Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2023-1350
Vulnerability from csaf_certbund
Published
2023-06-01 22:00
Modified
2024-02-15 23:00
Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen in Komponenten von Drittanbietern
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise in diversen Komponenten von Drittanbietern ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise in diversen Komponenten von Drittanbietern ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1350 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1350.json" }, { "category": "self", "summary": "WID-SEC-2023-1350 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1350" }, { "category": "external", "summary": "Splunk Enterprise Security Advisory SVD-2023-0613 vom 2023-06-01", "url": "https://advisory.splunk.com/advisories/SVD-2023-0613" }, { "category": "external", "summary": "IBM Security Bulletin 7008449 vom 2023-06-29", "url": "https://www.ibm.com/support/pages/node/7008449" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0487-1 vom 2024-02-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017931.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0486-1 vom 2024-02-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017932.html" } ], "source_lang": "en-US", "title": "Splunk Splunk Enterprise: Mehrere Schwachstellen in Komponenten von Drittanbietern", "tracking": { "current_release_date": "2024-02-15T23:00:00.000+00:00", "generator": { "date": "2024-02-16T09:06:57.360+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1350", "initial_release_date": "2023-06-01T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-01T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-29T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-01-23T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-15T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM DB2", "product": { "name": "IBM DB2", "product_id": "5104", "product_identification_helper": { "cpe": "cpe:/a:ibm:db2:-" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 8.1.14", "product": { "name": "Splunk Splunk Enterprise \u003c 8.1.14", "product_id": "T027935", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:8.1.14" } } }, { "category": "product_version_range", "name": "\u003c 8.2.11", "product": { "name": "Splunk Splunk Enterprise \u003c 8.2.11", "product_id": "T027936", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:8.2.11" } } }, { "category": "product_version_range", "name": "\u003c 9.0.5", "product": { "name": "Splunk Splunk Enterprise \u003c 9.0.5", "product_id": "T027937", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:9.0.5" } } } ], "category": "product_name", "name": "Splunk Enterprise" } ], "category": "vendor", "name": "Splunk" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-27538", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27538" }, { "cve": "CVE-2023-27537", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27537" }, { "cve": "CVE-2023-27536", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27536" }, { "cve": "CVE-2023-27535", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27535" }, { "cve": "CVE-2023-27534", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27534" }, { "cve": "CVE-2023-27533", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27533" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-23915", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23915" }, { "cve": "CVE-2023-23914", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23914" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-1370" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-0215" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-46175" }, { "cve": "CVE-2022-43680", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43680" }, { "cve": "CVE-2022-43552", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43552" }, { "cve": "CVE-2022-43551", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43551" }, { "cve": "CVE-2022-4304", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-4304" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-4200", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-4200" }, { "cve": "CVE-2022-41720", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41720" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-37616", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37616" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-33987", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-33987" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-30115", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30115" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-27782", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27782" }, { "cve": "CVE-2022-27781", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27781" }, { "cve": "CVE-2022-27780", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27780" }, { "cve": "CVE-2022-27779", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27779" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27776", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27776" }, { "cve": "CVE-2022-27775", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27775" }, { "cve": "CVE-2022-27774", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27774" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-25858", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-25858" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-24921", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24921" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-23773", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23773" }, { "cve": "CVE-2022-23772", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23772" }, { "cve": "CVE-2022-23491", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23491" }, { "cve": "CVE-2022-22576", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-22576" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-1705" }, { "cve": "CVE-2021-43565", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-43565" }, { "cve": "CVE-2021-3803", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-3803" }, { "cve": "CVE-2021-36976", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-36976" }, { "cve": "CVE-2021-3520", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-3520" }, { "cve": "CVE-2021-33587", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33587" }, { "cve": "CVE-2021-33503", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33503" }, { "cve": "CVE-2021-33502", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33502" }, { "cve": "CVE-2021-31566", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-31566" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-27292", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-27292" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-23368", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23368" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-22947", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22947" }, { "cve": "CVE-2021-22946", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22946" }, { "cve": "CVE-2021-22945", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22945" }, { "cve": "CVE-2021-22926", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22926" }, { "cve": "CVE-2021-22925", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22925" }, { "cve": "CVE-2021-22924", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22924" }, { "cve": "CVE-2021-22923", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22923" }, { "cve": "CVE-2021-22922", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22922" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-22898", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22898" }, { "cve": "CVE-2021-22897", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22897" }, { "cve": "CVE-2021-22890", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22890" }, { "cve": "CVE-2021-22876", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22876" }, { "cve": "CVE-2021-20095", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-20095" }, { "cve": "CVE-2020-8286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8286" }, { "cve": "CVE-2020-8285", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8285" }, { "cve": "CVE-2020-8284", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8284" }, { "cve": "CVE-2020-8231", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8231" }, { "cve": "CVE-2020-8203", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8203" }, { "cve": "CVE-2020-8177", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8177" }, { "cve": "CVE-2020-8169", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8169" }, { "cve": "CVE-2020-8116", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8116" }, { "cve": "CVE-2020-7774", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7774" }, { "cve": "CVE-2020-7753", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7753" }, { "cve": "CVE-2020-7662", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7662" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-15138", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-15138" }, { "cve": "CVE-2020-13822", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-13822" }, { "cve": "CVE-2019-20149", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-20149" }, { "cve": "CVE-2019-10746", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-10746" }, { "cve": "CVE-2019-10744", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-10744" }, { "cve": "CVE-2018-25032", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2018-25032" }, { "cve": "CVE-2017-16042", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2017-16042" } ] }
cve-2022-29804
Vulnerability from cvelistv5
Published
2022-08-09 00:00
Modified
2024-08-03 06:33
Severity ?
EPSS score ?
Summary
Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | path/filepath |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:33:42.804Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/401595" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/9cd1818a7d019c02fa4898b3e45a323e35033290" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/52476" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0533" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "path/filepath", "platforms": [ "windows" ], "product": "path/filepath", "programRoutines": [ { "name": "Clean" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.11", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.3", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Unrud" } ], "descriptions": [ { "lang": "en", "value": "Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-04T18:08:46.071Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/401595" }, { "url": "https://go.googlesource.com/go/+/9cd1818a7d019c02fa4898b3e45a323e35033290" }, { "url": "https://go.dev/issue/52476" }, { "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0533" } ], "title": "Path traversal via Clean on Windows in path/filepath" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-29804", "datePublished": "2022-08-09T00:00:00", "dateReserved": "2022-04-26T00:00:00", "dateUpdated": "2024-08-03T06:33:42.804Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30115
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 06:40
Severity ?
