All the vulnerabilites related to openSUSE - Factory
cve-2020-8015
Vulnerability from cvelistv5
Published
2020-04-02 07:55
Modified
2024-09-16 19:46
Summary
Local privilege escalation in exim package from user mail to root
Impacted products
openSUSEFactory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:25.101Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2020:0491",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154183"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "4.93.0.4-3.1",
              "status": "affected",
              "version": "exim",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2020-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-20T15:45:09",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "name": "openSUSE-SU-2020:0491",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154183"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1154183",
        "defect": [
          "1154183"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation in exim package from user mail to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-04-02T00:00:00.000Z",
          "ID": "CVE-2020-8015",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation in exim package from user mail to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "exim",
                            "version_value": "4.93.0.4-3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2020:0491",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1154183",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154183"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1154183",
          "defect": [
            "1154183"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2020-8015",
    "datePublished": "2020-04-02T07:55:13.216384Z",
    "dateReserved": "2020-01-27T00:00:00",
    "dateUpdated": "2024-09-16T19:46:31.907Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-8032
Vulnerability from cvelistv5
Published
2021-02-25 09:15
Modified
2024-09-16 20:03
Summary
Local privilege escalation to root due to insecure tmp file usage
References
Impacted products
openSUSEFactory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:24.966Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1180669"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.1.27-4.2",
              "status": "affected",
              "version": "cyrus-sasl",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2021-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-377",
              "description": "CWE-377: Insecure Temporary File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-25T09:15:17",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1180669"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1180669",
        "defect": [
          "1180669"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation to root due to insecure tmp file usage",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2021-02-25T00:00:00.000Z",
          "ID": "CVE-2020-8032",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation to root due to insecure tmp file usage"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "cyrus-sasl",
                            "version_value": "2.1.27-4.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-377: Insecure Temporary File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1180669",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1180669"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1180669",
          "defect": [
            "1180669"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2020-8032",
    "datePublished": "2021-02-25T09:15:17.275483Z",
    "dateReserved": "2020-01-27T00:00:00",
    "dateUpdated": "2024-09-16T20:03:06.806Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-12476
Vulnerability from cvelistv5
Published
2020-01-27 08:30
Modified
2024-09-16 20:52
Summary
obs-service-extract_file's outfilename parameter allows to write files outside of package directory
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:38:06.188Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1107944"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.9.2.1537788075.fefaa74:",
              "status": "affected",
              "version": "obs-service-tar_scm",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.9.2.1537788075.fefaa74",
              "status": "affected",
              "version": "obs-service-tar_scm",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2020-01-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-23",
              "description": "CWE-23: Relative Path Traversal",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:15:38",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1107944"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1107944",
        "defect": [
          "1107944"
        ],
        "discovery": "INTERNAL"
      },
      "title": "obs-service-extract_file\u0027s outfilename parameter allows to write files outside of package directory",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "DATE_PUBLIC": "2020-01-27T00:00:00.000Z",
          "ID": "CVE-2018-12476",
          "STATE": "PUBLIC",
          "TITLE": "obs-service-extract_file\u0027s outfilename parameter allows to write files outside of package directory"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "obs-service-tar_scm",
                            "version_value": "0.9.2.1537788075.fefaa74:"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "obs-service-tar_scm",
                            "version_value": "0.9.2.1537788075.fefaa74"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-23: Relative Path Traversal"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1107944",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1107944"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1107944",
          "defect": [
            "1107944"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2018-12476",
    "datePublished": "2020-01-27T08:30:14.943188Z",
    "dateReserved": "2018-06-15T00:00:00",
    "dateUpdated": "2024-09-16T20:52:13.615Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-3692
Vulnerability from cvelistv5
Published
2020-01-24 08:50
Modified
2024-09-16 20:51
Summary
Local privilege escalation from user news to root in the packaging of inn
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:19:17.781Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2020:0234",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html"
          },
          {
            "name": "openSUSE-SU-2020:0242",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154302"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 11",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.4.2-170.21.3.1",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.6.2-2.2",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.5.4-lp151.2.47",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2020-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-20T15:45:08",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "name": "openSUSE-SU-2020:0234",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html"
        },
        {
          "name": "openSUSE-SU-2020:0242",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154302"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1154302",
        "defect": [
          "1154302"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation from user news to root in the packaging of inn",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-01-24T00:00:00.000Z",
          "ID": "CVE-2019-3692",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation from user news to root in the packaging of inn"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 11",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "inn",
                            "version_value": "2.4.2-170.21.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "inn",
                            "version_value": "2.6.2-2.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "inn",
                            "version_value": "2.5.4-lp151.2.47"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2020:0234",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html"
            },
            {
              "name": "openSUSE-SU-2020:0242",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1154302",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154302"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1154302",
          "defect": [
            "1154302"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-3692",
    "datePublished": "2020-01-24T08:50:12.217219Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-16T20:51:57.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-31256
Vulnerability from cvelistv5
Published
2022-10-26 08:55
Modified
2024-09-16 16:32
Summary
sendmail: mail to root privilege escalation via sm-client.pre script
Impacted products
SUSEopenSUSE Factory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:11:39.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1204696"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openSUSE Factory",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.17.1-1.1",
              "status": "affected",
              "version": "sendmail",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner and Filippo Bonazzi from SUSE"
        }
      ],
      "datePublic": "2022-10-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Improper Link Resolution Before File Access (\u0027Link Following\u0027) vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-26T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1204696"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1204696",
        "defect": [
          "1204696"
        ],
        "discovery": "INTERNAL"
      },
      "title": "sendmail: mail to root privilege escalation via sm-client.pre script",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2022-31256",
    "datePublished": "2022-10-26T08:55:09.458554Z",
    "dateReserved": "2022-05-20T00:00:00",
    "dateUpdated": "2024-09-16T16:32:57.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-18902
Vulnerability from cvelistv5
Published
2020-03-02 16:45
Modified
2024-09-17 02:41
Summary
wicked: Use-after-free when receiving invalid DHCP6 client options
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:02:39.848Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1160903"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 12",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.6.60-3.5.1",
              "status": "affected",
              "version": "wicked",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.6.60-3.21.1",
              "status": "affected",
              "version": "wicked",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.6.60-lp151.2.6.1",
              "status": "affected",
              "version": "wicked",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.6.62",
              "status": "affected",
              "version": "wicked",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Malte Kraus"
        }
      ],
      "datePublic": "2020-01-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-02T16:45:18",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1160903"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160903",
        "defect": [
          "1160903"
        ],
        "discovery": "INTERNAL"
      },
      "title": "wicked: Use-after-free when receiving invalid DHCP6 client options",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-01-30T00:00:00.000Z",
          "ID": "CVE-2019-18902",
          "STATE": "PUBLIC",
          "TITLE": "wicked: Use-after-free when receiving invalid DHCP6 client options"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 12",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "wicked",
                            "version_value": "0.6.60-3.5.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "wicked",
                            "version_value": "0.6.60-3.21.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "wicked",
                            "version_value": "0.6.60-lp151.2.6.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "wicked",
                            "version_value": "0.6.62"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Malte Kraus"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-416: Use After Free"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1160903",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1160903"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160903",
          "defect": [
            "1160903"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-18902",
    "datePublished": "2020-03-02T16:45:18.218099Z",
    "dateReserved": "2019-11-12T00:00:00",
    "dateUpdated": "2024-09-17T02:41:08.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-18898
Vulnerability from cvelistv5
Published
2020-01-23 14:05
Modified
2024-09-16 18:24
Summary
trousers: Local privilege escalation from tss to root
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:02:39.883Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2020:0744",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 15 SP1",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.3.14-6.3.1",
              "status": "affected",
              "version": "trousers",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.3.14-7.1",
              "status": "affected",
              "version": "trousers",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz from SUSE"
        }
      ],
      "datePublic": "2019-11-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-20T15:45:08",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "name": "openSUSE-SU-2020:0744",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
        "defect": [
          "1157651"
        ],
        "discovery": "INTERNAL"
      },
      "title": "trousers: Local privilege escalation from tss to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2019-11-26T00:00:00.000Z",
          "ID": "CVE-2019-18898",
          "STATE": "PUBLIC",
          "TITLE": "trousers: Local privilege escalation from tss to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 15 SP1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "trousers",
                            "version_value": "0.3.14-6.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "trousers",
                            "version_value": "0.3.14-7.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz from SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2020:0744",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
          "defect": [
            "1157651"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-18898",
    "datePublished": "2020-01-23T14:05:14.446560Z",
    "dateReserved": "2019-11-12T00:00:00",
    "dateUpdated": "2024-09-16T18:24:53.684Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-3681
Vulnerability from cvelistv5
Published
2020-06-29 12:00
Modified
2024-09-17 03:28
Summary
osc: stores downloaded (supposed) RPM in network-controlled filesystem paths
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:12:09.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1122675"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Module for Development Tools 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.169.1-3.20.1",
              "status": "affected",
              "version": "osc",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Software Development Kit 12-SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.162.1-15.9.1",
              "status": "affected",
              "version": "osc",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Software Development Kit 12-SP4",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.162.1-15.9.1",
              "status": "affected",
              "version": "osc",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.169.1-lp151.2.15.1",
              "status": "affected",
              "version": "osc",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.169.0",
              "status": "affected",
              "version": "osc",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Malte Kraus of SUSE"
        }
      ],
      "datePublic": "2020-05-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 ."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73: External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-29T12:00:16",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1122675"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1122675",
        "defect": [
          "1122675"
        ],
        "discovery": "INTERNAL"
      },
      "title": "osc: stores downloaded (supposed) RPM in network-controlled filesystem paths",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-05-27T00:00:00.000Z",
          "ID": "CVE-2019-3681",
          "STATE": "PUBLIC",
          "TITLE": "osc: stores downloaded (supposed) RPM in network-controlled filesystem paths"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Module for Development Tools 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "osc",
                            "version_value": "0.169.1-3.20.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Software Development Kit 12-SP5",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "osc",
                            "version_value": "0.162.1-15.9.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Software Development Kit 12-SP4",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "osc",
                            "version_value": "0.162.1-15.9.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openSUSE Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "osc",
                            "version_value": "0.169.1-lp151.2.15.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "osc",
                            "version_value": "0.169.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Malte Kraus of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 ."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-73: External Control of File Name or Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1122675",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1122675"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1122675",
          "defect": [
            "1122675"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-3681",
    "datePublished": "2020-06-29T12:00:16.969947Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-17T03:28:54.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-3694
Vulnerability from cvelistv5
Published
2020-01-24 10:50
Modified
2024-09-17 00:26
Summary
Local privilege escalation from munin to root in the packaging of munin
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:19:17.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1155078"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.0.49-4.2",
              "status": "affected",
              "version": "munin",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.0.40-lp151.1.1",
              "status": "affected",
              "version": "munin",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2020-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-20T15:45:08",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1155078"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1155078",
        "defect": [
          "1155078"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation from munin to root in the packaging of munin",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-01-24T00:00:00.000Z",
          "ID": "CVE-2019-3694",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation from munin to root in the packaging of munin"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "munin",
                            "version_value": "2.0.49-4.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "munin",
                            "version_value": "2.0.40-lp151.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1155078",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1155078"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1155078",
          "defect": [
            "1155078"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-3694",
    "datePublished": "2020-01-24T10:50:11.606027Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-17T00:26:07.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-31253
Vulnerability from cvelistv5
Published
2022-11-09 13:50
Modified
2024-09-16 19:05
Summary
openldap2: /usr/lib/openldap/start allows ldap user/group to recursively chown arbitrary directory trees to itself
Impacted products
openSUSEFactory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:11:39.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1202931"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.6.3-404.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner from SUSE"
        }
      ],
      "datePublic": "2022-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root. This issue affects: openSUSE Factory openldap2 versions prior to 2.6.3-404.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426: Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-09T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1202931"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1202931",
        "defect": [
          "1202931"
        ],
        "discovery": "INTERNAL"
      },
      "title": "openldap2: /usr/lib/openldap/start allows ldap user/group to recursively chown arbitrary directory trees to itself",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2022-31253",
    "datePublished": "2022-11-09T13:50:10.848825Z",
    "dateReserved": "2022-05-20T00:00:00",
    "dateUpdated": "2024-09-16T19:05:13.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-3691
Vulnerability from cvelistv5
Published
2020-01-23 16:00
Modified
2024-09-16 22:15
Summary
Local privilege escalation from user munge to root
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:19:16.810Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1155075"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.5.13-4.3.1",
              "status": "affected",
              "version": "munge",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.5.13-6.1",
              "status": "affected",
              "version": "munge",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz from SUSE"
        }
      ],
      "datePublic": "2019-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-20T15:45:08",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1155075"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1155075",
        "defect": [
          "1155075"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation from user munge to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2019-12-05T00:00:00.000Z",
          "ID": "CVE-2019-3691",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation from user munge to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "munge",
                            "version_value": "0.5.13-4.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "munge",
                            "version_value": "0.5.13-6.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz from SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1155075",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1155075"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1155075",
          "defect": [
            "1155075"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-3691",
    "datePublished": "2020-01-23T16:00:20.042692Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-16T22:15:11.514Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-3698
Vulnerability from cvelistv5
Published
2020-02-28 13:20
Modified
2024-09-16 16:33
Summary
nagios cron job allows privilege escalation from user nagios to root
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:19:17.452Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2020:0500",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00014.html"
          },
          {
            "name": "openSUSE-SU-2020:0517",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1156309"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 12",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "3.5.1-5.27",
              "status": "affected",
              "version": "nagios",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 11",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "3.0.6-1.25.36.3.1",
              "status": "affected",
              "version": "nagios",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "4.4.5-2.1",
              "status": "affected",
              "version": "nagios",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner"
        }
      ],
      "datePublic": "2020-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-20T15:45:08",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "name": "openSUSE-SU-2020:0500",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00014.html"
        },
        {
          "name": "openSUSE-SU-2020:0517",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1156309"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1156309",
        "defect": [
          "1156309"
        ],
        "discovery": "INTERNAL"
      },
      "title": "nagios cron job allows privilege escalation from user nagios to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-02-28T00:00:00.000Z",
          "ID": "CVE-2019-3698",
          "STATE": "PUBLIC",
          "TITLE": "nagios cron job allows privilege escalation from user nagios to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 12",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "nagios",
                            "version_value": "3.5.1-5.27"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 11",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "nagios",
