{"vulnerability": "cve-2022-2363", "sightings": [{"uuid": "3d3293d9-f9bd-424c-8f61-8e27669e92e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23632", "type": "seen", "source": "https://gist.github.com/alon710/9def45344bb07b378de41c3c4e762379", "content": "", "creation_timestamp": "2026-01-24T21:25:43.000000Z"}, {"uuid": "149c2d2b-7901-461a-8c70-a41f39c4527d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23632", "type": "seen", "source": "https://gist.github.com/alon710/7c3fde71c655f15e964d83a59a44bf40", "content": "", "creation_timestamp": "2026-01-24T22:41:08.000000Z"}, {"uuid": "2b73f226-4ff0-42fe-b717-642a352703b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23635", "type": "seen", "source": "https://t.me/arpsyndicate/127", "content": "#ExploitObserverAlert\n\nCVE-2022-23635\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-23635. Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.\n\nFIRST-EPSS: 0.001210000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-12T18:22:33.000000Z"}, {"uuid": "386fa62e-5e35-4ebb-8035-61e77256babb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23631", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/333", "content": "CVE-2022-23631 : RCE via Prototype Pollution in Blitz.js\nhttps://blog.sonarsource.com/blitzjs-prototype-pollution", "creation_timestamp": "2022-07-16T23:53:49.000000Z"}, {"uuid": "2d2a2dc2-76c9-404d-a442-3edb9be9d17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23633", "type": "seen", "source": "https://t.me/ctinow/170326", "content": "https://ift.tt/NnVhJQ9\nCVE-2022-23633 Ruby on Rails Vulnerability in NetApp Products", "creation_timestamp": "2024-01-19T18:32:03.000000Z"}, {"uuid": "c92045c2-e47a-4f69-95dc-3427bf2aa964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23631", "type": "seen", "source": "https://t.me/ctinow/164845", "content": "https://ift.tt/49U3xKi\nCVE-2022-23631 Exploit", "creation_timestamp": "2024-01-09T08:16:10.000000Z"}, {"uuid": "7fcd0c62-0b06-41bc-8423-f2abcb21644b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2363", "type": "seen", "source": "https://t.me/cibsecurity/46074", "content": "\u203c CVE-2022-2363 \u203c\n\nA vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file /ci_spms/admin/search/searching/. The manipulation of the argument search with the input \">alert(\"XSS\") leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-12T20:25:20.000000Z"}, {"uuid": "bc9f87bf-4fff-43fd-a859-4aa5f6b85550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23637", "type": "seen", "source": "https://t.me/cibsecurity/37468", "content": "\u203c CVE-2022-23637 \u203c\n\nK-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting (XSS) vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked, execute untrusted javascript actions, like retrieving user cookies. Version 0.33.1 includes a patch that allows discarding unsafe links.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-15T00:33:22.000000Z"}, {"uuid": "f67c2358-1a16-47de-818e-af3196e2483c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23632", "type": "seen", "source": "https://t.me/cibsecurity/37664", "content": "\u203c CVE-2022-23632 \u203c\n\nTraefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS) configuration when the host header is a fully qualified domain name (FQDN). For a request, the TLS configuration choice can be different than the router choice, which implies the use of a wrong TLS configuration. When sending a request using FQDN handled by a router configured with a dedicated TLS configuration, the TLS configuration falls back to the default configuration that might not correspond to the configured one. If the CNAME flattening is enabled, the selected TLS configuration is the SNI one and the routing uses the CNAME value, so this can skip the expected TLS configuration. Version 2.6.1 contains a patch for this issue. As a workaround, one may add the FDQN to the host rule. However, there is no workaround if the CNAME flattening is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-17T18:37:20.000000Z"}, {"uuid": "caa35550-1685-4182-a55c-8e862265c4bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23636", "type": "seen", "source": "https://t.me/cibsecurity/37642", "content": "\u203c CVE-2022-23636 \u203c\n\nWasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an `externref` global will result in an invalid drop of a `VMExternRef` via an uninitialized pointer. A number of conditions listed in the GitHub Security Advisory must be true in order for an instance to be vulnerable to this issue. Maintainers believe that the effective impact of this bug is relatively small because the usage of `externref` is still uncommon and without a resource limiter configured on the `Store`, which is not the default configuration, it is only possible to trigger the bug from an error returned by `mprotect` or `VirtualAlloc`. Note that on Linux with the `uffd` feature enabled, it is only possible to trigger the bug from a resource limiter as the call to `mprotect` is skipped. The bug has been fixed in 0.34.1 and 0.33.1 and users are encouraged to upgrade as soon as possible. If it is not possible to upgrade to version 0.34.1 or 0.33.1 of the `wasmtime` crate, it is recommend that support for the reference types proposal be disabled by passing `false` to `Config::wasm_reference_types`. Doing so will prevent modules that use `externref` from being loaded entirely.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-17T00:39:50.000000Z"}, {"uuid": "c29762b1-fa60-43dd-940c-c6f6c686cd6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23639", "type": "seen", "source": "https://t.me/cibsecurity/37535", "content": "\u203c CVE-2022-23639 \u203c\n\ncrossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was always the same as `Atomic{I,U}64`. However, the alignment of `{i,u}64` on a 32-bit target can be smaller than `Atomic{I,U}64`. This can cause unaligned memory accesses and data race. Crates using `fetch_*` methods with `AtomicCell<{i,u}64>` are affected by this issue. 