EPSS score ?
Summary
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.83.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:40:47.498Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1557449" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "[oss-security] 20221026 [SECURITY ADVISORY] CVE-2022-42916: HSTS bypass via IDN (curl)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/10/26/4" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20221221 curl: CVE-2022-43551: Another HSTS bypass via IDN", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/12/21/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.83.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-325", "description": "Missing Required Cryptographic Step (CWE-325)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-21T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1557449" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "[oss-security] 20221026 [SECURITY ADVISORY] CVE-2022-42916: HSTS bypass via IDN (curl)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/10/26/4" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20221221 curl: CVE-2022-43551: Another HSTS bypass via IDN", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/12/21/1" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-30115", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-05-02T00:00:00", "dateUpdated": "2024-08-03T06:40:47.498Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22945
Vulnerability from cvelistv5
Published
2021-09-23 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.73.0 to and including 7.78.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:26.137Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1269242" }, { "name": "FEDORA-2021-fc96a3a749", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "name": "FEDORA-2021-1d24845e93", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.73.0 to and including 7.78.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When sending data to an MQTT server, libcurl \u003c= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-415", "description": "Double Free (CWE-415)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1269242" }, { "name": "FEDORA-2021-fc96a3a749", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "name": "FEDORA-2021-1d24845e93", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22945", "datePublished": "2021-09-23T00:00:00", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:26.137Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-28469
Vulnerability from cvelistv5
Published
2021-06-03 15:15
Modified
2024-09-16 18:43
Severity ?
EPSS score ?
Summary
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
References
▼ | URL | Tags |
---|---|---|
https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905 | x_refsource_MISC | |
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092 | x_refsource_MISC | |
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093 | x_refsource_MISC | |
https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9 | x_refsource_MISC | |
https://github.com/gulpjs/glob-parent/pull/36 | x_refsource_MISC | |
https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2 | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | glob-parent |
Version: unspecified < 5.1.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T16:40:59.197Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/gulpjs/glob-parent/pull/36" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "glob-parent", "vendor": "n/a", "versions": [ { "lessThan": "5.1.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Yeting Li" } ], "datePublic": "2021-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-07T14:40:42", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/gulpjs/glob-parent/pull/36" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" } ], "title": "Regular Expression Denial of Service (ReDoS)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2021-06-03T15:14:03.687376Z", "ID": "CVE-2020-28469", "STATE": "PUBLIC", "TITLE": "Regular Expression Denial of Service (ReDoS)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "glob-parent", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "5.1.2" } ] } } ] }, "vendor_name": "n/a" } ] } }, "credit": [ { "lang": "eng", "value": "Yeting Li" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)" } ] } ] }, "references": { "reference_data": [ { "name": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" }, { "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059092" }, { "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBES128-1059093" }, { "name": "https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9", "refsource": "MISC", "url": "https://github.com/gulpjs/glob-parent/blob/6ce8d11f2f1ed8e80a9526b1dc8cf3aa71f43474/index.js%23L9" }, { "name": "https://github.com/gulpjs/glob-parent/pull/36", "refsource": "MISC", "url": "https://github.com/gulpjs/glob-parent/pull/36" }, { "name": "https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2", "refsource": "MISC", "url": "https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2020-28469", "datePublished": "2021-06-03T15:15:13.479278Z", "dateReserved": "2020-11-12T00:00:00", "dateUpdated": "2024-09-16T18:43:30.050Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-8116
Vulnerability from cvelistv5
Published
2020-02-04 19:08
Modified
2024-08-04 09:48
Severity ?
EPSS score ?
Summary
Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/719856 | x_refsource_MISC | |
https://github.com/sindresorhus/dot-prop/tree/v4 | x_refsource_MISC | |
https://github.com/advisories/GHSA-ff7x-qrg7-qggm | x_refsource_MISC | |
https://github.com/sindresorhus/dot-prop/issues/63 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:48:25.632Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/719856" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sindresorhus/dot-prop/tree/v4" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/advisories/GHSA-ff7x-qrg7-qggm" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sindresorhus/dot-prop/issues/63" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dot-prop", "vendor": "n/a", "versions": [ { "status": "affected", "version": "before 4.2.1" }, { "status": "affected", "version": "5.x before 5.1.1" }, { "status": "affected", "version": "Fixed in 5.1.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-471", "description": "Modification of Assumed-Immutable Data (MAID) (CWE-471)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-10T14:12:12", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/719856" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sindresorhus/dot-prop/tree/v4" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/advisories/GHSA-ff7x-qrg7-qggm" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sindresorhus/dot-prop/issues/63" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8116", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "dot-prop", "version": { "version_data": [ { "version_value": "before 4.2.1" }, { "version_value": "5.x before 5.1.1" }, { "version_value": "Fixed in 5.1.1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Modification of Assumed-Immutable Data (MAID) (CWE-471)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/719856", "refsource": "MISC", "url": "https://hackerone.com/reports/719856" }, { "name": "https://github.com/sindresorhus/dot-prop/tree/v4", "refsource": "MISC", "url": "https://github.com/sindresorhus/dot-prop/tree/v4" }, { "name": "https://github.com/advisories/GHSA-ff7x-qrg7-qggm", "refsource": "MISC", "url": "https://github.com/advisories/GHSA-ff7x-qrg7-qggm" }, { "name": "https://github.com/sindresorhus/dot-prop/issues/63", "refsource": "MISC", "url": "https://github.com/sindresorhus/dot-prop/issues/63" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8116", "datePublished": "2020-02-04T19:08:57", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2024-08-04T09:48:25.632Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-20095
Vulnerability from cvelistv5
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2021-06-16T15:02:01", "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable" }, "rejectedReasons": [ { "lang": "en", "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none" } ] } }, "cveMetadata": { "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "assignerShortName": "tenable", "cveId": "CVE-2021-20095", "datePublished": "2021-04-29T14:06:56", "dateRejected": "2021-06-16T15:02:01", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2021-06-16T15:02:01", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }
cve-2021-22925
Vulnerability from cvelistv5
Published
2021-08-05 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.7 to and including 7.77.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:26.060Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1223882" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "20210921 APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/Sep/40" }, { "name": "20210921 APPLE-SA-2021-09-20-7 Additional information for APPLE-SA-2021-09-13-3 macOS Big Sur 11.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/Sep/39" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT212805" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT212804" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.7 to and including 7.77.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1223882" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "20210921 APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2021/Sep/40" }, { "name": "20210921 APPLE-SA-2021-09-20-7 Additional information for APPLE-SA-2021-09-13-3 macOS Big Sur 11.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2021/Sep/39" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "url": "https://support.apple.com/kb/HT212805" }, { "url": "https://support.apple.com/kb/HT212804" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22925", "datePublished": "2021-08-05T00:00:00", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:26.060Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-25858
Vulnerability from cvelistv5
Published
2022-07-15 20:00
Modified
2024-09-16 19:45
Severity ?