                            "version_value": "3.0.6-1.25.36.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "nagios",
                            "version_value": "4.4.5-2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2020:0500",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00014.html"
            },
            {
              "name": "openSUSE-SU-2020:0517",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00022.html"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1156309",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1156309"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1156309",
          "defect": [
            "1156309"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-3698",
    "datePublished": "2020-02-28T13:20:14.152354Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-16T16:33:41.138Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-31997
Vulnerability from cvelistv5
Published
2021-06-10 11:35
Modified
2024-09-16 23:22
Summary
python-postorius: postorius-permissions.sh used during %post allows local privilege escalation from postorius user to root
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:10:31.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182407"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "1.3.2-lp152.1.2",
              "status": "affected",
              "version": "python-postorius",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "1.3.4-2.1",
              "status": "affected",
              "version": "python-postorius",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2021-05-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local attackers to escalate from users postorius or postorius-admin to root. This issue affects: openSUSE Leap 15.2 python-postorius version 1.3.2-lp152.1.2 and prior versions. openSUSE Factory python-postorius version 1.3.4-2.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-13T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182407"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182407",
        "defect": [
          "1182407"
        ],
        "discovery": "INTERNAL"
      },
      "title": "python-postorius: postorius-permissions.sh used during %post allows local privilege escalation from postorius user to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-31997",
    "datePublished": "2021-06-10T11:35:11.799931Z",
    "dateReserved": "2021-05-03T00:00:00",
    "dateUpdated": "2024-09-16T23:22:17.307Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-41817
Vulnerability from cvelistv5
Published
2022-01-01 00:00
Modified
2024-08-04 03:22
Severity ?
Summary
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T03:22:24.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1254844"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/"
          },
          {
            "name": "FEDORA-2022-82a9edac27",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/"
          },
          {
            "name": "FEDORA-2022-8cf0124add",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/"
          },
          {
            "name": "GLSA-202401-27",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202401-27"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-24T05:06:33.551146",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://hackerone.com/reports/1254844"
        },
        {
          "url": "https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/"
        },
        {
          "name": "FEDORA-2022-82a9edac27",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/"
        },
        {
          "name": "FEDORA-2022-8cf0124add",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/"
        },
        {
          "name": "GLSA-202401-27",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202401-27"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-41817",
    "datePublished": "2022-01-01T00:00:00",
    "dateReserved": "2021-09-29T00:00:00",
    "dateUpdated": "2024-08-04T03:22:24.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-46142
Vulnerability from cvelistv5
Published
2022-01-06 03:48
Modified
2024-08-04 05:02
Severity ?
Summary
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:02:10.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/uriparser/uriparser/pull/124"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/uriparser/uriparser/issues/122"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/"
          },
          {
            "name": "FEDORA-2022-00a529a8bf",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/"
          },
          {
            "name": "FEDORA-2022-cfd0048127",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/"
          },
          {
            "name": "DSA-5063",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5063"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-27T02:06:11",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/uriparser/uriparser/pull/124"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/uriparser/uriparser/issues/122"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/"
        },
        {
          "name": "FEDORA-2022-00a529a8bf",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/"
        },
        {
          "name": "FEDORA-2022-cfd0048127",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/"
        },
        {
          "name": "DSA-5063",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5063"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-46142",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/uriparser/uriparser/pull/124",
              "refsource": "MISC",
              "url": "https://github.com/uriparser/uriparser/pull/124"
            },
            {
              "name": "https://github.com/uriparser/uriparser/issues/122",
              "refsource": "MISC",
              "url": "https://github.com/uriparser/uriparser/issues/122"
            },
            {
              "name": "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/",
              "refsource": "CONFIRM",
              "url": "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/"
            },
            {
              "name": "FEDORA-2022-00a529a8bf",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/"
            },
            {
              "name": "FEDORA-2022-cfd0048127",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/"
            },
            {
              "name": "DSA-5063",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5063"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-46142",
    "datePublished": "2022-01-06T03:48:36",
    "dateReserved": "2022-01-06T00:00:00",
    "dateUpdated": "2024-08-04T05:02:10.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-18903
Vulnerability from cvelistv5
Published
2020-03-02 16:45
Modified
2024-09-17 01:00
Summary
wicked: Use-after-free when receiving invalid DHCP6 IA_PD option
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:02:39.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1160904"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 12",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.6.60-2.18.1",
              "status": "affected",
              "version": "wicked",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.6.60-28.26.1",
              "status": "affected",
              "version": "wicked",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.6.60-lp151.2.9.1",
              "status": "affected",
              "version": "wicked",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.6.62",
              "status": "affected",
              "version": "wicked",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Malte Kraus"
        }
      ],
      "datePublic": "2020-02-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-02T16:45:18",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1160904"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160904",
        "defect": [
          "1160904"
        ],
        "discovery": "INTERNAL"
      },
      "title": "wicked: Use-after-free when receiving invalid DHCP6 IA_PD option",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-02-06T00:00:00.000Z",
          "ID": "CVE-2019-18903",
          "STATE": "PUBLIC",
          "TITLE": "wicked: Use-after-free when receiving invalid DHCP6 IA_PD option"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 12",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "wicked",
                            "version_value": "0.6.60-2.18.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "wicked",
                            "version_value": "0.6.60-28.26.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "wicked",
                            "version_value": "0.6.60-lp151.2.9.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "wicked",
                            "version_value": "0.6.62"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Malte Kraus"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-416: Use After Free"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1160904",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1160904"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160904",
          "defect": [
            "1160904"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-18903",
    "datePublished": "2020-03-02T16:45:18.618041Z",
    "dateReserved": "2019-11-12T00:00:00",
    "dateUpdated": "2024-09-17T01:00:28.473Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-4166
Vulnerability from cvelistv5
Published
2021-12-25 18:15
Modified
2024-08-03 17:16
Summary
Out-of-bounds Read in vim/vim
Impacted products
vimvim/vim
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:16:04.277Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682"
          },
          {
            "name": "FEDORA-2022-a3d70b50f0",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/"
          },
          {
            "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
          },
          {
            "name": "FEDORA-2022-48b86d586f",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213183"
          },
          {
            "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213256"
          },
          {
            "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/May/35"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213343"
          },
          {
            "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Jul/14"
          },
          {
            "name": "GLSA-202208-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202208-32"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "vim/vim",
          "vendor": "vim",
          "versions": [
            {
              "lessThan": "8.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "vim is vulnerable to Out-of-bounds Read"
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-21T06:14:34",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682"
        },
        {
          "name": "FEDORA-2022-a3d70b50f0",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/"
        },
        {
          "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
        },
        {
          "name": "FEDORA-2022-48b86d586f",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT213183"
        },
        {
          "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT213256"
        },
        {
          "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/May/35"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT213343"
        },
        {
          "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Jul/14"
        },
        {
          "name": "GLSA-202208-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202208-32"
        }
      ],
      "source": {
        "advisory": "229df5dd-5507-44e9-832c-c70364bdf035",
        "discovery": "EXTERNAL"
      },
      "title": "Out-of-bounds Read in vim/vim",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2021-4166",
          "STATE": "PUBLIC",
          "TITLE": "Out-of-bounds Read in vim/vim"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "vim/vim",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "vim"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "vim is vulnerable to Out-of-bounds Read"
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125 Out-of-bounds Read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035"
            },
            {
              "name": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682",
              "refsource": "MISC",
              "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682"
            },
            {
              "name": "FEDORA-2022-a3d70b50f0",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/"
            },
            {
              "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
            },
            {
              "name": "FEDORA-2022-48b86d586f",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/"
            },
            {
              "name": "https://support.apple.com/kb/HT213183",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT213183"
            },
            {
              "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
            },
            {
              "name": "https://support.apple.com/kb/HT213256",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT213256"
            },
            {
              "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2022/May/35"
            },
            {
              "name": "https://support.apple.com/kb/HT213343",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT213343"
            },
            {
              "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2022/Jul/14"
            },
            {
              "name": "GLSA-202208-32",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202208-32"
            }
          ]
        },
        "source": {
          "advisory": "229df5dd-5507-44e9-832c-c70364bdf035",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2021-4166",
    "datePublished": "2021-12-25T18:15:09",
    "dateReserved": "2021-12-24T00:00:00",
    "dateUpdated": "2024-08-03T17:16:04.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-21944
Vulnerability from cvelistv5
Published
2022-01-26 09:10
Modified
2024-09-16 16:43
Summary
watchman: chown in watchman@.socket unit allows symlink attack
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:00:53.687Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1194470"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openSUSE Backports SLE-15-SP3",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "4.9.0",
              "status": "affected",
              "version": "watchman",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "4.9.0-9.1",
              "status": "affected",
              "version": "watchman",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2022-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman versions prior to 4.9.0-9.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-19T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1194470"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1194470",
        "defect": [
          "1194470"
        ],
        "discovery": "INTERNAL"
      },
      "title": "watchman: chown in watchman@.socket unit allows symlink attack",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2022-21944",
    "datePublished": "2022-01-26T09:10:09.842895Z",
    "dateReserved": "2021-12-16T00:00:00",
    "dateUpdated": "2024-09-16T16:43:44.172Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-18897
Vulnerability from cvelistv5
Published
2020-03-02 15:20
Modified
2024-09-17 01:21
Summary
Local privilege escalation from user salt to root
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:02:39.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2020:0357",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 12",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "2019.2.0-46.83.1",
              "status": "affected",
              "version": "salt-master",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "2019.2.0-6.21.1",
              "status": "affected",
              "version": "salt-master",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2019.2.2-3.1",
              "status": "affected",
              "version": "salt-master",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz"
        }
      ],
      "datePublic": "2020-02-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-20T15:45:08",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "name": "openSUSE-SU-2020:0357",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
        "defect": [
          "1157465"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation from user salt to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-02-24T00:00:00.000Z",
          "ID": "CVE-2019-18897",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation from user salt to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 12",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "salt-master",
                            "version_value": "2019.2.0-46.83.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "salt-master",
                            "version_value": "2019.2.0-6.21.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "salt-master",
                            "version_value": "2019.2.2-3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2020:0357",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
          "defect": [
            "1157465"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-18897",
    "datePublished": "2020-03-02T15:20:27.294803Z",
    "dateReserved": "2019-11-12T00:00:00",
    "dateUpdated": "2024-09-17T01:21:20.067Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25321
Vulnerability from cvelistv5
Published
2021-06-30 08:25
Modified
2024-09-16 18:43
Summary
arpwatch: Local privilege escalation from runtime user to root
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:03:04.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1186240"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 11-SP4-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.1a15",
              "status": "affected",
              "version": "arpwatch",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Manager Server 4.0",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.1a15",
              "status": "affected",
              "version": "arpwatch",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud Crowbar 9",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.1a15",
              "status": "affected",
              "version": "arpwatch",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.1a15-169.5",
              "status": "affected",
              "version": "arpwatch",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.1a15-lp152.5.5",
              "status": "affected",
              "version": "arpwatch",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2021-06-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-61",
              "description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-30T08:25:12",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1186240"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1186240",
        "defect": [
          "1186240"
        ],
        "discovery": "INTERNAL"
      },
      "title": "arpwatch: Local privilege escalation from runtime user to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2021-06-28T00:00:00.000Z",
          "ID": "CVE-2021-25321",
          "STATE": "PUBLIC",
          "TITLE": "arpwatch: Local privilege escalation from runtime user to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 11-SP4-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "arpwatch",
                            "version_value": "2.1a15"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Manager Server 4.0",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "arpwatch",
                            "version_value": "2.1a15"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud Crowbar 9",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "arpwatch",
                            "version_value": "2.1a15"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "arpwatch",
                            "version_value": "2.1a15-169.5"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Leap 15.2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "arpwatch",
                            "version_value": "2.1a15-lp152.5.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-61: UNIX Symbolic Link (Symlink) Following"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1186240",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1186240"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1186240",
          "defect": [
            "1186240"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-25321",
    "datePublished": "2021-06-30T08:25:12.750081Z",
    "dateReserved": "2021-01-19T00:00:00",
    "dateUpdated": "2024-09-16T18:43:24.802Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-41819
Vulnerability from cvelistv5
Published
2022-01-01 00:00
Modified
2024-08-04 03:22
Severity ?
Summary
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T03:22:24.942Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/910552"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220121-0003/"
          },
          {
            "name": "FEDORA-2022-82a9edac27",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/"
          },
          {
            "name": "FEDORA-2022-8cf0124add",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/"
          },
          {
            "name": "GLSA-202401-27",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202401-27"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-24T05:06:40.201990",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://hackerone.com/reports/910552"
        },
        {
          "url": "https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220121-0003/"
        },
        {
          "name": "FEDORA-2022-82a9edac27",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/"
        },
        {
          "name": "FEDORA-2022-8cf0124add",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/"
        },
        {
          "name": "GLSA-202401-27",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202401-27"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-41819",
    "datePublished": "2022-01-01T00:00:00",
    "dateReserved": "2021-09-29T00:00:00",
    "dateUpdated": "2024-08-04T03:22:24.942Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-3699
Vulnerability from cvelistv5
Published
2020-01-24 12:25
Modified
2024-09-16 21:02
Summary
Local privilege escalation from user privoxy to root
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:19:17.418Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157449"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "3.0.28-lp151.1.1",
              "status": "affected",
              "version": "privoxy",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "3.0.28-2.1",
              "status": "affected",
              "version": "privoxy",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2020-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openSUSE Leap 15.1 privoxy version 3.0.28-lp151.1.1 and prior versions. openSUSE Factory privoxy version 3.0.28-2.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-20T15:45:08",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157449"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157449",
        "defect": [
          "1157449"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation from user privoxy to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-01-24T00:00:00.000Z",
          "ID": "CVE-2019-3699",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation from user privoxy to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "privoxy",
                            "version_value": "3.0.28-lp151.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "privoxy",
                            "version_value": "3.0.28-2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openSUSE Leap 15.1 privoxy version 3.0.28-lp151.1.1 and prior versions. openSUSE Factory privoxy version 3.0.28-2.1 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1157449",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157449"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157449",
          "defect": [
            "1157449"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-3699",
    "datePublished": "2020-01-24T12:25:12.967744Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-16T21:02:19.137Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-21946
Vulnerability from cvelistv5
Published
2022-03-16 10:05
Modified
2024-09-17 01:21
Summary
suddoers configuration for cscreen not restrictive enough
Impacted products
openSUSEFactory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:00:54.792Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1196451"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "1.2-1.3",
              "status": "affected",
              "version": "cscreen",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2022-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-732",
              "description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-22T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1196451"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1196451",
        "defect": [
          "1196451"
        ],
        "discovery": "INTERNAL"
      },
      "title": "suddoers configuration for cscreen not restrictive enough",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2022-21946",
    "datePublished": "2022-03-16T10:05:14.562889Z",
