From 3de60f724af430a52a696bf309131f1143170e09 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 8 Apr 2024 13:05:02 +0530
Subject: [PATCH] format-update

---
 passive/cves/2024/CVE-2024-25723.yaml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/passive/cves/2024/CVE-2024-25723.yaml b/passive/cves/2024/CVE-2024-25723.yaml
index 99d86c16ce..16b1b7edf6 100644
--- a/passive/cves/2024/CVE-2024-25723.yaml
+++ b/passive/cves/2024/CVE-2024-25723.yaml
@@ -4,10 +4,8 @@ info:
   name: ZenML ZenML Server - Improper Authentication
   author: David Botelho Mariano
   severity: critical
-  description: ZenML Server in the ZenML machine learning package before 0.46.7
-    for Python allows remote privilege escalation because the
-    /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on
-    the basis of a valid username along with a new password in the request body.
+  description: 
+    ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body.
   impact: |
     Successful exploitation could lead to unauthorized access to sensitive data.
   remediation: |
@@ -15,6 +13,9 @@ info:
   reference:
     - https://www.zenml.io/blog/critical-security-update-for-zenml-users
     - https://github.com/zenml-io/zenml
+    - https://github.com/zenml-io/zenml/compare/0.42.1...0.42.2
+    - https://github.com/zenml-io/zenml/compare/0.43.0...0.43.1
+    - https://github.com/zenml-io/zenml/compare/0.44.3...0.44.4
   classification:
     epss-score: 0.00045
     epss-percentile: 0.13559