EPSS score ?
Summary
The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.
References
▼ | URL | Tags |
---|---|---|
https://snyk.io/vuln/SNYK-JS-TERSER-2806366 | x_refsource_MISC | |
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949722 | x_refsource_MISC | |
https://github.com/terser/terser/blob/master/lib/compress/evaluate.js%23L135 | x_refsource_MISC | |
https://github.com/terser/terser/commit/a4da7349fdc92c05094f41d33d06d8cd4e90e76b | x_refsource_MISC | |
https://github.com/terser/terser/commit/d8cc5691be980d663c29cc4d5ce67e852d597012 | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:49:44.325Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-TERSER-2806366" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949722" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/terser/terser/blob/master/lib/compress/evaluate.js%23L135" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/terser/terser/commit/a4da7349fdc92c05094f41d33d06d8cd4e90e76b" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/terser/terser/commit/d8cc5691be980d663c29cc4d5ce67e852d597012" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "terser", "vendor": "n/a", "versions": [ { "lessThan": "4.8.1", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "unspecified", "status": "affected", "version": "5.0.0", "versionType": "custom" }, { "lessThan": "5.14.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "F\u00e1bio Santos" } ], "datePublic": "2022-07-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-15T20:00:19", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-TERSER-2806366" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949722" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/terser/terser/blob/master/lib/compress/evaluate.js%23L135" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/terser/terser/commit/a4da7349fdc92c05094f41d33d06d8cd4e90e76b" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/terser/terser/commit/d8cc5691be980d663c29cc4d5ce67e852d597012" } ], "title": "Regular Expression Denial of Service (ReDoS)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2022-07-15T20:00:10.074191Z", "ID": "CVE-2022-25858", "STATE": "PUBLIC", "TITLE": "Regular Expression Denial of Service (ReDoS)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "terser", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "4.8.1" }, { "version_affected": "\u003e=", "version_value": "5.0.0" }, { "version_affected": "\u003c", "version_value": "5.14.2" } ] } } ] }, "vendor_name": "n/a" } ] } }, "credit": [ { "lang": "eng", "value": "F\u00e1bio Santos" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)" } ] } ] }, "references": { "reference_data": [ { "name": "https://snyk.io/vuln/SNYK-JS-TERSER-2806366", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-TERSER-2806366" }, { "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949722", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949722" }, { "name": "https://github.com/terser/terser/blob/master/lib/compress/evaluate.js%23L135", "refsource": "MISC", "url": "https://github.com/terser/terser/blob/master/lib/compress/evaluate.js%23L135" }, { "name": "https://github.com/terser/terser/commit/a4da7349fdc92c05094f41d33d06d8cd4e90e76b", "refsource": "MISC", "url": "https://github.com/terser/terser/commit/a4da7349fdc92c05094f41d33d06d8cd4e90e76b" }, { "name": "https://github.com/terser/terser/commit/d8cc5691be980d663c29cc4d5ce67e852d597012", "refsource": "MISC", "url": "https://github.com/terser/terser/commit/d8cc5691be980d663c29cc4d5ce67e852d597012" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2022-25858", "datePublished": "2022-07-15T20:00:19.590096Z", "dateReserved": "2022-02-24T00:00:00", "dateUpdated": "2024-09-16T19:45:47.956Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0215
Vulnerability from cvelistv5
Published
2023-02-08 19:03
Modified
2024-08-02 05:02
Severity ?
EPSS score ?
Summary
The public API function BIO_new_NDEF is a helper function used for streaming
ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the
SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by
end user applications.
The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter
BIO onto the front of it to form a BIO chain, and then returns the new head of
the BIO chain to the caller. Under certain conditions, for example if a CMS
recipient public key is invalid, the new filter BIO is freed and the function
returns a NULL result indicating a failure. However, in this case, the BIO chain
is not properly cleaned up and the BIO passed by the caller still retains
internal pointers to the previously freed filter BIO. If the caller then goes on
to call BIO_pop() on the BIO then a use-after-free will occur. This will most
likely result in a crash.
This scenario occurs directly in the internal function B64_write_ASN1() which
may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on
the BIO. This internal function is in turn called by the public API functions
PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream,
SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7.
Other public API functions that may be impacted by this include
i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and
i2d_PKCS7_bio_stream.