    "dateReserved": "2021-12-16T00:00:00",
    "dateUpdated": "2024-09-17T01:21:54.785Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25319
Vulnerability from cvelistv5
Published
2021-05-05 08:25
Modified
2024-09-16 22:24
Summary
virtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group
References
Impacted products
openSUSEFactory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:03:04.759Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182918"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "6.1.20-1.1",
              "status": "affected",
              "version": "virtualbox",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2021-04-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Factory virtualbox version 6.1.20-1.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-05T08:25:13",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182918"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182918",
        "defect": [
          "1182918"
        ],
        "discovery": "INTERNAL"
      },
      "title": "virtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2021-04-26T00:00:00.000Z",
          "ID": "CVE-2021-25319",
          "STATE": "PUBLIC",
          "TITLE": "virtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "virtualbox",
                            "version_value": "6.1.20-1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Factory virtualbox version 6.1.20-1.1 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-276: Incorrect Default Permissions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1182918",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182918"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182918",
          "defect": [
            "1182918"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-25319",
    "datePublished": "2021-05-05T08:25:13.677536Z",
    "dateReserved": "2021-01-19T00:00:00",
    "dateUpdated": "2024-09-16T22:24:55.435Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-45082
Vulnerability from cvelistv5
Published
2022-02-18 23:23
Modified
2024-08-04 04:32
Severity ?
Summary
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.)
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:32:13.626Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/cobbler/cobbler/releases"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193678"
          },
          {
            "name": "FEDORA-2022-0c6402a6a3",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/"
          },
          {
            "name": "FEDORA-2022-0649006be6",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/"
          },
          {
            "name": "FEDORA-2022-f1510aa454",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the \"#from MODULE import\" substring. (Only lines beginning with #import are blocked.)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-26T17:06:38",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/cobbler/cobbler/releases"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193678"
        },
        {
          "name": "FEDORA-2022-0c6402a6a3",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/"
        },
        {
          "name": "FEDORA-2022-0649006be6",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/"
        },
        {
          "name": "FEDORA-2022-f1510aa454",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-45082",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the \"#from MODULE import\" substring. (Only lines beginning with #import are blocked.)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/cobbler/cobbler/releases",
              "refsource": "MISC",
              "url": "https://github.com/cobbler/cobbler/releases"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1193678",
              "refsource": "MISC",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193678"
            },
            {
              "name": "FEDORA-2022-0c6402a6a3",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/"
            },
            {
              "name": "FEDORA-2022-0649006be6",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/"
            },
            {
              "name": "FEDORA-2022-f1510aa454",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-45082",
    "datePublished": "2022-02-18T23:23:30",
    "dateReserved": "2021-12-16T00:00:00",
    "dateUpdated": "2024-08-04T04:32:13.626Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-3700
Vulnerability from cvelistv5
Published
2020-01-24 12:45
Modified
2024-09-17 01:26
Summary
yast: Fallback to DES without configuration in /etc/login.def
References
Impacted products
openSUSEFactory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:19:16.823Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157541"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "4.2.6",
              "status": "affected",
              "version": "yast2-security",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-11-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "yast2-security didn\u0027t use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used until yast2-security switched to stronger defaults in 4.2.6 and used the new configuration file locations. Password created during this time used DES password encryption and are not properly protected against attackers that are able to access the password hashes."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-327",
              "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-24T12:45:14",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157541"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157541",
        "defect": [
          "1157541"
        ],
        "discovery": "USER"
      },
      "title": "yast: Fallback to DES without configuration in /etc/login.def",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2019-11-22T00:00:00.000Z",
          "ID": "CVE-2019-3700",
          "STATE": "PUBLIC",
          "TITLE": "yast: Fallback to DES without configuration in /etc/login.def"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "yast2-security",
                            "version_value": "4.2.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "yast2-security didn\u0027t use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used until yast2-security switched to stronger defaults in 4.2.6 and used the new configuration file locations. Password created during this time used DES password encryption and are not properly protected against attackers that are able to access the password hashes."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1157541",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157541"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157541",
          "defect": [
            "1157541"
          ],
          "discovery": "USER"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-3700",
    "datePublished": "2020-01-24T12:45:14.347248Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-17T01:26:30.443Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-21945
Vulnerability from cvelistv5
Published
2022-03-16 10:05
Modified
2024-09-17 00:40
Summary
cscreen: usage of fixed path /tmp/cscreen.debug
References
Impacted products
openSUSEFactory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:00:53.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1196446"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "1.2-1.3",
              "status": "affected",
              "version": "cscreen",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2022-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Insecure Temporary File vulnerability in cscreen of openSUSE Factory allows local attackers to cause DoS for cscreen and a system DoS for non-default systems. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-377",
              "description": "CWE-377: Insecure Temporary File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-16T10:05:12",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1196446"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1196446",
        "defect": [
          "1196446"
        ],
        "discovery": "INTERNAL"
      },
      "title": "cscreen: usage of fixed path /tmp/cscreen.debug",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2022-03-11T00:00:00.000Z",
          "ID": "CVE-2022-21945",
          "STATE": "PUBLIC",
          "TITLE": "cscreen: usage of fixed path /tmp/cscreen.debug"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "cscreen",
                            "version_value": "1.2-1.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Insecure Temporary File vulnerability in cscreen of openSUSE Factory allows local attackers to cause DoS for cscreen and a system DoS for non-default systems. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-377: Insecure Temporary File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1196446",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1196446"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1196446",
          "defect": [
            "1196446"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2022-21945",
    "datePublished": "2022-03-16T10:05:12.859323Z",
    "dateReserved": "2021-12-16T00:00:00",
    "dateUpdated": "2024-09-17T00:40:49.798Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-31251
Vulnerability from cvelistv5
Published
2022-09-07 08:55
Modified
2024-09-17 01:10
Summary
slurm: %post for slurm-testsuite operates as root in user owned directory
Impacted products
SUSEopenSUSE Factory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:11:39.925Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1201674"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openSUSE Factory",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "22.05.2-3.3",
              "status": "affected",
              "version": "slurm",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz from SUSE"
        }
      ],
      "datePublic": "2022-08-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-19T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1201674"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1201674",
        "defect": [
          "1201674"
        ],
        "discovery": "INTERNAL"
      },
      "title": "slurm: %post for slurm-testsuite operates as root in user owned directory",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2022-31251",
    "datePublished": "2022-09-07T08:55:09.171815Z",
    "dateReserved": "2022-05-20T00:00:00",
    "dateUpdated": "2024-09-17T01:10:54.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-32000
Vulnerability from cvelistv5
Published
2021-07-28 09:35
Modified
2024-09-16 17:48
Summary
clone-master-clean-up: dangerous file system operations
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:10:31.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1181050"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 12 SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "1.6-4.6.1",
              "status": "affected",
              "version": "clone-master-clean-up",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 15 SP1",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "1.6-3.9.1",
              "status": "affected",
              "version": "clone-master-clean-up",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "1.6-1.4",
              "status": "affected",
              "version": "clone-master-clean-up",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2021-07-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-13T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1181050"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1181050",
        "defect": [
          "1181050"
        ],
        "discovery": "INTERNAL"
      },
      "title": "clone-master-clean-up: dangerous file system operations",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-32000",
    "datePublished": "2021-07-28T09:35:11.535016Z",
    "dateReserved": "2021-05-03T00:00:00",
    "dateUpdated": "2024-09-16T17:48:09.451Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25322
Vulnerability from cvelistv5
Published
2021-06-10 11:45
Modified
2024-09-17 03:02
Summary
python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:03:05.436Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182373"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "1.3.2-lp152.2.3.1",
              "status": "affected",
              "version": "python-HyperKitty",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "1.3.4-5.1",
              "status": "affected",
              "version": "python-HyperKitty",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2021-05-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-61",
              "description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-10T11:45:11",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182373"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182373",
        "defect": [
          "1182373"
        ],
        "discovery": "INTERNAL"
      },
      "title": "python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2021-05-19T00:00:00.000Z",
          "ID": "CVE-2021-25322",
          "STATE": "PUBLIC",
          "TITLE": "python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Leap 15.2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "python-HyperKitty",
                            "version_value": "1.3.2-lp152.2.3.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "python-HyperKitty",
                            "version_value": "1.3.4-5.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-61: UNIX Symbolic Link (Symlink) Following"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1182373",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182373"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182373",
          "defect": [
            "1182373"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-25322",
    "datePublished": "2021-06-10T11:45:11.776686Z",
    "dateReserved": "2021-01-19T00:00:00",
    "dateUpdated": "2024-09-17T03:02:08.344Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-46705
Vulnerability from cvelistv5
Published
2022-03-16 09:50
Modified
2024-09-16 19:46
Summary
grub2-once uses fixed file name in /var/tmp
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:17:42.665Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1190474"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 15 SP4",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.06-150400.7.1",
              "status": "affected",
              "version": "grub2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Factory",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.06-18.1",
              "status": "affected",
              "version": "grub2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Ludwig Nussel of SUSE"
        }
      ],
      "datePublic": "2022-02-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-377",
              "description": "CWE-377: Insecure Temporary File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-16T09:50:10",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1190474"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1190474",
        "defect": [
          "1190474"
        ],
        "discovery": "INTERNAL"
      },
      "title": "grub2-once uses fixed file name in /var/tmp",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2022-02-23T00:00:00.000Z",
          "ID": "CVE-2021-46705",
          "STATE": "PUBLIC",
          "TITLE": "grub2-once uses fixed file name in /var/tmp"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 15 SP4",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "grub2",
                            "version_value": "2.06-150400.7.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "grub2",
                            "version_value": "2.06-18.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Ludwig Nussel of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-377: Insecure Temporary File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1190474",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1190474"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1190474",
          "defect": [
            "1190474"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-46705",
    "datePublished": "2022-03-16T09:50:10.172983Z",
    "dateReserved": "2022-03-09T00:00:00",
    "dateUpdated": "2024-09-16T19:46:27.891Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-21950
Vulnerability from cvelistv5
Published
2022-09-07 08:40
Modified
2024-09-17 02:32
Summary
canna: unsafe handling of /tmp/.iroha_unix directory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:00:54.593Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199280"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openSUSE Backports SLE-15-SP3",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "canna-3.7p3-bp153.2.3.1",
              "status": "affected",
              "version": "canna",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Backports SLE-15-SP4",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "3.7p3-bp154.3.3.1",
              "status": "affected",
              "version": "canna",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner from SUSE"
        }
      ],
      "datePublic": "2022-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue affects: openSUSE Backports SLE-15-SP3 canna versions prior to canna-3.7p3-bp153.2.3.1. openSUSE Backports SLE-15-SP4 canna versions prior to 3.7p3-bp154.3.3.1. openSUSE Factory was also affected. Instead of fixing the package it was deleted there."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-19T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1199280"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1199280",
        "defect": [
          "1199280"
        ],
        "discovery": "INTERNAL"
      },
      "title": "canna: unsafe handling of /tmp/.iroha_unix directory",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2022-21950",
    "datePublished": "2022-09-07T08:40:10.110711Z",
    "dateReserved": "2021-12-16T00:00:00",
    "dateUpdated": "2024-09-17T02:32:53.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-46141
Vulnerability from cvelistv5
Published
2022-01-06 03:48
Modified
2024-08-04 05:02
Severity ?
Summary
An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:02:10.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/uriparser/uriparser/issues/121"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/uriparser/uriparser/pull/124"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/"
          },
          {
            "name": "FEDORA-2022-00a529a8bf",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/"
          },
          {
            "name": "FEDORA-2022-cfd0048127",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/"
          },
          {
            "name": "[debian-lts-announce] 20220126 [SECURITY] [DLA 2883-2] uriparser security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html"
          },
          {
            "name": "DSA-5063",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5063"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-27T02:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/uriparser/uriparser/issues/121"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/uriparser/uriparser/pull/124"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/"
        },
        {
          "name": "FEDORA-2022-00a529a8bf",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/"
        },
        {
          "name": "FEDORA-2022-cfd0048127",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/"
        },
        {
          "name": "[debian-lts-announce] 20220126 [SECURITY] [DLA 2883-2] uriparser security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html"
        },
        {
          "name": "DSA-5063",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5063"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-46141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/uriparser/uriparser/issues/121",
              "refsource": "MISC",
              "url": "https://github.com/uriparser/uriparser/issues/121"
            },
            {
              "name": "https://github.com/uriparser/uriparser/pull/124",
              "refsource": "MISC",
              "url": "https://github.com/uriparser/uriparser/pull/124"
            },
            {
              "name": "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/",
              "refsource": "CONFIRM",
              "url": "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/"
            },
            {
              "name": "FEDORA-2022-00a529a8bf",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/"
            },
            {
              "name": "FEDORA-2022-cfd0048127",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/"
            },
            {
              "name": "[debian-lts-announce] 20220126 [SECURITY] [DLA 2883-2] uriparser security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html"
            },
            {
              "name": "DSA-5063",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2022/dsa-5063"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-46141",
    "datePublished": "2022-01-06T03:48:45",
    "dateReserved": "2022-01-06T00:00:00",
    "dateUpdated": "2024-08-04T05:02:10.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-36781
Vulnerability from cvelistv5
Published
2022-01-14 10:40
Modified
2024-09-16 18:39
Summary
parsec: dangerous 777 permissions for /run/parsec
References
Impacted products
openSUSEFactory
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:01:59.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193484"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "0.8.1-1.1",
              "status": "affected",
              "version": "parsec",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2021-12-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-14T10:40:09",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193484"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1193484",
        "defect": [
          "1193484"
        ],
        "discovery": "INTERNAL"
      },
      "title": "parsec: dangerous 777 permissions for /run/parsec",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2021-12-09T00:00:00.000Z",
          "ID": "CVE-2021-36781",
          "STATE": "PUBLIC",
          "TITLE": "parsec: dangerous 777 permissions for /run/parsec"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "parsec",
                            "version_value": "0.8.1-1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-276: Incorrect Default Permissions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1193484",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193484"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1193484",
          "defect": [
            "1193484"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-36781",
    "datePublished": "2022-01-14T10:40:09.442647Z",
    "dateReserved": "2021-07-19T00:00:00",
    "dateUpdated": "2024-09-16T18:39:32.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25317
Vulnerability from cvelistv5
Published
2021-05-05 09:35
Modified
2024-09-17 00:32
Summary
cups: ownership of /var/log/cups allows the lp user to create files as root
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:03:04.109Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1184161"
          },
          {
            "name": "FEDORA-2021-dc578ce534",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H74BP746O5NNVCBUTLLZYAFBPESFVECV/"
          },
          {
            "name": "FEDORA-2021-7b698513d5",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S37IDQGHTORQ3Z6VRDQIGBYVOI27YG47/"
          },
          {
            "name": "FEDORA-2021-be95e017e7",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWPGZLT3U776Q5YPPSA6LGFWWBDWBVH3/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 11-SP4-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.3.9",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Manager Server 4.0",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.2.7",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud Crowbar 9",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.7.5",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.2.7",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.3.3op2-2.1",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2021-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS cups versions prior to 1.3.9. SUSE Manager Server 4.0 cups versions prior to 2.2.7. SUSE OpenStack Cloud Crowbar 9 cups versions prior to 1.7.5. openSUSE Leap 15.2 cups versions prior to 2.2.7. openSUSE Factory cups version 2.3.3op2-2.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-19T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1184161"
        },
        {
          "name": "FEDORA-2021-dc578ce534",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H74BP746O5NNVCBUTLLZYAFBPESFVECV/"
        },
        {
          "name": "FEDORA-2021-7b698513d5",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S37IDQGHTORQ3Z6VRDQIGBYVOI27YG47/"
        },
        {
          "name": "FEDORA-2021-be95e017e7",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWPGZLT3U776Q5YPPSA6LGFWWBDWBVH3/"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1184161",
        "defect": [
          "1184161"
        ],
        "discovery": "INTERNAL"
      },
      "title": "cups: ownership of /var/log/cups allows the lp user to create files as root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-25317",
    "datePublished": "2021-05-05T09:35:13.321996Z",
    "dateReserved": "2021-01-19T00:00:00",
    "dateUpdated": "2024-09-17T00:32:16.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

