diff --git a/advisories/unreviewed/2024/09/GHSA-6q8c-85p2-954c/GHSA-6q8c-85p2-954c.json b/advisories/unreviewed/2024/09/GHSA-6q8c-85p2-954c/GHSA-6q8c-85p2-954c.json index 874b8ded2d151..0e882fa1952df 100644 --- a/advisories/unreviewed/2024/09/GHSA-6q8c-85p2-954c/GHSA-6q8c-85p2-954c.json +++ b/advisories/unreviewed/2024/09/GHSA-6q8c-85p2-954c/GHSA-6q8c-85p2-954c.json @@ -1,19 +1,373 @@ { "schema_version": "1.4.0", "id": "GHSA-6q8c-85p2-954c", - "modified": "2024-09-25T15:31:13Z", + "modified": "2024-09-25T15:31:19Z", "published": "2024-09-25T15:31:12Z", "aliases": [ "CVE-2024-8316" ], - "details": "In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability.", + "summary": "Completion of GHSA-6q8c-85p2-954c", + "details": "In Progress Telerik UI for WPF versions 2016 R3 (2016.3.1024) to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability. For more information, visit the associated knowledgebase article => https://docs.telerik.com/devtools/wpf/knowledge-base/unsafe-deserialization-cve-2024-8316.", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], - "affected": [], + "affected": [ + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.Windows.Controls.Diagrams.for.Wpf" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.Windows.Controls.Diagrams.for.Wpf.Xaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.Windows.Controls.Diagrams.Extensions.for.Wpf" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.Windows.Controls.Diagrams.Extensions.for.Wpf.Xaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.Windows.Controls.Diagrams.Ribbon.for.Wpf" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.Windows.Controls.Diagrams.Ribbon.for.Wpf.Xaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.Windows.Diagrams.Core.for.Wpf" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.Windows.Diagrams.Core.for.Wpf.Xaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.UI.for.Wpf.462" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.UI.for.Wpf.462.Xaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.UI.for.Wpf.60" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.UI.for.Wpf.60.Xaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.UI.for.Wpf.80" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.UI.for.Wpf.80.Xaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.UI.for.Wpf.AllControls" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + }, + { + "package": { + "ecosystem": "NuGet", + "name": "Telerik.UI.for.Wpf.AllControls.Xaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2016.3.1024" + }, + { + "fixed": "2024.3.924" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2024.3.806" + } + } + ], "references": [ { "type": "ADVISORY",