The OpenSSL cms and smime command line applications are similarly affected.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:02:43.944Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "name": "3.0.8 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd" }, { "name": "1.1.1t git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344" }, { "name": "1.0.2zg patch (premium)", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230427-0009/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-08" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "lessThan": "3.0.8", "status": "affected", "version": "3.0.0", "versionType": "semver" }, { "lessThan": "1.1.1t", "status": "affected", "version": "1.1.1", "versionType": "custom" }, { "lessThan": "1.0.2zg", "status": "affected", "version": "1.0.2", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Octavio Galland (Max Planck Institute for Security and Privacy)" }, { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Marcel B\u00f6hme (Max Planck Institute for Security and Privacy)" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": "Viktor Dukhovni" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": "Matt Caswell" } ], "datePublic": "2023-02-07T00:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The public API function BIO_new_NDEF is a helper function used for streaming\u003cbr\u003eASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the\u003cbr\u003eSMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by\u003cbr\u003eend user applications.\u003cbr\u003e\u003cbr\u003eThe function receives a BIO from the caller, prepends a new BIO_f_asn1 filter\u003cbr\u003eBIO onto the front of it to form a BIO chain, and then returns the new head of\u003cbr\u003ethe BIO chain to the caller. Under certain conditions, for example if a CMS\u003cbr\u003erecipient public key is invalid, the new filter BIO is freed and the function\u003cbr\u003ereturns a NULL result indicating a failure. However, in this case, the BIO chain\u003cbr\u003eis not properly cleaned up and the BIO passed by the caller still retains\u003cbr\u003einternal pointers to the previously freed filter BIO. If the caller then goes on\u003cbr\u003eto call BIO_pop() on the BIO then a use-after-free will occur. This will most\u003cbr\u003elikely result in a crash.\u003cbr\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis scenario occurs directly in the internal function B64_write_ASN1() which\u003cbr\u003emay cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on\u003cbr\u003ethe BIO. This internal function is in turn called by the public API functions\u003cbr\u003ePEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream,\u003cbr\u003eSMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7.\u003cbr\u003e\u003cbr\u003eOther public API functions that may be impacted by this include\u003cbr\u003ei2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and\u003cbr\u003ei2d_PKCS7_bio_stream.\u003cbr\u003e\u003cbr\u003eThe OpenSSL cms and smime command line applications are similarly affected.\u003cbr\u003e\u003cbr\u003e\u003c/div\u003e" } ], "value": "The public API function BIO_new_NDEF is a helper function used for streaming\nASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the\nSMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by\nend user applications.\n\nThe function receives a BIO from the caller, prepends a new BIO_f_asn1 filter\nBIO onto the front of it to form a BIO chain, and then returns the new head of\nthe BIO chain to the caller. Under certain conditions, for example if a CMS\nrecipient public key is invalid, the new filter BIO is freed and the function\nreturns a NULL result indicating a failure. However, in this case, the BIO chain\nis not properly cleaned up and the BIO passed by the caller still retains\ninternal pointers to the previously freed filter BIO. If the caller then goes on\nto call BIO_pop() on the BIO then a use-after-free will occur. This will most\nlikely result in a crash.\n\n\n\nThis scenario occurs directly in the internal function B64_write_ASN1() which\nmay cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on\nthe BIO. This internal function is in turn called by the public API functions\nPEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream,\nSMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7.\n\nOther public API functions that may be impacted by this include\ni2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and\ni2d_PKCS7_bio_stream.\n\nThe OpenSSL cms and smime command line applications are similarly affected.\n\n\n\n" } ], "metrics": [ { "format": "other", "other": { "content": { "text": "Moderate" }, "type": "https://www.openssl.org/policies/secpolicy.html" } } ], "problemTypes": [ { "descriptions": [ { "description": "use-after-free", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-24T14:43:53.180Z", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "name": "3.0.8 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd" }, { "name": "1.1.1t git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c3829dd8825c654652201e16f8a0a0c46ee3f344" }, { "name": "1.0.2zg patch (premium)", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9816136fe31d92ace4037d5da5257f763aeeb4eb" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0009/" }, { "url": "https://security.gentoo.org/glsa/202402-08" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "source": { "discovery": "UNKNOWN" }, "title": "Use-after-free following BIO_new_NDEF", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2023-0215", "datePublished": "2023-02-08T19:03:28.691Z", "dateReserved": "2023-01-11T11:59:16.647Z", "dateUpdated": "2024-08-02T05:02:43.944Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-16042
Vulnerability from cvelistv5
Published
2018-06-04 19:00
Modified
2024-09-16 17:08
Severity ?
EPSS score ?
Summary
Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.
References
▼ | URL | Tags |
---|---|---|
https://nodesecurity.io/advisories/146 | x_refsource_MISC | |
https://github.com/tj/node-growl/pull/61 | x_refsource_MISC | |
https://github.com/tj/node-growl/issues/60 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | HackerOne | growl node module |
Version: <1.10.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T20:13:06.816Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://nodesecurity.io/advisories/146" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tj/node-growl/pull/61" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tj/node-growl/issues/60" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "growl node module", "vendor": "HackerOne", "versions": [ { "status": "affected", "version": "\u003c1.10.2" } ] } ], "datePublic": "2018-04-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-94", "description": "Code Injection (CWE-94)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-06-04T18:57:01", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://nodesecurity.io/advisories/146" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tj/node-growl/pull/61" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tj/node-growl/issues/60" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "DATE_PUBLIC": "2018-04-26T00:00:00", "ID": "CVE-2017-16042", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "growl node module", "version": { "version_data": [ { "version_value": "\u003c1.10.2" } ] } } ] }, "vendor_name": "HackerOne" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Code Injection (CWE-94)" } ] } ] }, "references": { "reference_data": [ { "name": "https://nodesecurity.io/advisories/146", "refsource": "MISC", "url": "https://nodesecurity.io/advisories/146" }, { "name": "https://github.com/tj/node-growl/pull/61", "refsource": "MISC", "url": "https://github.com/tj/node-growl/pull/61" }, { "name": "https://github.com/tj/node-growl/issues/60", "refsource": "MISC", "url": "https://github.com/tj/node-growl/issues/60" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2017-16042", "datePublished": "2018-06-04T19:00:00Z", "dateReserved": "2017-10-29T00:00:00", "dateUpdated": "2024-09-16T17:08:21.801Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-8285
Vulnerability from cvelistv5
Published
2020-12-14 19:39
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: libcurl 7.21.0 to and including 7.73.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:56:28.307Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1045844" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/curl/curl/issues/6255" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2020-8285.html" }, { "name": "FEDORA-2020-ceaf490686", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212325" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212326" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212327" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "libcurl 7.21.0 to and including 7.73.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "Uncontrolled Recursion (CWE-674)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:23:28", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1045844" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/curl/curl/issues/6255" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2020-8285.html" }, { "name": "FEDORA-2020-ceaf490686", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212325" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212326" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212327" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8285", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "libcurl 7.21.0 to and including 7.73.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Uncontrolled Recursion (CWE-674)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1045844", "refsource": "MISC", "url": "https://hackerone.com/reports/1045844" }, { "name": "https://github.com/curl/curl/issues/6255", "refsource": "MISC", "url": "https://github.com/curl/curl/issues/6255" }, { "name": "https://curl.se/docs/CVE-2020-8285.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2020-8285.html" }, { "name": "FEDORA-2020-ceaf490686", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210122-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "name": "https://support.apple.com/kb/HT212325", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212325" }, { "name": "https://support.apple.com/kb/HT212326", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212326" }, { "name": "https://support.apple.com/kb/HT212327", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212327" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8285", "datePublished": "2020-12-14T19:39:04", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2024-08-04T09:56:28.307Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2879