var-202112-2249
Vulnerability from variot

vim is vulnerable to Out-of-bounds Read. vim Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. Vim is an editor based on the UNIX platform. Attackers can use this vulnerability to read files out of bounds. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3927) A flaw was found in vim. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3928) A flaw was found in vim. The highest threat from this vulnerability is to system availability. (CVE-2021-3968) A flaw was found in vim. The highest threat from this vulnerability is to system availability. (CVE-2021-3973) A flaw was found in vim. The highest threat from this vulnerability is to system availability. (CVE-2021-3974) A flaw was found in vim. The highest threat from this vulnerability is confidentiality, integrity, and system availability. (CVE-2021-3984) A flaw was found in vim. The highest threat from this vulnerability is system availability. (CVE-2021-4136) A flaw was found in vim. (CVE-2021-4166) A flaw was found in vim. (CVE-2021-4173) A flaw was found in vim. Sourcing a specially crafted file in vim could crash the vim process or possibly lead to other undefined behaviors. A specially crafted file could be used to, when opened in vim, disclose some of the process's internal memory. (CVE-2021-4193) References to CVE-2021-4192 and CVE-2021-4193 have been added after the original release of this advisory, however those vulnerabilities were fixed by the packages referenced by this advisory's initial release on 2022-01-18. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

APPLE-SA-2022-03-14-4 macOS Monterey 12.3

macOS Monterey 12.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213183.

