{"vulnerability": "cve-2022-3275", "sightings": [{"uuid": "94fd55c9-b0ec-475d-8522-f4de3b1ecee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32759", "type": "seen", "source": "https://t.me/cvedetector/1640", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-32759 - IBM X-Force ID 228565: IBM Security Directory Integrator Insufficient Session Expiration\", \n  \"Content\": \"CVE ID : CVE-2022-32759 \nPublished : July 25, 2024, 6:15 p.m. | 37\u00a0minutes ago \nDescription : IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses insufficient session expiration which could allow an unauthorized user to obtain sensitive information.  IBM X-Force ID:  228565. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-25T21:05:54.000000Z"}, {"uuid": "571e4d4c-3b18-4ace-adf3-13209681f024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32755", "type": "seen", "source": "https://t.me/cibsecurity/72287", "content": "\u203c CVE-2022-32755 \u203c\n\nIBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 228505.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-14T18:30:03.000000Z"}, {"uuid": "43c5e470-b890-403b-8fbb-929a8387005a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3275", "type": "seen", "source": "https://t.me/cibsecurity/51030", "content": "\u203c CVE-2022-3275 \u203c\n\nCommand injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-08T00:17:37.000000Z"}]}