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | archive/tar |
Version: 0 ≤ Version: 1.19.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.498Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/54853" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/439355" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-1037" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "archive/tar", "product": "archive/tar", "programRoutines": [ { "name": "Reader.next" }, { "name": "parsePAX" }, { "name": "Writer.writePAXHeader" }, { "name": "Reader.Next" }, { "name": "Writer.WriteHeader" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.18.7", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.19.2", "status": "affected", "version": "1.19.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Adam Korczynski (ADA Logics)" }, { "lang": "en", "value": "OSS-Fuzz" } ], "descriptions": [ { "lang": "en", "value": "Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE 400: Uncontrolled Resource Consumption", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:05:28.975Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/54853" }, { "url": "https://go.dev/cl/439355" }, { "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU" }, { "url": "https://pkg.go.dev/vuln/GO-2022-1037" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Unbounded memory consumption when reading headers in archive/tar" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-2879", "datePublished": "2022-10-14T00:00:00", "dateReserved": "2022-08-17T00:00:00", "dateUpdated": "2024-08-03T00:52:59.498Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22576
Vulnerability from cvelistv5
Published
2022-05-26 00:00
Modified
2024-08-03 03:14
Severity ?
EPSS score ?
Summary
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in curl 7.83.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.806Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1526328" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in curl 7.83.0" } ] } ], "descriptions": [ { "lang": "en", "value": "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only)." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-287", "description": "Improper Authentication - Generic (CWE-287)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1526328" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-22576", "datePublished": "2022-05-26T00:00:00", "dateReserved": "2022-01-04T00:00:00", "dateUpdated": "2024-08-03T03:14:55.806Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23491
Vulnerability from cvelistv5
Published
2022-12-07 21:15
Modified
2024-08-03 03:43
Severity ?
EPSS score ?
Summary
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.
References
▼ | URL | Tags |
---|---|---|
https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8 | x_refsource_CONFIRM | |
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | certifi | python-certifi |
Version: < 2022.12.07 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:43:46.116Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20230223-0010/" }, { "name": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8" }, { "name": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "python-certifi", "vendor": "certifi", "versions": [ { "status": "affected", "version": "\u003c 2022.12.07" } ] } ], "descriptions": [ { "lang": "en", "value": "Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from \"TrustCor\" from the root store. These are in the process of being removed from Mozilla\u0027s trust store. TrustCor\u0027s root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor\u0027s ownership also operated a business that produced spyware. Conclusions of Mozilla\u0027s investigation can be found in the linked google group discussion." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-345", "description": "CWE-345: Insufficient Verification of Data Authenticity", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-07T21:15:53.804Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8" }, { "name": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ", "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ" } ], "source": { "advisory": "GHSA-43fp-rhv2-5gv8", "discovery": "UNKNOWN" }, "title": "Removal of TrustCor root certificate" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-23491", "datePublished": "2022-12-07T21:15:53.804Z", "dateReserved": "2022-01-19T21:23:53.763Z", "dateUpdated": "2024-08-03T03:43:46.116Z", "requesterUserId": "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1962
Vulnerability from cvelistv5
Published
2022-08-09 20:18
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | go/parser |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:43.737Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/417063" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53616" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0515" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "go/parser", "product": "go/parser", "programRoutines": [ { "name": "ParseFile" }, { "name": "ParseExprFrom" }, { "name": "parser.tryIdentOrType" }, { "name": "parser.parsePrimaryExpr" }, { "name": "parser.parseUnaryExpr" }, { "name": "parser.parseBinaryExpr" }, { "name": "parser.parseIfStmt" }, { "name": "parser.parseStmt" }, { "name": "resolver.openScope" }, { "name": "resolver.closeScope" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Juho Nurminen of Mattermost" } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-674: Uncontrolled Recursion", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:29.406Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/417063" }, { "url": "https://go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879" }, { "url": "https://go.dev/issue/53616" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0515" } ], "title": "Stack exhaustion due to deeply nested types in go/parser" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-1962", "datePublished": "2022-08-09T20:18:18", "dateReserved": "2022-05-31T00:00:00", "dateUpdated": "2024-08-03T00:24:43.737Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-28327
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 05:48
Severity ?
EPSS score ?
Summary
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:48:38.092Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "FEDORA-2022-a49babed75", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/" }, { "name": "FEDORA-2022-53f0c619c5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/" }, { "name": "FEDORA-2022-c0f780ecf1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/" }, { "name": "FEDORA-2022-e46e6e8317", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0010/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-14T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/g/golang-announce" }, { "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "FEDORA-2022-a49babed75", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/" }, { "name": "FEDORA-2022-53f0c619c5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/" }, { "name": "FEDORA-2022-c0f780ecf1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/" }, { "name": "FEDORA-2022-e46e6e8317", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0010/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-28327", "datePublished": "2022-04-20T00:00:00", "dateReserved": "2022-04-01T00:00:00", "dateUpdated": "2024-08-03T05:48:38.092Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35252
Vulnerability from cvelistv5
Published
2022-09-23 00:00
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in curl 7.85.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:29:17.455Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1613943" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220930-0005/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213603" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213604" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/21" }, { "name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in curl 7.85.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "Improper Input Validation (CWE-20)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-28T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1613943" }, { "url": "https://security.netapp.com/advisory/ntap-20220930-0005/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "url": "https://support.apple.com/kb/HT213603" }, { "url": "https://support.apple.com/kb/HT213604" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/21" }, { "name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-35252", "datePublished": "2022-09-23T00:00:00", "dateReserved": "2022-07-06T00:00:00", "dateUpdated": "2024-08-03T09:29:17.455Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-36227
Vulnerability from cvelistv5
Published
2022-11-22 00:00
Modified
2024-08-03 10:00
Severity ?