Accelerate Framework Available for: macOS Monterey Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-22633: an anonymous researcher

AMD Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22669: an anonymous researcher

AppKit Available for: macOS Monterey Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2022-22665: Lockheed Martin Red Team

AppleGraphicsControl Available for: macOS Monterey Impact: An application may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22631: an anonymous researcher

AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2022-22625: Mickey Jin (@patch1t) of Trend Micro

AppleScript Available for: macOS Monterey Impact: An application may be able to read restricted memory Description: This issue was addressed with improved checks. CVE-2022-22648: an anonymous researcher

AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2022-22626: Mickey Jin (@patch1t) of Trend Micro CVE-2022-22627: Qi Sun and Robert Ai of Trend Micro

AppleScript Available for: macOS Monterey Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2022-22597: Qi Sun and Robert Ai of Trend Micro

BOM Available for: macOS Monterey Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks Description: This issue was addressed with improved checks. CVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley (@jbradley89) of Jamf Software, Mickey Jin (@patch1t)

curl Available for: macOS Monterey Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to curl version 7.79.1. CVE-2021-22946 CVE-2021-22947 CVE-2021-22945 CVE-2022-22623

FaceTime Available for: macOS Monterey Impact: A user may send audio and video in a FaceTime call without knowing that they have done so Description: This issue was addressed with improved checks. CVE-2022-22643: Sonali Luthar of the University of Virginia, Michael Liao of the University of Illinois at Urbana-Champaign, Rohan Pahwa of Rutgers University, and Bao Nguyen of the University of Florida

ImageIO Available for: macOS Monterey Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2022-22611: Xingyu Jin of Google

ImageIO Available for: macOS Monterey Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-22612: Xingyu Jin of Google

Intel Graphics Driver Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling. CVE-2022-22661: an anonymous researcher, Peterpan0927 of Alibaba Security Pandora Lab

IOGPUFamily Available for: macOS Monterey Impact: An application may be able to gain elevated privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22641: Mohamed Ghannam (@_simo36)

Kernel Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22613: Alex, an anonymous researcher

Kernel Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22614: an anonymous researcher CVE-2022-22615: an anonymous researcher

Kernel Available for: macOS Monterey Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved state management. CVE-2022-22632: Keegan Saunders

Kernel Available for: macOS Monterey Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A null pointer dereference was addressed with improved validation. CVE-2022-22638: derrek (@derrekr6)

Kernel Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-22640: sqrtpwn

libarchive Available for: macOS Monterey Impact: Multiple issues in libarchive Description: Multiple memory corruption issues existed in libarchive. These issues were addressed with improved input validation. CVE-2021-36976

Login Window Available for: macOS Monterey Impact: A person with access to a Mac may be able to bypass Login Window Description: This issue was addressed with improved checks. CVE-2022-22647: an anonymous researcher

LoginWindow Available for: macOS Monterey Impact: A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen Description: An authentication issue was addressed with improved state management. CVE-2022-22656

GarageBand MIDI Available for: macOS Monterey Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A memory initialization issue was addressed with improved memory handling. CVE-2022-22657: Brandon Perry of Atredis Partners

GarageBand MIDI Available for: macOS Monterey Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2022-22664: Brandon Perry of Atredis Partners

NSSpellChecker Available for: macOS Monterey Impact: A malicious application may be able to access information about a user's contacts Description: A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. CVE-2022-22644: an anonymous researcher

PackageKit Available for: macOS Monterey Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2022-22617: Mickey Jin (@patch1t)

Preferences Available for: macOS Monterey Impact: A malicious application may be able to read other applications' settings Description: The issue was addressed with additional permissions checks. CVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)

QuickTime Player Available for: macOS Monterey Impact: A plug-in may be able to inherit the application's permissions and access user data Description: This issue was addressed with improved checks. CVE-2022-22650: Wojciech Reguła (@_r3ggi) of SecuRing

Safari Downloads Available for: macOS Monterey Impact: A maliciously crafted ZIP archive may bypass Gatekeeper checks Description: This issue was addressed with improved checks. CVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley (@jbradley89) of Jamf Software, Mickey Jin (@patch1t)

Sandbox Available for: macOS Monterey Impact: A malicious application may be able to bypass certain Privacy preferences Description: The issue was addressed with improved permissions logic. CVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited, Khiem Tran

Siri Available for: macOS Monterey Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen Description: A permissions issue was addressed with improved validation. CVE-2022-22599: Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg/)

SMB Available for: macOS Monterey Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22651: Felix Poulin-Belanger

SoftwareUpdate Available for: macOS Monterey Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2022-22639: Mickey Jin (@patch1t)

System Preferences Available for: macOS Monterey Impact: An app may be able to spoof system notifications and UI Description: This issue was addressed with a new entitlement. CVE-2022-22660: Guilherme Rambo of Best Buddy Apps (rambo.codes)

UIKit Available for: macOS Monterey Impact: A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions Description: This issue was addressed with improved checks. CVE-2022-22621: Joey Hewitt

Vim Available for: macOS Monterey Impact: Multiple issues in Vim Description: Multiple issues were addressed by updating Vim. CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059 CVE-2022-0128 CVE-2022-0156 CVE-2022-0158

VoiceOver Available for: macOS Monterey Impact: A user may be able to view restricted content from the lock screen Description: A lock screen issue was addressed with improved state management. CVE-2021-30918: an anonymous researcher

WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management. WebKit Bugzilla: 232748 CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix

WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 232812 CVE-2022-22610: Quan Yin of Bigo Technology Live Client Team

WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 233172 CVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Bugzilla: 234147 CVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab

WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 234966 CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative

WebKit Available for: macOS Monterey Impact: A malicious website may cause unexpected cross-origin behavior Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 235294 CVE-2022-22637: Tom McKee of Google

Wi-Fi Available for: macOS Monterey Impact: A malicious application may be able to leak sensitive user information Description: A logic issue was addressed with improved restrictions. CVE-2022-22668: MrPhil17

xar Available for: macOS Monterey Impact: A local user may be able to write arbitrary files Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. CVE-2022-22582: Richard Warren of NCC Group

Additional recognition

AirDrop We would like to acknowledge Omar Espino (omespino.com), Ron Masas of BreakPoint.sh for their assistance.

Bluetooth We would like to acknowledge an anonymous researcher, chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab for their assistance.

Face Gallery We would like to acknowledge Tian Zhang (@KhaosT) for their assistance.

Intel Graphics Driver We would like to acknowledge Jack Dates of RET2 Systems, Inc., Yinyi Wu (@3ndy1) for their assistance.

Local Authentication We would like to acknowledge an anonymous researcher for their assistance.

Notes We would like to acknowledge Nathaniel Ekoniak of Ennate Technologies for their assistance.

Password Manager We would like to acknowledge Maximilian Golla (@m33x) of Max Planck Institute for Security and Privacy (MPI-SP) for their assistance.

Siri We would like to acknowledge an anonymous researcher for their assistance.

syslog We would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for their assistance.

TCC We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.

UIKit We would like to acknowledge Tim Shadel of Day Logger, Inc. for their assistance.

WebKit We would like to acknowledge Abdullah Md Shaleh for their assistance.

WebKit Storage We would like to acknowledge Martin Bajanik of FingerprintJS for their assistance.

macOS Monterey 12.3 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIv0O4ACgkQeC9qKD1p rhjGGRAAjqIyEzN+LAk+2uzHIMQNEwav9fqo/ZNoYAOzNgActK56PIC/PBM3SzHd LrGFKbBq/EMU4EqXT6ycB7/uZfaAZVCBDNo1qOoYNHXnKtGL2Z/96mV14qbSmRvC jfg1pC0G1jPTxJKvHhuQSZHDGj+BI458fwuTY48kjCnzlWf9dKr2kdjUjE38X9RM 0upKVKqY+oWdbn5jPwgZ408NOqzHrHDW1iIYd4v9UrKN3pfMGDzVZTr/offL6VFL osOVWv1IZvXrhPsrtd2KfG0hTHz71vShVZ7jGAsGEdC/mT79zwFbYuzBFy791xFa rizr/ZWGfWBSYy8O90d1l13lDlE739YPc/dt1mjcvP9FTnzMwBagy+6//zAVe0v/ KZOjmvtK5sRvrQH54E8qTYitdMpY2aZhfT6D8tcl+98TjxTDNXXj/gypdCXNWqyB L1PtFhTjQ0WnzUNB7sosM0zAjfZ1iPAZq0XHDQ6p6gEdVavNOHo/ekgibVm5f1pi kwBHkKyq55QbzipDWwXl6Owk/iaHPxgENYb78BpeUQSFei+IYDUsyLkPh3L95PHZ JSyKOtbBArlYOWcxlYHn+hDK8iotA1c/SHDefYOoNkp1uP853Ge09eWq+zMzUwEo GXXJYMi1Q8gmJ9wK/A3d/FKY4FBZxpByUUgjYhiMKTU5cSeihaI= =RiA+ -----END PGP SIGNATURE-----

. Apple is aware of a report that this issue may have been actively exploited. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32


                                       https://security.gentoo.org/

Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32


Synopsis

Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service.

Background

Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060

Description

Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All Vim users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060"

All gVim users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060"

All vim-core users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060"

References

[ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/202208-32

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-6026-1 April 19, 2023

vim vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 14.04 ESM

Summary:

Several security issues were fixed in Vim.

Software Description: - vim: Vi IMproved - enhanced vi editor

Details:

It was discovered that Vim was incorrectly processing Vim buffers. An
attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-4166)

It was discovered that Vim was using freed memory when dealing with regular expressions inside a visual selection. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-4193)

It was discovered that Vim was not properly performing bounds checks when updating windows present on a screen, which could result in a heap buffer overflow. (CVE-2022-0213)

It was discovered that Vim was incorrectly performing read and write operations when in visual block mode, going beyond the end of a line and causing a heap buffer overflow. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0261, CVE-2022-0318)

It was discovered that Vim was incorrectly handling window exchanging operations when in Visual mode, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2022-0319)

It was discovered that Vim was incorrectly handling recursion when parsing conditional expressions. (CVE-2022-0351)

It was discovered that Vim was not properly handling memory allocation when processing data in Ex mode, which could result in a heap buffer overflow. (CVE-2022-0359)

It was discovered that Vim was not properly performing bounds checks when executing line operations in Visual mode, which could result in a heap buffer overflow. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0361, CVE-2022-0368)

It was discovered that Vim was not properly handling loop conditions when looking for spell suggestions, which could result in a stack buffer overflow. (CVE-2022-0408)

It was discovered that Vim was incorrectly handling memory access when executing buffer operations, which could result in the usage of freed memory. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0443)

It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. (CVE-2022-0554)

It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs with spaces or spaces with tabs, which could cause a heap buffer overflow. (CVE-2022-0572)

It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0629)

It was discovered that Vim was not properly performing validation of data that contained special multi-byte characters, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0685)

It was discovered that Vim was incorrectly processing data used to define indentation in a file, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0714)

It was discovered that Vim was incorrectly processing certain regular expression patterns and strings, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0729)

It was discovered that Vim incorrectly handled memory access. (CVE-2022-2207)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 22.04 LTS: vim 2:8.2.3995-1ubuntu2.7

