支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
一、 漏洞 CVE-2024-11831 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Serialize JavaScript 跨站脚本漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Serialize JavaScript是Yahoo开源的一个将 JavaScript 序列化为包含正则表达式和函数的 JSON 超集。 Serialize JavaScript存在跨站脚本漏洞,该漏洞源于没有正确清理某些输入。攻击者利用该漏洞可以注入恶意代码。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
-- 6.0 ~ 6.0.2 -
Red HatRed Hat Advanced Cluster Security 4.4 4.4.8-2 ~ * cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red HatRed Hat Advanced Cluster Security 4.5 4.5.6-2 ~ * cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red HatRed Hat Ceph Storage 7.1 2:18.2.1-381.el8cp ~ * cpe:/a:redhat:ceph_storage:7.1::el9
Red HatRed Hat Ceph Storage 8.1 2:19.2.1-292.el9cp ~ * cpe:/a:redhat:ceph_storage:8.1::el9
Red HatRed Hat Ceph Storage 9.0 2:20.1.0-144.el10cp ~ * cpe:/a:redhat:ceph_storage:9.0::el10
Red HatRed Hat Enterprise Linux 8 0:8.0.112-1.el8_10 ~ * cpe:/a:redhat:enterprise_linux:8::appstream
Red HatRed Hat Enterprise Linux 9 0:8.0.112-1.el9_5 ~ * cpe:/a:redhat:enterprise_linux:9::appstream
Red HatRHODF-4.14-RHEL-9 v4.14.18-2 ~ * cpe:/a:redhat:openshift_data_foundation:4.14::el9
Red HatRHODF-4.14-RHEL-9 v4.14.18-3 ~ * cpe:/a:redhat:openshift_data_foundation:4.14::el9
Red HatRHODF-4.14-RHEL-9 v4.14.18-2 ~ * cpe:/a:redhat:openshift_data_foundation:4.14::el9
Red HatRHODF-4.15-RHEL-9 v4.15.14-2 ~ * cpe:/a:redhat:openshift_data_foundation:4.15::el9
Red HatRHODF-4.15-RHEL-9 v4.15.14-2 ~ * cpe:/a:redhat:openshift_data_foundation:4.15::el9
Red HatRHODF-4.15-RHEL-9 v4.15.14-2 ~ * cpe:/a:redhat:openshift_data_foundation:4.15::el9
Red HatRHODF-4.16-RHEL-9 v4.16.10-4 ~ * cpe:/a:redhat:openshift_data_foundation:4.16::el9
Red HatRHODF-4.16-RHEL-9 v4.16.10-4 ~ * cpe:/a:redhat:openshift_data_foundation:4.16::el9
Red HatRHODF-4.16-RHEL-9 v4.16.10-3 ~ * cpe:/a:redhat:openshift_data_foundation:4.16::el9
Red HatRHODF-4.17-RHEL-9 v4.17.7-2 ~ * cpe:/a:redhat:openshift_data_foundation:4.17::el9
Red HatRHODF-4.17-RHEL-9 v4.17.7-2 ~ * cpe:/a:redhat:openshift_data_foundation:4.17::el9
Red HatRHODF-4.17-RHEL-9 v4.17.7-2 ~ * cpe:/a:redhat:openshift_data_foundation:4.17::el9
Red HatRHODF-4.18-RHEL-9 v4.18.2-8 ~ * cpe:/a:redhat:openshift_data_foundation:4.18::el9
Red HatRHODF-4.18-RHEL-9 v4.18.2-7 ~ * cpe:/a:redhat:openshift_data_foundation:4.18::el9
Red HatRHODF-4.18-RHEL-9 v4.18.2-8 ~ * cpe:/a:redhat:openshift_data_foundation:4.18::el9
Red HatRed Hat Ceph Storage 8 sha256:5a97e827c48732775a76e2fe25860488e773f4d8da0e0fbc51168fe30a5deb4b ~ * cpe:/a:redhat:ceph_storage:8::el9
Red HatRed Hat Ceph Storage 9 sha256:3e0b13addd3593d8802f1d55e878bb467e5c83e1ffd76999b006107b5cb3d335 ~ * cpe:/a:redhat:ceph_storage:9.0::el9
Red HatRed Hat OpenShift Pipelines 1.14.6 sha256:84f36fbadbbbbaa4a174850994a6bfb1ffb8f2c671f9dee83037a756c3a3cd95 ~ * cpe:/a:redhat:openshift_pipelines:1.14::el8