EPSS score ?
Summary
In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:00:04.305Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/libarchive/libarchive/issues/1754" }, { "tags": [ "x_transferred" ], "url": "https://bugs.gentoo.org/882521" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libarchive/libarchive/blob/v3.0.0a/libarchive/archive_write.c#L215" }, { "name": "FEDORA-2022-e15be0091f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V67OO2UUQAUJS3IK4JZPF6F3LUCBU6IS/" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3294-1] libarchive security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00034.html" }, { "name": "GLSA-202309-14", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-14" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: \"In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-29T16:06:28.926333", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/libarchive/libarchive/issues/1754" }, { "url": "https://bugs.gentoo.org/882521" }, { "url": "https://github.com/libarchive/libarchive/blob/v3.0.0a/libarchive/archive_write.c#L215" }, { "name": "FEDORA-2022-e15be0091f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V67OO2UUQAUJS3IK4JZPF6F3LUCBU6IS/" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3294-1] libarchive security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00034.html" }, { "name": "GLSA-202309-14", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202309-14" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-36227", "datePublished": "2022-11-22T00:00:00", "dateReserved": "2022-07-18T00:00:00", "dateUpdated": "2024-08-03T10:00:04.305Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37601
Vulnerability from cvelistv5
Published
2022-10-12 00:00
Modified
2024-10-28 19:41
Severity ?
EPSS score ?
Summary
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:21.030Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/parseQuery.js#L11" }, { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/parseQuery.js#L47" }, { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/issues/212" }, { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/issues/212#issuecomment-1319192884" }, { "tags": [ "x_transferred" ], "url": "https://dl.acm.org/doi/abs/10.1145/3488932.3497769" }, { "tags": [ "x_transferred" ], "url": "https://dl.acm.org/doi/pdf/10.1145/3488932.3497769" }, { "tags": [ "x_transferred" ], "url": "http://users.encs.concordia.ca/~mmannan/publications/JS-vulnerability-aisaccs2022.pdf" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826" }, { "name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3258-1] node-loader-utils security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00044.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-37601", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-28T19:39:00.731353Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-28T19:41:38.297Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-10T15:59:24.822577", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/parseQuery.js#L11" }, { "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/parseQuery.js#L47" }, { "url": "https://github.com/webpack/loader-utils/issues/212" }, { "url": "https://github.com/webpack/loader-utils/issues/212#issuecomment-1319192884" }, { "url": "https://dl.acm.org/doi/abs/10.1145/3488932.3497769" }, { "url": "https://dl.acm.org/doi/pdf/10.1145/3488932.3497769" }, { "url": "http://users.encs.concordia.ca/~mmannan/publications/JS-vulnerability-aisaccs2022.pdf" }, { "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826" }, { "name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3258-1] node-loader-utils security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00044.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37601", "datePublished": "2022-10-12T00:00:00", "dateReserved": "2022-08-08T00:00:00", "dateUpdated": "2024-10-28T19:41:38.297Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42916
Vulnerability from cvelistv5
Published
2022-10-29 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:19:05.420Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://curl.se/docs/CVE-2022-42916.html" }, { "name": "FEDORA-2022-01ffde372c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/" }, { "name": "FEDORA-2022-39688a779d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/" }, { "name": "FEDORA-2022-e9d65906c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221209-0010/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20221221 curl: CVE-2022-43551: Another HSTS bypass via IDN", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/12/21/1" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213604" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-24T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://curl.se/docs/CVE-2022-42916.html" }, { "name": "FEDORA-2022-01ffde372c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/" }, { "name": "FEDORA-2022-39688a779d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/" }, { "name": "FEDORA-2022-e9d65906c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/" }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0010/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20221221 curl: CVE-2022-43551: Another HSTS bypass via IDN", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/12/21/1" }, { "url": "https://support.apple.com/kb/HT213604" }, { "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-42916", "datePublished": "2022-10-29T00:00:00", "dateReserved": "2022-10-13T00:00:00", "dateUpdated": "2024-08-03T13:19:05.420Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-13822
Vulnerability from cvelistv5
Published
2020-06-04 14:01
Modified
2024-08-04 12:25
Severity ?
EPSS score ?
Summary
The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.