Ubuntu 20.04 LTS: vim 2:8.1.2269-1ubuntu5.14

Ubuntu 18.04 LTS: vim 2:8.0.1453-1ubuntu1.13

Ubuntu 14.04 ESM: vim 2:7.4.052-1ubuntu3.1+esm9

In general, a standard system update will make all the necessary changes. CVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. CVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2249",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.15.7"
      },
      {
        "model": "linux enterprise",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "12.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "10.0"
      },
      {
        "model": "factory",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "opensuse",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "11.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "34"
      },
      {
        "model": "macos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.15.7"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "8.0"
      },
      {
        "model": "vim",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "vim",
        "version": "8.2.3884"
      },
      {
        "model": "linux enterprise",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "15.0"
      },
      {
        "model": "macos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "12.3"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "35"
      },
      {
        "model": "macos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "11.0"
      },
      {
        "model": "macos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "11.6.6"
      },
      {
        "model": "vim",
        "scope": null,
        "trust": 0.8,
        "vendor": "vim",
        "version": null
      },
      {
        "model": "red hat enterprise linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
        "version": null
      },
      {
        "model": "macos",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": null
      },
      {
        "model": "apple mac os x",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": null
      },
      {
        "model": "fedora",
        "scope": null,
        "trust": 0.8,
        "vendor": "fedora",
        "version": null
      },
      {
        "model": "factory",
        "scope": null,
        "trust": 0.8,
        "vendor": "opensuse",
        "version": null
      },
      {
        "model": "linux enterprise",
        "scope": null,
        "trust": 0.8,
        "vendor": "suse",
        "version": null
      },
      {
        "model": "gnu/linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "debian",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.2.3884",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "12.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.6.6",
                "versionStartIncluding": "11.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "166319"
      },
      {
        "db": "PACKETSTORM",
        "id": "167188"
      },
      {
        "db": "PACKETSTORM",
        "id": "167789"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2021-4166",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2021-4166",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-408722",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "security@huntr.dev",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.1,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-4166",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-4166",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "security@huntr.dev",
            "id": "CVE-2021-4166",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202112-2266",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-408722",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-4166",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-408722"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-4166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "vim is vulnerable to Out-of-bounds Read. vim Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. Vim is an editor based on the UNIX platform. Attackers can use this vulnerability to read files out of bounds. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3927)\nA flaw was found in vim. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3928)\nA flaw was found in vim. The highest threat from this vulnerability is to system availability. (CVE-2021-3968)\nA flaw was found in vim. The highest threat from this vulnerability is to system availability. (CVE-2021-3973)\nA flaw was found in vim. The highest threat from this vulnerability is to system availability. (CVE-2021-3974)\nA flaw was found in vim. The highest threat from this vulnerability is confidentiality, integrity, and system availability. (CVE-2021-3984)\nA flaw was found in vim. The highest threat from this vulnerability is system availability. (CVE-2021-4136)\nA flaw was found in vim. (CVE-2021-4166)\nA flaw was found in vim. (CVE-2021-4173)\nA flaw was found in vim. Sourcing a specially crafted file in vim could crash the vim process or possibly lead to other undefined behaviors. A specially crafted file could be used to, when opened in vim, disclose some of the process\u0027s internal memory. (CVE-2021-4193)\nReferences to CVE-2021-4192 and CVE-2021-4193 have been added after the original release of this advisory, however those vulnerabilities were fixed by the packages referenced by this advisory\u0027s initial release on 2022-01-18. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-03-14-4 macOS Monterey 12.3\n\nmacOS Monterey 12.3 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213183. \n\nAccelerate Framework\nAvailable for: macOS Monterey\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2022-22633: an anonymous researcher\n\nAMD\nAvailable for: macOS Monterey\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-22669: an anonymous researcher\n\nAppKit\nAvailable for: macOS Monterey\nImpact: A malicious application may be able to gain root privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2022-22665: Lockheed Martin Red Team\n\nAppleGraphicsControl\nAvailable for: macOS Monterey\nImpact: An application may be able to gain elevated privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-22631: an anonymous researcher\n\nAppleScript\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2022-22625: Mickey Jin (@patch1t) of Trend Micro\n\nAppleScript\nAvailable for: macOS Monterey\nImpact: An application may be able to read restricted memory\nDescription: This issue was addressed with improved checks. \nCVE-2022-22648: an anonymous researcher\n\nAppleScript\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2022-22626: Mickey Jin (@patch1t) of Trend Micro\nCVE-2022-22627: Qi Sun and Robert Ai of Trend Micro\n\nAppleScript\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted file may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-22597: Qi Sun and Robert Ai of Trend Micro\n\nBOM\nAvailable for: macOS Monterey\nImpact: A maliciously crafted ZIP archive may bypass Gatekeeper\nchecks\nDescription: This issue was addressed with improved checks. \nCVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley\n(@jbradley89) of Jamf Software, Mickey Jin (@patch1t)\n\ncurl\nAvailable for: macOS Monterey\nImpact: Multiple issues in curl\nDescription: Multiple issues were addressed by updating to curl\nversion 7.79.1. \nCVE-2021-22946\nCVE-2021-22947\nCVE-2021-22945\nCVE-2022-22623\n\nFaceTime\nAvailable for: macOS Monterey\nImpact: A user may send audio and video in a FaceTime call without\nknowing that they have done so\nDescription: This issue was addressed with improved checks. \nCVE-2022-22643: Sonali Luthar of the University of Virginia, Michael\nLiao of the University of Illinois at Urbana-Champaign, Rohan Pahwa\nof Rutgers University, and Bao Nguyen of the University of Florida\n\nImageIO\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2022-22611: Xingyu Jin of Google\n\nImageIO\nAvailable for: macOS Monterey\nImpact: Processing a maliciously crafted image may lead to heap\ncorruption\nDescription: A memory consumption issue was addressed with improved\nmemory handling. \nCVE-2022-22612: Xingyu Jin of Google\n\nIntel Graphics Driver\nAvailable for: macOS Monterey\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A type confusion issue was addressed with improved state\nhandling. \nCVE-2022-22661: an anonymous researcher, Peterpan0927 of Alibaba\nSecurity Pandora Lab\n\nIOGPUFamily\nAvailable for: macOS Monterey\nImpact: An application may be able to gain elevated privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-22641: Mohamed Ghannam (@_simo36)\n\nKernel\nAvailable for: macOS Monterey\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-22613: Alex, an anonymous researcher\n\nKernel\nAvailable for: macOS Monterey\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-22614: an anonymous researcher\nCVE-2022-22615: an anonymous researcher\n\nKernel\nAvailable for: macOS Monterey\nImpact: A malicious application may be able to elevate privileges\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2022-22632: Keegan Saunders\n\nKernel\nAvailable for: macOS Monterey\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A null pointer dereference was addressed with improved\nvalidation. \nCVE-2022-22638: derrek (@derrekr6)\n\nKernel\nAvailable for: macOS Monterey\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-22640: sqrtpwn\n\nlibarchive\nAvailable for: macOS Monterey\nImpact: Multiple issues in libarchive\nDescription: Multiple memory corruption issues existed in libarchive. \nThese issues were addressed with improved input validation. \nCVE-2021-36976\n\nLogin Window\nAvailable for: macOS Monterey\nImpact: A person with access to a Mac may be able to bypass Login\nWindow\nDescription: This issue was addressed with improved checks. \nCVE-2022-22647: an anonymous researcher\n\nLoginWindow\nAvailable for: macOS Monterey\nImpact: A local attacker may be able to view the previous logged in\nuser\u2019s desktop from the fast user switching screen\nDescription: An authentication issue was addressed with improved\nstate management. \nCVE-2022-22656\n\nGarageBand MIDI\nAvailable for: macOS Monterey\nImpact: Opening a maliciously crafted file may lead to unexpected\napplication termination or arbitrary code execution\nDescription: A memory initialization issue was addressed with\nimproved memory handling. \nCVE-2022-22657: Brandon Perry of Atredis Partners\n\nGarageBand MIDI\nAvailable for: macOS Monterey\nImpact: Opening a maliciously crafted file may lead to unexpected\napplication termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2022-22664: Brandon Perry of Atredis Partners\n\nNSSpellChecker\nAvailable for: macOS Monterey\nImpact: A malicious application may be able to access information\nabout a user\u0027s contacts\nDescription: A privacy issue existed in the handling of Contact\ncards. This was addressed with improved state management. \nCVE-2022-22644: an anonymous researcher\n\nPackageKit\nAvailable for: macOS Monterey\nImpact: An application may be able to gain elevated privileges\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2022-22617: Mickey Jin (@patch1t)\n\nPreferences\nAvailable for: macOS Monterey\nImpact: A malicious application may be able to read other\napplications\u0027 settings\nDescription: The issue was addressed with additional permissions\nchecks. \nCVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)\nof Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nQuickTime Player\nAvailable for: macOS Monterey\nImpact: A plug-in may be able to inherit the application\u0027s\npermissions and access user data\nDescription: This issue was addressed with improved checks. \nCVE-2022-22650: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nSafari Downloads\nAvailable for: macOS Monterey\nImpact: A maliciously crafted ZIP archive may bypass Gatekeeper\nchecks\nDescription: This issue was addressed with improved checks. \nCVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley\n(@jbradley89) of Jamf Software, Mickey Jin (@patch1t)\n\nSandbox\nAvailable for: macOS Monterey\nImpact: A malicious application may be able to bypass certain Privacy\npreferences\nDescription: The issue was addressed with improved permissions logic. \nCVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited,\nKhiem Tran\n\nSiri\nAvailable for: macOS Monterey\nImpact: A person with physical access to a device may be able to use\nSiri to obtain some location information from the lock screen\nDescription: A permissions issue was addressed with improved\nvalidation. \nCVE-2022-22599: Andrew Goldberg of the University of Texas at Austin,\nMcCombs School of Business (linkedin.com/andrew-goldberg/)\n\nSMB\nAvailable for: macOS Monterey\nImpact: A remote attacker may be able to cause unexpected system\ntermination or corrupt kernel memory\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-22651: Felix Poulin-Belanger\n\nSoftwareUpdate\nAvailable for: macOS Monterey\nImpact: An application may be able to gain elevated privileges\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2022-22639: Mickey Jin (@patch1t)\n\nSystem Preferences\nAvailable for: macOS Monterey\nImpact: An app may be able to spoof system notifications and UI\nDescription: This issue was addressed with a new entitlement. \nCVE-2022-22660: Guilherme Rambo of Best Buddy Apps (rambo.codes)\n\nUIKit\nAvailable for: macOS Monterey\nImpact: A person with physical access to an iOS device may be able to\nsee sensitive information via keyboard suggestions\nDescription: This issue was addressed with improved checks. \nCVE-2022-22621: Joey Hewitt\n\nVim\nAvailable for: macOS Monterey\nImpact: Multiple issues in Vim\nDescription: Multiple issues were addressed by updating Vim. \nCVE-2021-4136\nCVE-2021-4166\nCVE-2021-4173\nCVE-2021-4187\nCVE-2021-4192\nCVE-2021-4193\nCVE-2021-46059\nCVE-2022-0128\nCVE-2022-0156\nCVE-2022-0158\n\nVoiceOver\nAvailable for: macOS Monterey\nImpact: A user may be able to view restricted content from the lock\nscreen\nDescription: A lock screen issue was addressed with improved state\nmanagement. \nCVE-2021-30918: an anonymous researcher\n\nWebKit\nAvailable for: macOS Monterey\nImpact: Processing maliciously crafted web content may disclose\nsensitive user information\nDescription: A cookie management issue was addressed with improved\nstate management. \nWebKit Bugzilla: 232748\nCVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix\n\nWebKit\nAvailable for: macOS Monterey\nImpact: Processing maliciously crafted web content may lead to code\nexecution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nWebKit Bugzilla: 232812\nCVE-2022-22610: Quan Yin of Bigo Technology Live Client Team\n\nWebKit\nAvailable for: macOS Monterey\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nWebKit Bugzilla: 233172\nCVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab\nWebKit Bugzilla: 234147\nCVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab\n\nWebKit\nAvailable for: macOS Monterey\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nWebKit Bugzilla: 234966\nCVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro\nZero Day Initiative\n\nWebKit\nAvailable for: macOS Monterey\nImpact: A malicious website may cause unexpected cross-origin\nbehavior\nDescription: A logic issue was addressed with improved state\nmanagement. \nWebKit Bugzilla: 235294\nCVE-2022-22637: Tom McKee of Google\n\nWi-Fi\nAvailable for: macOS Monterey\nImpact: A malicious application may be able to leak sensitive user\ninformation\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2022-22668: MrPhil17\n\nxar\nAvailable for: macOS Monterey\nImpact: A local user may be able to write arbitrary files\nDescription: A validation issue existed in the handling of symlinks. \nThis issue was addressed with improved validation of symlinks. \nCVE-2022-22582: Richard Warren of NCC Group\n\nAdditional recognition\n\nAirDrop\nWe would like to acknowledge Omar Espino (omespino.com), Ron Masas of\nBreakPoint.sh for their assistance. \n\nBluetooth\nWe would like to acknowledge an anonymous researcher, chenyuwang\n(@mzzzz__) of Tencent Security Xuanwu Lab for their assistance. \n\nFace Gallery\nWe would like to acknowledge Tian Zhang (@KhaosT) for their\nassistance. \n\nIntel Graphics Driver\nWe would like to acknowledge Jack Dates of RET2 Systems, Inc., Yinyi\nWu (@3ndy1) for their assistance. \n\nLocal Authentication\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nNotes\nWe would like to acknowledge Nathaniel Ekoniak of Ennate Technologies\nfor their assistance. \n\nPassword Manager\nWe would like to acknowledge Maximilian Golla (@m33x) of Max Planck\nInstitute for Security and Privacy (MPI-SP) for their assistance. \n\nSiri\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nsyslog\nWe would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for\ntheir assistance. \n\nTCC\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive\nSecurity for their assistance. \n\nUIKit\nWe would like to acknowledge Tim Shadel of Day Logger, Inc. for their\nassistance. \n\nWebKit\nWe would like to acknowledge Abdullah Md Shaleh for their assistance. \n\nWebKit Storage\nWe would like to acknowledge Martin Bajanik of FingerprintJS for\ntheir assistance. \n\nmacOS Monterey 12.3 may be obtained from the Mac App Store or Apple\u0027s\nSoftware Downloads web site: https://support.apple.com/downloads/\nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIv0O4ACgkQeC9qKD1p\nrhjGGRAAjqIyEzN+LAk+2uzHIMQNEwav9fqo/ZNoYAOzNgActK56PIC/PBM3SzHd\nLrGFKbBq/EMU4EqXT6ycB7/uZfaAZVCBDNo1qOoYNHXnKtGL2Z/96mV14qbSmRvC\njfg1pC0G1jPTxJKvHhuQSZHDGj+BI458fwuTY48kjCnzlWf9dKr2kdjUjE38X9RM\n0upKVKqY+oWdbn5jPwgZ408NOqzHrHDW1iIYd4v9UrKN3pfMGDzVZTr/offL6VFL\nosOVWv1IZvXrhPsrtd2KfG0hTHz71vShVZ7jGAsGEdC/mT79zwFbYuzBFy791xFa\nrizr/ZWGfWBSYy8O90d1l13lDlE739YPc/dt1mjcvP9FTnzMwBagy+6//zAVe0v/\nKZOjmvtK5sRvrQH54E8qTYitdMpY2aZhfT6D8tcl+98TjxTDNXXj/gypdCXNWqyB\nL1PtFhTjQ0WnzUNB7sosM0zAjfZ1iPAZq0XHDQ6p6gEdVavNOHo/ekgibVm5f1pi\nkwBHkKyq55QbzipDWwXl6Owk/iaHPxgENYb78BpeUQSFei+IYDUsyLkPh3L95PHZ\nJSyKOtbBArlYOWcxlYHn+hDK8iotA1c/SHDefYOoNkp1uP853Ge09eWq+zMzUwEo\nGXXJYMi1Q8gmJ9wK/A3d/FKY4FBZxpByUUgjYhiMKTU5cSeihaI=\n=RiA+\n-----END PGP SIGNATURE-----\n\n\n. Apple is aware of a report that this issue may\nhave been actively exploited. