Assign IDs

pypa · Nov 15, 2024 · fdacb7f · fdacb7f
1 parent 1b2149a
commit fdacb7f
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 17 deletions.
diff --git a/vulns/.id-allocator b/vulns/.id-allocator
@@ -1 +1 @@
-fbb8cec03ade273450b3e22ae21d7ed5e8ac301203aedeb78f98f45e23d3c650
+d7c63b7662f55967e96683fa21a50a38386bf5769f68232902a1eb18a6457618
diff --git a/vulns/lollms/PYSEC-0000-CVE-2024-6985.yaml → vulns/lollms/PYSEC-2024-122.yaml b/vulns/lollms/PYSEC-0000-CVE-2024-6985.yaml → vulns/lollms/PYSEC-2024-122.yaml
@@ -1,34 +1,27 @@
-id: PYSEC-0000-CVE-2024-6985
+id: PYSEC-2024-122
+modified: 2024-11-15T20:23:01.816492Z
+published: 2024-10-11T16:15:00Z
+aliases:
+- CVE-2024-6985
 details: A path traversal vulnerability exists in the api open_personality_folder
   endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read
   any folder in the personality_folder on the victim's computer, even though sanitize_path
   is set. The issue arises due to improper sanitization of the personality_folder
   parameter, which can be exploited to traverse directories and access arbitrary files.
-aliases:
-- CVE-2024-6985
-modified: '2024-11-15T20:23:01.816492Z'
-published: '2024-10-11T16:15:00Z'
-references:
-- type: EVIDENCE
-  url: https://huntr.com/bounties/79c11579-47d8-4e68-8466-b47c3bf5ef6a
-- type: WEB
-  url: https://huntr.com/bounties/79c11579-47d8-4e68-8466-b47c3bf5ef6a
-- type: FIX
-  url: https://github.com/parisneo/lollms/commit/28ee567a9a120967215ff19b96ab7515ce469620
 affected:
 - package:
-    name: lollms
     ecosystem: PyPI
+    name: lollms
     purl: pkg:pypi/lollms
   ranges:
   - type: GIT
-    repo: https://github.com/parisneo/lollms
     events:
-    - introduced: '0'
+    - introduced: "0"
     - fixed: 28ee567a9a120967215ff19b96ab7515ce469620
+    repo: https://github.com/parisneo/lollms
   - type: ECOSYSTEM
     events:
-    - introduced: '0'
+    - introduced: "0"
     - fixed: 5.9.0
   versions:
   - 1.1.10
@@ -271,3 +264,10 @@ affected:
 severity:
 - type: CVSS_V3
   score: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
+references:
+- type: EVIDENCE
+  url: https://huntr.com/bounties/79c11579-47d8-4e68-8466-b47c3bf5ef6a
+- type: WEB
+  url: https://huntr.com/bounties/79c11579-47d8-4e68-8466-b47c3bf5ef6a
+- type: FIX
+  url: https://github.com/parisneo/lollms/commit/28ee567a9a120967215ff19b96ab7515ce469620