Red HatRed Hat OpenShift Pipelines 1.15 sha256:3b11a142e5018e047c185199f157089d47e86f470e9ada73d0c36cd84ae2f020 ~ * cpe:/a:redhat:openshift_pipelines:1.15::el8
Red HatRed Hat OpenShift Pipelines 1.15 sha256:43fbd1ff1fcab53e5d4fde5daafa46795b3f2b1e14c07cc2e565b624aa8468c7 ~ * cpe:/a:redhat:openshift_pipelines:1.15::el8
Red HatRed Hat OpenShift Pipelines 1.16 sha256:15b283d200e626cc945bd5bfb71b883948e07ed70e97fd4da5dc678aae183808 ~ * cpe:/a:redhat:openshift_pipelines:1.16::el8
Red HatRed Hat OpenShift Pipelines 1.16 sha256:3fc1b957039ba40b8d5353cd624b930f2bc5c5cb47335f7eb3255a8d792a3060 ~ * cpe:/a:redhat:openshift_pipelines:1.16::el8
Red HatRed Hat OpenShift Pipelines 1.17 sha256:43f914efbabff71cd7f5dad186b461fd87a28846b33f8c8b3d2ad38fece95983 ~ * cpe:/a:redhat:openshift_pipelines:1.17::el8
Red HatRed Hat OpenShift Pipelines 1.17 sha256:31ed62e58c9d12bff8cd88a881eda9b5e68d8d416227d191228dd0d3b4af532c ~ * cpe:/a:redhat:openshift_pipelines:1.17::el8
Red HatRed Hat OpenShift Pipelines 1.18.0 sha256:7a71e590bb448f9f6c9f1e8f8ad0396770cc015e22358d5f7b022f79f2ff01e2 ~ * cpe:/a:redhat:openshift_pipelines:1.18::el9
Red HatRed Hat OpenShift Pipelines 1.19 sha256:31eeeab213a1b603ab8c3f8253cd19c87bb45ca03e96e0461314571a7de82828 ~ * cpe:/a:redhat:openshift_pipelines:1.19::el9
Red HatCryostat 3-cpe:/a:redhat:cryostat:3
Red HatLogging Subsystem for Red Hat OpenShift-cpe:/a:redhat:logging:5
Red HatMigration Toolkit for Virtualization-cpe:/a:redhat:migration_toolkit_virtualization:2
Red Hat.NET 6.0 on Red Hat Enterprise Linux-cpe:/a:redhat:rhel_dotnet:6.0
Red HatOpenShift Lightspeed-cpe:/a:redhat:openshift_lightspeed
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Pipelines-cpe:/a:redhat:openshift_pipelines:1
Red HatOpenShift Serverless-cpe:/a:redhat:serverless:1
Red HatOpenShift Service Mesh 2-cpe:/a:redhat:service_mesh:2
Red HatOpenShift Service Mesh 2-cpe:/a:redhat:service_mesh:2
Red HatRed Hat 3scale API Management Platform 2-cpe:/a:redhat:red_hat_3scale_amp:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Advanced Cluster Security 4-cpe:/a:redhat:advanced_cluster_security:4
Red HatRed Hat Ansible Automation Platform 2-cpe:/a:redhat:ansible_automation_platform:2
Red HatRed Hat Ansible Automation Platform 2-cpe:/a:redhat:ansible_automation_platform:2
Red HatRed Hat Ansible Automation Platform 2-cpe:/a:redhat:ansible_automation_platform:2
Red HatRed Hat Ansible Automation Platform 2-cpe:/a:redhat:ansible_automation_platform:2
Red HatRed Hat build of Apache Camel - HawtIO 4-cpe:/a:redhat:apache_camel_hawtio:4
Red HatRed Hat build of Apicurio Registry 2-cpe:/a:redhat:service_registry:2
Red HatRed Hat build of OptaPlanner 8-cpe:/a:redhat:optaplanner:::el6
Red HatRed Hat Ceph Storage 7-cpe:/a:redhat:ceph_storage:7
Red HatRed Hat Ceph Storage 7-cpe:/a:redhat:ceph_storage:7
Red HatRed Hat Ceph Storage 7-cpe:/a:redhat:ceph_storage:7
Red HatRed Hat Ceph Storage 8-cpe:/a:redhat:ceph_storage:8