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 202208-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n    Title: Vim, gVim: Multiple Vulnerabilities\n     Date: August 21, 2022\n     Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231\n       ID: 202208-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in Vim, the worst of which\ncould result in denial of service. \n\nBackground\n=========\nVim is an efficient, highly configurable improved version of the classic\n\u2018vi\u2019 text editor. gVim is the GUI version of Vim. \n\nAffected packages\n================\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-editors/gvim           \u003c 9.0.0060                \u003e= 9.0.0060\n  2  app-editors/vim            \u003c 9.0.0060                \u003e= 9.0.0060\n  3  app-editors/vim-core       \u003c 9.0.0060                \u003e= 9.0.0060\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in Vim and gVim. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll Vim users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-editors/vim-9.0.0060\"\n\nAll gVim users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-editors/gvim-9.0.0060\"\n\nAll vim-core users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-editors/vim-core-9.0.0060\"\n\nReferences\n=========\n[ 1 ] CVE-2021-3770\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3770\n[ 2 ] CVE-2021-3778\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3778\n[ 3 ] CVE-2021-3796\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3796\n[ 4 ] CVE-2021-3872\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3872\n[ 5 ] CVE-2021-3875\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3875\n[ 6 ] CVE-2021-3927\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3927\n[ 7 ] CVE-2021-3928\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3928\n[ 8 ] CVE-2021-3968\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3968\n[ 9 ] CVE-2021-3973\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3973\n[ 10 ] CVE-2021-3974\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3974\n[ 11 ] CVE-2021-3984\n      https://nvd.nist.gov/vuln/detail/CVE-2021-3984\n[ 12 ] CVE-2021-4019\n      https://nvd.nist.gov/vuln/detail/CVE-2021-4019\n[ 13 ] CVE-2021-4069\n      https://nvd.nist.gov/vuln/detail/CVE-2021-4069\n[ 14 ] CVE-2021-4136\n      https://nvd.nist.gov/vuln/detail/CVE-2021-4136\n[ 15 ] CVE-2021-4166\n      https://nvd.nist.gov/vuln/detail/CVE-2021-4166\n[ 16 ] CVE-2021-4173\n      https://nvd.nist.gov/vuln/detail/CVE-2021-4173\n[ 17 ] CVE-2021-4187\n      https://nvd.nist.gov/vuln/detail/CVE-2021-4187\n[ 18 ] CVE-2021-4192\n      https://nvd.nist.gov/vuln/detail/CVE-2021-4192\n[ 19 ] CVE-2021-4193\n      https://nvd.nist.gov/vuln/detail/CVE-2021-4193\n[ 20 ] CVE-2021-46059\n      https://nvd.nist.gov/vuln/detail/CVE-2021-46059\n[ 21 ] CVE-2022-0128\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0128\n[ 22 ] CVE-2022-0156\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0156\n[ 23 ] CVE-2022-0158\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0158\n[ 24 ] CVE-2022-0213\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0213\n[ 25 ] CVE-2022-0261\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0261\n[ 26 ] CVE-2022-0318\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0318\n[ 27 ] CVE-2022-0319\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0319\n[ 28 ] CVE-2022-0351\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0351\n[ 29 ] CVE-2022-0359\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0359\n[ 30 ] CVE-2022-0361\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0361\n[ 31 ] CVE-2022-0368\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0368\n[ 32 ] CVE-2022-0392\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0392\n[ 33 ] CVE-2022-0393\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0393\n[ 34 ] CVE-2022-0407\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0407\n[ 35 ] CVE-2022-0408\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0408\n[ 36 ] CVE-2022-0413\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0413\n[ 37 ] CVE-2022-0417\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0417\n[ 38 ] CVE-2022-0443\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0443\n[ 39 ] CVE-2022-0554\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0554\n[ 40 ] CVE-2022-0629\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0629\n[ 41 ] CVE-2022-0685\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0685\n[ 42 ] CVE-2022-0714\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0714\n[ 43 ] CVE-2022-0729\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0729\n[ 44 ] CVE-2022-0943\n      https://nvd.nist.gov/vuln/detail/CVE-2022-0943\n[ 45 ] CVE-2022-1154\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1154\n[ 46 ] CVE-2022-1160\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1160\n[ 47 ] CVE-2022-1381\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1381\n[ 48 ] CVE-2022-1420\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1420\n[ 49 ] CVE-2022-1616\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1616\n[ 50 ] CVE-2022-1619\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1619\n[ 51 ] CVE-2022-1620\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1620\n[ 52 ] CVE-2022-1621\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1621\n[ 53 ] CVE-2022-1629\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1629\n[ 54 ] CVE-2022-1674\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1674\n[ 55 ] CVE-2022-1720\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1720\n[ 56 ] CVE-2022-1733\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1733\n[ 57 ] CVE-2022-1735\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1735\n[ 58 ] CVE-2022-1769\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1769\n[ 59 ] CVE-2022-1771\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1771\n[ 60 ] CVE-2022-1785\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1785\n[ 61 ] CVE-2022-1796\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1796\n[ 62 ] CVE-2022-1851\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1851\n[ 63 ] CVE-2022-1886\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1886\n[ 64 ] CVE-2022-1897\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1897\n[ 65 ] CVE-2022-1898\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1898\n[ 66 ] CVE-2022-1927\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1927\n[ 67 ] CVE-2022-1942\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1942\n[ 68 ] CVE-2022-1968\n      https://nvd.nist.gov/vuln/detail/CVE-2022-1968\n[ 69 ] CVE-2022-2000\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2000\n[ 70 ] CVE-2022-2042\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2042\n[ 71 ] CVE-2022-2124\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2124\n[ 72 ] CVE-2022-2125\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2125\n[ 73 ] CVE-2022-2126\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2126\n[ 74 ] CVE-2022-2129\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2129\n[ 75 ] CVE-2022-2175\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2175\n[ 76 ] CVE-2022-2182\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2182\n[ 77 ] CVE-2022-2183\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2183\n[ 78 ] CVE-2022-2206\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2206\n[ 79 ] CVE-2022-2207\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2207\n[ 80 ] CVE-2022-2208\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2208\n[ 81 ] CVE-2022-2210\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2210\n[ 82 ] CVE-2022-2231\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2231\n[ 83 ] CVE-2022-2257\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2257\n[ 84 ] CVE-2022-2264\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2264\n[ 85 ] CVE-2022-2284\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2284\n[ 86 ] CVE-2022-2285\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2285\n[ 87 ] CVE-2022-2286\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2286\n[ 88 ] CVE-2022-2287\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2287\n[ 89 ] CVE-2022-2288\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2288\n[ 90 ] CVE-2022-2289\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2289\n[ 91 ] CVE-2022-2304\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2304\n[ 92 ] CVE-2022-2343\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2343\n[ 93 ] CVE-2022-2344\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2344\n[ 94 ] CVE-2022-2345\n      https://nvd.nist.gov/vuln/detail/CVE-2022-2345\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202208-32\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. ==========================================================================\nUbuntu Security Notice USN-6026-1\nApril 19, 2023\n\nvim vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in Vim. \n\nSoftware Description:\n- vim: Vi IMproved - enhanced vi editor\n\nDetails:\n\nIt was discovered that Vim was incorrectly processing Vim buffers. An      \nattacker could possibly use this issue to perform illegal memory access and\nexpose sensitive information. This issue only affected Ubuntu 20.04 LTS. \n(CVE-2021-4166)\n\nIt was discovered that Vim was using freed memory when dealing with regular\nexpressions inside a visual selection. If a user were tricked into opening a\nspecially crafted file, an attacker could crash the application, leading to a\ndenial of service, or possibly achieve code execution with user privileges. \nThis issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu\n20.04 LTS. An attacker could\npossibly use this issue to expose sensitive information. This issue only\naffected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. \n(CVE-2021-4193)\n\nIt was discovered that Vim was not properly performing bounds checks when\nupdating windows present on a screen, which could result in a heap buffer\noverflow. (CVE-2022-0213)\n\nIt was discovered that Vim was incorrectly performing read and write\noperations when in visual block mode, going beyond the end of a line and\ncausing a heap buffer overflow. If a user were tricked into opening a\nspecially crafted file, an attacker could crash the application, leading to a\ndenial of service, or possibly achieve code execution with user privileges. \nThis issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu\n22.04 LTS. (CVE-2022-0261, CVE-2022-0318)\n\nIt was discovered that Vim was incorrectly handling window exchanging\noperations when in Visual mode, which could result in an out-of-bounds read. \nAn attacker could possibly use this issue to expose sensitive information. \n(CVE-2022-0319)\n\nIt was discovered that Vim was incorrectly handling recursion when parsing\nconditional expressions. (CVE-2022-0351)\n\nIt was discovered that Vim was not properly handling memory allocation when\nprocessing data in Ex mode, which could result in a heap buffer overflow. (CVE-2022-0359)\n\nIt was discovered that Vim was not properly performing bounds checks when\nexecuting line operations in Visual mode, which could result in a heap\nbuffer overflow. This issue only affected\nUbuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0361,\nCVE-2022-0368)\n\nIt was discovered that Vim was not properly handling loop conditions when\nlooking for spell suggestions, which could result in a stack buffer\noverflow. (CVE-2022-0408)\n\nIt was discovered that Vim was incorrectly handling memory access when\nexecuting buffer operations, which could result in the usage of freed\nmemory. An attacker could possibly use this issue to execute arbitrary\ncode. (CVE-2022-0443)\n\nIt was discovered that Vim was incorrectly processing Vim buffers. An\nattacker could possibly use this issue to perform illegal memory access and\nexpose sensitive information. (CVE-2022-0554)\n\nIt was discovered that Vim was not properly performing bounds checks for\ncolumn numbers when replacing tabs with spaces or spaces with tabs, which\ncould cause a heap buffer overflow. \n(CVE-2022-0572)\n\nIt was discovered that Vim was incorrectly processing Vim buffers. An\nattacker could possibly use this issue to perform illegal memory access and\nexpose sensitive information. This issue only affected Ubuntu 20.04 LTS and\nUbuntu 22.04 LTS. (CVE-2022-0629)\n\nIt was discovered that Vim was not properly performing validation of data\nthat contained special multi-byte characters, which could cause an\nout-of-bounds read. An attacker could possibly use this issue to cause a\ndenial of service. (CVE-2022-0685)\n\nIt was discovered that Vim was incorrectly processing data used to define\nindentation in a file, which could cause a heap buffer overflow. An\nattacker could possibly use this issue to cause a denial of service. \n(CVE-2022-0714)\n\nIt was discovered that Vim was incorrectly processing certain regular\nexpression patterns and strings, which could cause an out-of-bounds read. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2022-0729)\n\nIt was discovered that Vim incorrectly handled memory access. (CVE-2022-2207)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS:\n  vim                             2:8.2.3995-1ubuntu2.7\n\nUbuntu 20.04 LTS:\n  vim                             2:8.1.2269-1ubuntu5.14\n\nUbuntu 18.04 LTS:\n  vim                             2:8.0.1453-1ubuntu1.13\n\nUbuntu 14.04 ESM:\n  vim                             2:7.4.052-1ubuntu3.1+esm9\n\nIn general, a standard system update will make all the necessary changes. \nCVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs\n\u0026 DNSLab, Korea Univ. \nCVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "db": "VULHUB",
        "id": "VHN-408722"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-4166"
      },
      {
        "db": "PACKETSTORM",
        "id": "166319"
      },
      {
        "db": "PACKETSTORM",
        "id": "167188"
      },
      {
        "db": "PACKETSTORM",
        "id": "168124"
      },
      {
        "db": "PACKETSTORM",
        "id": "171934"
      },
      {
        "db": "PACKETSTORM",
        "id": "167789"
      }
    ],
    "trust": 2.25
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-408722",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-408722"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-4166",
        "trust": 3.9
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2022/01/15/1",
        "trust": 1.8
      },
      {
        "db": "PACKETSTORM",