32-bit targets without `Atomic{I,U}64` and 64-bit targets are not affected by this issue. This has been fixed in crossbeam-utils 0.8.7. There are currently no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-15T22:34:52.000000Z"}, {"uuid": "e1b6ccf2-9f76-4ef8-ac1f-16722e66d65e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23638", "type": "seen", "source": "https://t.me/cibsecurity/37452", "content": "\u203c CVE-2022-23638 \u203c\n\nsvg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scripting vulnerability impacts all users of the `svg-sanitizer` library prior to version 0.15.0. This issue is fixed in version 0.15.0. There is currently no workaround available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-15T00:33:04.000000Z"}, {"uuid": "3725724b-d5af-4105-9507-868d3b486e89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23634", "type": "seen", "source": "https://t.me/cibsecurity/37363", "content": "\u203c CVE-2022-23634 \u203c\n\nPuma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `puma` may not always call `close` on the response body. Rails, prior to version `7.0.2.2`, depended on the response body being closed in order for its `CurrentAttributes` implementation to work correctly. The combination of these two behaviors (Puma not closing the body + Rails' Executor implementation) causes information leakage. This problem is fixed in Puma versions 5.6.2 and 4.3.11. This problem is fixed in Rails versions 7.02.2, 6.1.4.6, 6.0.4.6, and 5.2.6.2. Upgrading to a patched Rails _or_ Puma version fixes the vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-12T00:29:18.000000Z"}, {"uuid": "2957ac3d-3cc2-4fac-a33d-f73471817d2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23633", "type": "seen", "source": "https://t.me/cibsecurity/37362", "content": "\u203c CVE-2022-23633 \u203c\n\nAction Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is *not* notified of a `close`, `ActionDispatch::Executor` will not know to reset thread local state for the next request. This can lead to data being leaked to subsequent requests.This has been fixed in Rails 7.0.2.1, 6.1.4.5, 6.0.4.5, and 5.2.6.1. Upgrading is highly recommended, but to work around this problem a middleware described in GHSA-wh98-p28r-vrc9 can be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-12T00:29:16.000000Z"}, {"uuid": "7cc8a04b-9f10-4866-ae81-71196d306154", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23630", "type": "seen", "source": "https://t.me/cibsecurity/37258", "content": "\u203c CVE-2022-23630 \u203c\n\nGradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled on one or more configurations and those configurations have common dependencies with other configurations that have dependency verification enabled. If the configuration that has dependency verification disabled is resolved first, Gradle does not verify the common dependencies for the configuration that has dependency verification enabled. Gradle 7.4 fixes that issue by validating artifacts at least once if they are present in a resolved configuration that has dependency verification active. For users who cannot update either do not use `ResolutionStrategy.disableDependencyVerification()` and do not use plugins that use that method to disable dependency verification for a single configuration or make sure resolution of configuration that disable that feature do not happen in builds that resolve configuration where the feature is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-24T08:19:51.000000Z"}, {"uuid": "8fc3f4ca-e862-4b8e-b2dc-e681d7709825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23635", "type": "seen", "source": "https://t.me/cibsecurity/37906", "content": "\u203c CVE-2022-23635 \u203c\n\nIstio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, `istiod`, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoint is served over TLS port 15012, but does not require any authentication from the attacker. For simple installations, Istiod is typically only reachable from within the cluster, limiting the blast radius. However, for some deployments, especially [multicluster](https://istio.io/latest/docs/setup/install/multicluster/primary-remote/) topologies, this port is exposed over the public internet. There are no effective workarounds, beyond upgrading. Limiting network access to Istiod to the minimal set of clients can help lessen the scope of the vulnerability to some extent.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-23T00:23:46.000000Z"}, {"uuid": "34146c7b-f88b-4cf5-963d-7a75cdf07c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23631", "type": "seen", "source": "https://t.me/cibsecurity/37126", "content": "\u203c CVE-2022-23631 \u203c\n\nsuperjson is a program to allow JavaScript expressions to be serialized to a superset of JSON. In versions prior to 1.8.1 superjson allows input to run arbitrary code on any server using superjson input without prior authentication or knowledge. The only requirement is that the server implements at least one endpoint which uses superjson during request processing. This has been patched in superjson 1.8.1. Users are advised to update. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-10T00:13:15.000000Z"}, {"uuid": "58fd9d34-4531-48c7-8253-aa9f0f4490c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23631", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6398", "content": "#exploit\n1. Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706\nhttps://www.microsoft.com/security/blog/2022/07/13/uncovering-a-macos-app-sandbox-escape-vulnerability-a-deep-dive-into-cve-2022-26706\n\n2. CVE-2022-23631:\nRCE via Prototype Pollution in Blitz.js\nhttps://blog.sonarsource.com/blitzjs-prototype-pollution", "creation_timestamp": "2022-07-14T13:07:20.000000Z"}]}