Red HatRed Hat Ceph Storage 8-cpe:/a:redhat:ceph_storage:8
Red HatRed Hat Ceph Storage 9-cpe:/a:redhat:ceph_storage:9
Red HatRed Hat Ceph Storage 9-cpe:/a:redhat:ceph_storage:9
Red HatRed Hat Data Grid 8-cpe:/a:redhat:jboss_data_grid:8
Red HatRed Hat Developer Hub-cpe:/a:redhat:rhdh:1
Red HatRed Hat Discovery 1-cpe:/a:redhat:discovery:1
Red HatRed Hat Enterprise Linux 10-cpe:/o:redhat:enterprise_linux:10
Red HatRed Hat Enterprise Linux 8-cpe:/o:redhat:enterprise_linux:8
Red HatRed Hat Enterprise Linux 8-cpe:/o:redhat:enterprise_linux:8
Red HatRed Hat Enterprise Linux 8-cpe:/o:redhat:enterprise_linux:8
Red HatRed Hat Enterprise Linux 9-cpe:/o:redhat:enterprise_linux:9
Red HatRed Hat Enterprise Linux 9-cpe:/o:redhat:enterprise_linux:9
Red HatRed Hat Enterprise Linux 9-cpe:/o:redhat:enterprise_linux:9
Red HatRed Hat Fuse 7-cpe:/a:redhat:jboss_fuse:7
Red HatRed Hat Integration Camel K 1-cpe:/a:redhat:integration:1
Red HatRed Hat JBoss Enterprise Application Platform 7-cpe:/a:redhat:jboss_enterprise_application_platform:7
Red HatRed Hat JBoss Enterprise Application Platform 8-cpe:/a:redhat:jboss_enterprise_application_platform:8
Red HatRed Hat JBoss Enterprise Application Platform Expansion Pack-cpe:/a:redhat:jbosseapxp
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift AI (RHOAI)-cpe:/a:redhat:openshift_ai
Red HatRed Hat OpenShift Container Platform 3.11-cpe:/a:redhat:openshift:3.11
Red HatRed Hat OpenShift Container Platform 4-cpe:/a:redhat:openshift:4
Red HatRed Hat OpenShift Dev Spaces-cpe:/a:redhat:openshift_devspaces:3
Red HatRed Hat OpenShift Dev Spaces-cpe:/a:redhat:openshift_devspaces:3
Red HatRed Hat OpenShift Dev Spaces-cpe:/a:redhat:openshift_devspaces:3
Red HatRed Hat OpenShift distributed tracing 3-cpe:/a:redhat:openshift_distributed_tracing:3
Red HatRed Hat OpenShift distributed tracing 3-cpe:/a:redhat:openshift_distributed_tracing:3
Red HatRed Hat OpenShift distributed tracing 3-cpe:/a:redhat:openshift_distributed_tracing:3
Red HatRed Hat OpenShift distributed tracing 3-cpe:/a:redhat:openshift_distributed_tracing:3
Red HatRed Hat OpenShift distributed tracing 3-cpe:/a:redhat:openshift_distributed_tracing:3
Red HatRed Hat OpenShift distributed tracing 3-cpe:/a:redhat:openshift_distributed_tracing:3
Red HatRed Hat OpenShift distributed tracing 3-cpe:/a:redhat:openshift_distributed_tracing:3
Red HatRed Hat Process Automation 7-cpe:/a:redhat:jboss_enterprise_bpms_platform:7
Red HatRed Hat Quay 3-cpe:/a:redhat:quay:3
Red HatRed Hat Satellite 6-cpe:/a:redhat:satellite:6
Red HatRed Hat Satellite 6-cpe:/a:redhat:satellite:6
Red HatRed Hat Single Sign-On 7-cpe:/a:redhat:red_hat_single_sign_on:7
Red HatRed Hat Trusted Profile Analyzer-cpe:/a:redhat:trusted_profile_analyzer:1
二、漏洞 CVE-2024-11831 的公开POC
#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2024-11831 的情报信息
Please 登录 to view more intelligence information
四、漏洞 CVE-2024-11831 的评论

暂无评论

发表评论