        "id": "167188",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "166319",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "167789",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.3561",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.0019",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.3002",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.2412",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022072103",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022051702",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022031433",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022062022",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022022221",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2266",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-05062",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-408722",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-4166",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168124",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "171934",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-408722"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-4166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "db": "PACKETSTORM",
        "id": "166319"
      },
      {
        "db": "PACKETSTORM",
        "id": "167188"
      },
      {
        "db": "PACKETSTORM",
        "id": "168124"
      },
      {
        "db": "PACKETSTORM",
        "id": "171934"
      },
      {
        "db": "PACKETSTORM",
        "id": "167789"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ]
  },
  "id": "VAR-202112-2249",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-408722"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:42:54.816000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT213343 Red hat Red\u00a0Hat",
        "trust": 0.8,
        "url": "https://www.debian.org/"
      },
      {
        "title": "Vim Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=176547"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2022-1557",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2022-1557"
      },
      {
        "title": "Amazon Linux 2: ALAS2-2022-1743",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2022-1743"
      },
      {
        "title": "Amazon Linux 2022: ALAS2022-2022-014",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-014"
      },
      {
        "title": "Apple: macOS Monterey 12.3",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=f1105c4a20da11497b610b14a1668180"
      },
      {
        "title": "Apple: Security Update 2022-005 Catalina",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=b71ee1a3b689c178ee5a5bc823295063"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-4166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.1
      },
      {
        "problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-408722"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4166"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/kb/ht213183"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/kb/ht213256"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/kb/ht213343"
      },
      {
        "trust": 1.8,
        "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035"
      },
      {
        "trust": 1.8,
        "url": "http://seclists.org/fulldisclosure/2022/mar/29"
      },
      {
        "trust": 1.8,
        "url": "http://seclists.org/fulldisclosure/2022/may/35"
      },
      {
        "trust": 1.8,
        "url": "http://seclists.org/fulldisclosure/2022/jul/14"
      },
      {
        "trust": 1.8,
        "url": "https://security.gentoo.org/glsa/202208-32"
      },
      {
        "trust": 1.8,
        "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682"
      },
      {
        "trust": 1.8,
        "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ey2vfbu3yggwi5bw4xkt3f37mygequd/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3fh2j57gda2wmbs6j56f6qqra6bxqqfz/"
      },
      {
        "trust": 0.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3fh2j57gda2wmbs6j56f6qqra6bxqqfz/"
      },
      {
        "trust": 0.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ey2vfbu3yggwi5bw4xkt3f37mygequd/"
      },
      {
        "trust": 0.8,
        "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035/"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022072103"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022051702"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022022221"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/167789/apple-security-advisory-2022-07-20-4.html"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/en-us/ht213183"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2021-4166"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/en-us/ht213343"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/en-us/ht213256"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.0019"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/166319/apple-security-advisory-2022-03-14-4.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022062022"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/167188/apple-security-advisory-2022-05-16-3.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.3561"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/vim-out-of-bounds-memory-reading-via-do-arg-all-37183"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.3002"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022031433"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.2412"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4192"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4193"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4173"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4136"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-46059"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0128"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4187"
      },
      {
        "trust": 0.3,
        "url": "https://support.apple.com/en-us/ht201222."
      },
      {
        "trust": 0.3,
        "url": "https://support.apple.com/downloads/"
      },
      {
        "trust": 0.3,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0156"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0158"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0261"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0408"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0368"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0554"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0443"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0629"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0319"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0351"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0213"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0359"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/125.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://alas.aws.amazon.com/alas-2022-1557.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22609"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22612"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22610"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22616"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22945"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22613"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30918"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22600"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-36976"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22947"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22599"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22597"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22611"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22615"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22582"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/ht213183."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22946"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22614"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22721"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23308"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22589"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22663"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44790"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22674"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/ht213256."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0530"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44224"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26698"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22719"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26697"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0778"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45444"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25032"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22675"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22720"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26706"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22665"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26712"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0361"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2129"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0413"
      },
      {
        "trust": 0.1,
        "url": "https://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0943"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1927"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3796"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2175"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2286"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2126"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1886"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1771"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1851"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2000"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2287"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0417"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1968"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1621"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0407"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0318"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2284"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2288"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0392"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2345"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2257"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1154"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2124"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2343"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1381"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1735"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0714"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2125"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3778"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2207"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3984"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1629"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0393"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2183"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4069"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1616"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2264"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3927"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1619"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0685"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2304"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1620"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1898"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3974"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2344"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3928"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4019"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3968"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1785"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1796"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0729"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2206"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1720"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3770"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1769"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1897"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2289"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3973"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1420"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2042"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2182"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3872"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1160"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3875"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2231"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2285"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2208"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1942"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2210"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0572"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.14"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/vim/2:8.0.1453-1ubuntu1.13"
      },
      {
        "trust": 0.1,
        "url": "https://ubuntu.com/security/notices/usn-6026-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.7"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32786"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32781"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32797"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32785"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/ht213343."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26704"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32787"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-408722"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-4166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "db": "PACKETSTORM",
        "id": "166319"
      },
      {
        "db": "PACKETSTORM",
        "id": "167188"
      },
      {
        "db": "PACKETSTORM",
        "id": "168124"
      },
      {
        "db": "PACKETSTORM",
        "id": "171934"
      },
      {
        "db": "PACKETSTORM",
        "id": "167789"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-408722"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-4166"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "db": "PACKETSTORM",
        "id": "166319"
      },
      {
        "db": "PACKETSTORM",
        "id": "167188"
      },
      {
        "db": "PACKETSTORM",
        "id": "168124"
      },
      {
        "db": "PACKETSTORM",
        "id": "171934"
      },
      {
        "db": "PACKETSTORM",
        "id": "167789"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-4166"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-12-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-408722"
      },
      {
        "date": "2021-12-25T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-4166"
      },
      {
        "date": "2022-12-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "date": "2022-03-15T15:49:02",
        "db": "PACKETSTORM",
        "id": "166319"
      },
      {
        "date": "2022-05-17T16:59:42",
        "db": "PACKETSTORM",
        "id": "167188"
      },
      {
        "date": "2022-08-22T16:01:59",
        "db": "PACKETSTORM",
        "id": "168124"
      },
      {
        "date": "2023-04-19T13:03:56",
        "db": "PACKETSTORM",
        "id": "171934"
      },
      {
        "date": "2022-07-22T16:23:52",
        "db": "PACKETSTORM",
        "id": "167789"
      },
      {
        "date": "2021-12-25T19:15:07.280000",
        "db": "NVD",
        "id": "CVE-2021-4166"
      },
      {
        "date": "2021-12-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-11-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-408722"
      },
      {
        "date": "2022-07-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-4166"
      },
      {
        "date": "2022-12-26T02:18:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      },
      {
        "date": "2023-11-07T03:40:17.533000",
        "db": "NVD",
        "id": "CVE-2021-4166"
      },
      {
        "date": "2023-01-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "vim\u00a0 Out-of-bounds read vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-016876"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2266"
      }
    ],
    "trust": 0.6
  }
}