References
▼ | URL | Tags |
---|---|---|
https://www.npmjs.com/package/elliptic | x_refsource_MISC | |
https://github.com/indutny/elliptic/issues/226 | x_refsource_MISC | |
https://yondon.blog/2019/01/01/how-not-to-use-ecdsa/ | x_refsource_MISC | |
https://medium.com/%40herman_10687/malleability-attack-why-it-matters-7b5f59fb99a4 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T12:25:16.506Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.npmjs.com/package/elliptic" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/indutny/elliptic/issues/226" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://yondon.blog/2019/01/01/how-not-to-use-ecdsa/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://medium.com/%40herman_10687/malleability-attack-why-it-matters-7b5f59fb99a4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading \u0027\\0\u0027 bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-06-04T14:01:53", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.npmjs.com/package/elliptic" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/indutny/elliptic/issues/226" }, { "tags": [ "x_refsource_MISC" ], "url": "https://yondon.blog/2019/01/01/how-not-to-use-ecdsa/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://medium.com/%40herman_10687/malleability-attack-why-it-matters-7b5f59fb99a4" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13822", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading \u0027\\0\u0027 bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.npmjs.com/package/elliptic", "refsource": "MISC", "url": "https://www.npmjs.com/package/elliptic" }, { "name": "https://github.com/indutny/elliptic/issues/226", "refsource": "MISC", "url": "https://github.com/indutny/elliptic/issues/226" }, { "name": "https://yondon.blog/2019/01/01/how-not-to-use-ecdsa/", "refsource": "MISC", "url": "https://yondon.blog/2019/01/01/how-not-to-use-ecdsa/" }, { "name": "https://medium.com/@herman_10687/malleability-attack-why-it-matters-7b5f59fb99a4", "refsource": "MISC", "url": "https://medium.com/@herman_10687/malleability-attack-why-it-matters-7b5f59fb99a4" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13822", "datePublished": "2020-06-04T14:01:53", "dateReserved": "2020-06-04T00:00:00", "dateUpdated": "2024-08-04T12:25:16.506Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38900
Vulnerability from cvelistv5
Published
2022-11-28 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T11:02:14.671Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "tags": [ "x_transferred" ], "url": "https://github.com/sindresorhus/query-string/issues/345" }, { "name": "FEDORA-2023-86d75130fe", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/" }, { "name": "FEDORA-2023-a4f0b29f6c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/" }, { "name": "FEDORA-2023-2e38c3756f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/" }, { "name": "FEDORA-2023-ae96dd6105", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QABOUA2I542UTANVZIVFKWMRYVHLV32D/" }, { "name": "FEDORA-2023-b86fd9ad80", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW4SCMT3SEUFVIL7YIADQ5K36GJEO6I5/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-01T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "url": "https://github.com/sindresorhus/query-string/issues/345" }, { "name": "FEDORA-2023-86d75130fe", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/" }, { "name": "FEDORA-2023-a4f0b29f6c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/" }, { "name": "FEDORA-2023-2e38c3756f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/" }, { "name": "FEDORA-2023-ae96dd6105", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QABOUA2I542UTANVZIVFKWMRYVHLV32D/" }, { "name": "FEDORA-2023-b86fd9ad80", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW4SCMT3SEUFVIL7YIADQ5K36GJEO6I5/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-38900", "datePublished": "2022-11-28T00:00:00", "dateReserved": "2022-08-29T00:00:00", "dateUpdated": "2024-08-03T11:02:14.671Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37434
Vulnerability from cvelistv5
Published
2022-08-05 00:00
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:21.032Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/ivd38/zlib_overflow" }, { "tags": [ "x_transferred" ], "url": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063" }, { "tags": [ "x_transferred" ], "url": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764" }, { "name": "[oss-security] 20220805 zlib buffer overflow", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/08/05/2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/curl/curl/issues/9271" }, { "name": "[oss-security] 20220808 Re: zlib buffer overflow", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/08/09/1" }, { "name": "FEDORA-2022-25e4dbedf9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/" }, { "name": "DSA-5218", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5218" }, { "name": "FEDORA-2022-15da0cf165", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220901-0005/" }, { "name": "FEDORA-2022-b8232d1cca", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/" }, { "name": "[debian-lts-announce] 20220912 [SECURITY] [DLA 3103-1] zlib security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html" }, { "name": "FEDORA-2022-3c28ae0cd8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/" }, { "name": "FEDORA-2022-0b517a5397", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213489" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213494" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213493" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213491" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213490" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/38" }, { "name": "20221030 APPLE-SA-2022-10-27-1 iOS 15.7.1 and iPadOS 15.7.1", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/37" }, { "name": "20221030 APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/42" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "unknown", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-30T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/ivd38/zlib_overflow" }, { "url": "https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1" }, { "url": "https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063" }, { "url": "https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764" }, { "name": "[oss-security] 20220805 zlib buffer overflow", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/08/05/2" }, { "url": "https://github.com/curl/curl/issues/9271" }, { "name": "[oss-security] 20220808 Re: zlib buffer overflow", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/08/09/1" }, { "name": "FEDORA-2022-25e4dbedf9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/" }, { "name": "DSA-5218", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5218" }, { "name": "FEDORA-2022-15da0cf165", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/" }, { "url": "https://security.netapp.com/advisory/ntap-20220901-0005/" }, { "name": "FEDORA-2022-b8232d1cca", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/" }, { "name": "[debian-lts-announce] 20220912 [SECURITY] [DLA 3103-1] zlib security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html" }, { "name": "FEDORA-2022-3c28ae0cd8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/" }, { "name": "FEDORA-2022-0b517a5397", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/" }, { "url": "https://support.apple.com/kb/HT213489" }, { "url": "https://support.apple.com/kb/HT213488" }, { "url": "https://support.apple.com/kb/HT213494" }, { "url": "https://support.apple.com/kb/HT213493" }, { "url": "https://support.apple.com/kb/HT213491" }, { "url": "https://support.apple.com/kb/HT213490" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/38" }, { "name": "20221030 APPLE-SA-2022-10-27-1 iOS 15.7.1 and iPadOS 15.7.1", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/37" }, { "name": "20221030 APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/42" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37434", "datePublished": "2022-08-05T00:00:00", "dateReserved": "2022-08-05T00:00:00", "dateUpdated": "2024-08-03T10:29:21.032Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30630
Vulnerability from cvelistv5
Published
2022-08-09 20:17
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | io/fs |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:12.871Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/417065" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53415" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0527" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "io/fs", "product": "io/fs", "programRoutines": [ { "name": "Glob" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-674: Uncontrolled Recursion", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:48.349Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/417065" }, { "url": "https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59" }, { "url": "https://go.dev/issue/53415" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0527" } ], "title": "Stack exhaustion in Glob on certain paths in io/fs" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30630", "datePublished": "2022-08-09T20:17:15", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:12.871Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-36976
Vulnerability from cvelistv5
Published
2021-07-20 06:49
Modified
2024-08-04 01:09
Severity ?
EPSS score ?
