "updated_at": "2024-10-19T15:19:37Z", "pushed_at": "2024-10-17T05:12:29Z", - "stargazers_count": 23, - "watchers_count": 23, + "stargazers_count": 24, + "watchers_count": 24, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 23, + "watchers": 24, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-9264.json b/2024/CVE-2024-9264.json new file mode 100644 index 0000000000..db3093591b --- /dev/null +++ b/2024/CVE-2024-9264.json @@ -0,0 +1,45 @@ +[ + { + "id": 875253753, + "name": "CVE-2024-9264", + "full_name": "nollium\/CVE-2024-9264", + "owner": { + "login": "nollium", + "id": 54525684, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54525684?v=4", + "html_url": "https:\/\/github.com\/nollium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nollium\/CVE-2024-9264", + "description": "Exploit for Grafana arbitrary file-read (CVE-2024-9264)", + "fork": false, + "created_at": "2024-10-19T13:50:52Z", + "updated_at": "2024-10-19T17:39:00Z", + "pushed_at": "2024-10-19T16:01:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authenticated", + "cve", + "cve-2024-9264", + "exploit", + "file-read-vulnerability", + "grafana", + "poc", + "rce", + "rce-exploit", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 3be47e015e..e4899e7836 100644 --- a/README.md +++ b/README.md @@ -1612,6 +1612,9 @@ ### CVE-2024-9234 - [RandomRobbieBF/CVE-2024-9234](https://github.com/RandomRobbieBF/CVE-2024-9234) +### CVE-2024-9264 +- [nollium/CVE-2024-9264](https://github.com/nollium/CVE-2024-9264) + ### CVE-2024-9441 - [adhikara13/CVE-2024-9441](https://github.com/adhikara13/CVE-2024-9441) - [p33d/CVE-2024-9441](https://github.com/p33d/CVE-2024-9441) @@ -5505,6 +5508,9 @@ ### CVE-2024-47177 - [referefref/cupspot-2024-47177](https://github.com/referefref/cupspot-2024-47177) +### CVE-2024-47854 +- [MarioTesoro/CVE-2024-47854](https://github.com/MarioTesoro/CVE-2024-47854) + ### CVE-2024-48415 - [khaliquesX/CVE-2024-48415](https://github.com/khaliquesX/CVE-2024-48415) @@ -23904,6 +23910,13 @@ - [nickswink/CVE-2021-32682](https://github.com/nickswink/CVE-2021-32682) +### CVE-2021-32708 (2021-06-24) + +<code>Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions are: A user is allowed to supply the path or filename of an uploaded file, the supplied path or filename is not checked against unicode chars, the supplied pathname checked against an extension deny-list, not an allow-list, the supplied path or filename contains a unicode whitespace char in the extension, the uploaded file is stored in a directory that allows PHP code to be executed. Given these conditions are met a user can upload and execute arbitrary code on the system under attack. The unicode whitespace removal has been replaced with a rejection (exception). For 1.x users, upgrade to 1.1.4. For 2.x users, upgrade to 2.1.1. +</code> + +- [fazilbaig1/CVE-2021-32708](https://github.com/fazilbaig1/CVE-2021-32708) + ### CVE-2021-32724 (2021-09-09) <code>check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the [check-spelling action](https://github.com/marketplace/actions/check-spelling) enabled that triggers on `pull_request_target` (or `schedule`), an attacker can send a crafted Pull Request that causes a `GITHUB_TOKEN` to be exposed. With the `GITHUB_TOKEN`, it's possible to push commits to the repository bypassing standard approval processes. Commits to the repository could then steal any/all secrets available to the repository. As a workaround users may can either: [Disable the workflow](https://docs.github.com/en/actions/managing-workflow-runs/disabling-and-enabling-a-workflow) until you've fixed all branches or Set repository to [Allow specific actions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#allowing-specific-actions-to-run). check-spelling isn't a verified creator and it certainly won't be anytime soon. You could then explicitly add other actions that your repository uses. Set repository [Workflow permissions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository) to `Read repository contents permission`. Workflows using `check-spelling/check-spelling@main` will get the fix automatically. Workflows using a pinned sha or tagged version will need to change the affected workflows for all repository branches to the latest version. Users can verify who and which Pull Requests have been running the action by looking up the spelling.yml action in the Actions tab of their repositories, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml - you can filter PRs by adding ?query=event%3Apull_request_target, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml?query=event%3Apull_request_target. @@ -26886,7 +26899,6 @@ - [dskho/CVE-2021-45232](https://github.com/dskho/CVE-2021-45232) - [GYLQ/CVE-2021-45232-RCE](https://github.com/GYLQ/CVE-2021-45232-RCE) - [fany0r/CVE-2021-45232-RCE](https://github.com/fany0r/CVE-2021-45232-RCE) -- [yggcwhat/Demo](https://github.com/yggcwhat/Demo) - [yggcwhat/CVE-2021-45232](https://github.com/yggcwhat/CVE-2021-45232) - [YutuSec/Apisix_Crack](https://github.com/YutuSec/Apisix_Crack)