12 matches found
SUSE CVE-2024-53848
check-jsonschema is a CLI and set of pre-commit hooks for jsonschema validation. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attack...
meltano (>=2.16.0 <=3.6.0b4), nmdc-schema (>=0.0.0 <=7.4.12) +2 more potentially affected by CVE-2024-53848 via check-jsonschema (>=0.19.2 <=0.29.4)
check-jsonschema PYPI version =0.19.2, =2.16.0, =0.0.0, =0.3.0, =0.3.0, =0.4.1 Source cves: CVE-2024-53848 Source advisory: OSV:GHSA-Q6MV-284R-MP36...
CVE-2024-53848
A flaw was found in check-jsonschema. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, for example, https://example.org/schema.json, which will be stored as schema.json. This naming allows for conflicts. If an attacker can get a user to run...
Acceptance of Extraneous Untrusted Data With Trusted Data
Overview check-jsonschema is an A jsonschema CLI and pre-commit hook Affected versions of this package are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data via the default caching mechanism for remote schemas. An attacker can manipulate the cache to insert a malicious schem...
CVE-2024-53848
check-jsonschema is a CLI and set of pre-commit hooks for jsonschema validation. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attack...
CVE-2024-53848 check-jsonschema default caching for remote schemas allows for cache confusion
check-jsonschema is a CLI and set of pre-commit hooks for jsonschema validation. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attack...
CVE-2024-53848
The CVE-2024-53848 issue affects the check-jsonschema tool (and related advisories) where the default caching uses the remote schema basename (e.g., https://example.org/schema.json) as the cache filename. This can allow a malicious schema URL to overwrite or be substituted in the cache leading to...
CVE-2024-53848 check-jsonschema default caching for remote schemas allows for cache confusion
check-jsonschema is a CLI and set of pre-commit hooks for jsonschema validation. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attack...
CVE-2024-53848 check-jsonschema default caching for remote schemas allows for cache confusion
check-jsonschema is a CLI and set of pre-commit hooks for jsonschema validation. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attack...
CVE-2024-53848
check-jsonschema is a CLI and set of pre-commit hooks for jsonschema validation. The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attack...
PT-2024-35950 · Unknown · Check-Jsonschema
Name of the Vulnerable Software and Affected Versions: check-jsonschema versions prior to 0.30.0 Description: The default cache strategy in check-jsonschema uses the basename of a remote schema as the name of the file in the cache. This naming allows for conflicts, enabling an attacker to insert...
check-jsonschema 安全漏洞
check-jsonschema is a Python + JSON Schema open source CLI for jsonschema validation. A security vulnerability exists in check-jsonschema that stems from a default caching policy that uses the base name of a remote schema as the name of a file in the cache, e.g...