Summary
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
References
▼ | URL | Tags |
---|---|---|
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml | x_refsource_MISC | |
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SE5NJQNM22ZE5Z55LPAGCUHSBQZBKMKC/ | vendor-advisory, x_refsource_FEDORA | |
https://support.apple.com/kb/HT213183 | x_refsource_CONFIRM | |
https://support.apple.com/kb/HT213182 | x_refsource_CONFIRM | |
https://support.apple.com/kb/HT213193 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Mar/28 | mailing-list, x_refsource_FULLDISC | |
http://seclists.org/fulldisclosure/2022/Mar/29 | mailing-list, x_refsource_FULLDISC | |
http://seclists.org/fulldisclosure/2022/Mar/27 | mailing-list, x_refsource_FULLDISC | |
https://security.gentoo.org/glsa/202208-26 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:09:07.301Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375" }, { "name": "FEDORA-2022-9bb794c5f5", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SE5NJQNM22ZE5Z55LPAGCUHSBQZBKMKC/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213182" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213193" }, { "name": "20220314 APPLE-SA-2022-03-14-2 watchOS 8.5", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/28" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "20220314 APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/27" }, { "name": "GLSA-202208-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-26" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-14T19:07:49", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375" }, { "name": "FEDORA-2022-9bb794c5f5", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SE5NJQNM22ZE5Z55LPAGCUHSBQZBKMKC/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213182" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213193" }, { "name": "20220314 APPLE-SA-2022-03-14-2 watchOS 8.5", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/28" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "20220314 APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/27" }, { "name": "GLSA-202208-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-26" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-36976", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml", "refsource": "MISC", "url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml" }, { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375" }, { "name": "FEDORA-2022-9bb794c5f5", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SE5NJQNM22ZE5Z55LPAGCUHSBQZBKMKC/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "https://support.apple.com/kb/HT213182", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213182" }, { "name": "https://support.apple.com/kb/HT213193", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213193" }, { "name": "20220314 APPLE-SA-2022-03-14-2 watchOS 8.5", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/28" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "20220314 APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/27" }, { "name": "GLSA-202208-26", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-26" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-36976", "datePublished": "2021-07-20T06:49:15", "dateReserved": "2021-07-20T00:00:00", "dateUpdated": "2024-08-04T01:09:07.301Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23806
Vulnerability from cvelistv5
Published
2022-02-11 00:00
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:51:45.994Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0006/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-19T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ" }, { "url": "https://security.netapp.com/advisory/ntap-20220225-0006/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-23806", "datePublished": "2022-02-11T00:00:00", "dateReserved": "2022-01-21T00:00:00", "dateUpdated": "2024-08-03T03:51:45.994Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22923
Vulnerability from cvelistv5
Published
2021-08-05 00:00
Modified
2024-11-19 14:25
Severity ?
EPSS score ?
Summary
When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.27.0 to and including 7.77.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:26.153Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1213181" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-22923", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T14:25:07.338932Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T14:25:24.567Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.27.0 to and including 7.77.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user\u0027s expectations and intentions and without telling the user it happened." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "Cleartext Transmission of Sensitive Information (CWE-319)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1213181" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22923", "datePublished": "2021-08-05T00:00:00", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-11-19T14:25:24.567Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-8169
Vulnerability from cvelistv5
Published
2020-12-14 19:41
Modified
2024-08-04 09:48
Severity ?
EPSS score ?
Summary
curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/874778 | x_refsource_MISC | |
https://curl.se/docs/CVE-2020-8169.html | x_refsource_MISC | |
https://www.debian.org/security/2021/dsa-4881 | vendor-advisory, x_refsource_DEBIAN | |
https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: libcurl 7.62.0 to and including 7.70.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:48:25.642Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/874778" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2020-8169.html" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "libcurl 7.62.0 to and including 7.70.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s)." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-08T14:07:55", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/874778" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2020-8169.html" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8169", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "libcurl 7.62.0 to and including 7.70.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure (CWE-200)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/874778", "refsource": "MISC", "url": "https://hackerone.com/reports/874778" }, { "name": "https://curl.se/docs/CVE-2020-8169.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2020-8169.html" }, { "name": "DSA-4881", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8169", "datePublished": "2020-12-14T19:41:54", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2024-08-04T09:48:25.642Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27780
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-07 19:09
Severity ?
EPSS score ?
Summary
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.83.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:32:59.992Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1553841" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "curl", "vendor": "haxx", "versions": [ { "lessThan": "7.86.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_storage_node:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "solidfire_\\\u0026_hci_storage_node", "vendor": "netapp", "versions": [ { "status": "affected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:a:netapp:ontap_9:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ontap_9", "vendor": "netapp", "versions": [ { "status": "affected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "solidfire_\\\u0026_hci_management_node", "vendor": "netapp", "versions": [ { "status": "affected", "version": "h300s" }, { "status": "affected", "version": "h410s" }, { "status": "affected", "version": "h500s" }, { "status": "affected", "version": "h700s" } ] }, { "cpes": [ "cpe:2.3:o:netapp:hci_bootstrap_os:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "hci_bootstrap_os", "vendor": "netapp", "versions": [ { "status": "affected", "version": "0" } ] }, { "cpes": [ "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_management_node:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "solidfire_\\\u0026_hci_management_node", "vendor": "netapp", "versions": [ { "status": "affected", "version": "0" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2022-27780", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-26T20:10:43.314256Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-07T19:09:34.290Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.83.1" } ] } ], "descriptions": [ { "lang": "en", "value": "The curl URL parser wrongly accepts percent-encoded URL separators like \u0027/\u0027when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-177", "description": "Improper Handling of URL Encoding (Hex Encoding) (CWE-177)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1553841" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-27780", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-07T19:09:34.290Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42004
Vulnerability from cvelistv5
Published
2022-10-02 00:00
Modified
2024-08-03 12:56
Severity ?
EPSS score ?
Summary
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:56:39.182Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/FasterXML/jackson-databind/issues/3582" }, { "tags": [ "x_transferred" ], "url": "https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88" }, { "tags": [ "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490" }, { "name": "GLSA-202210-21", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-21" }, { "name": "DSA-5283", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5283" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221118-0008/" }, { "name": "[debian-lts-announce] 20221127 [SECURITY] [DLA 3207-1] jackson-databind security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-27T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/FasterXML/jackson-databind/issues/3582" }, { "url": "https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88" }, { "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490" }, { "name": "GLSA-202210-21", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-21" }, { "name": "DSA-5283", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5283" }, { "url": "https://security.netapp.com/advisory/ntap-20221118-0008/" }, { "name": "[debian-lts-announce] 20221127 [SECURITY] [DLA 3207-1] jackson-databind security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-42004", "datePublished": "2022-10-02T00:00:00", "dateReserved": "2022-10-02T00:00:00", "dateUpdated": "2024-08-03T12:56:39.182Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3803
Vulnerability from cvelistv5
Published
2021-09-17 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
nth-check is vulnerable to Inefficient Regular Expression Complexity
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | fb55 | fb55/nth-check |
Version: unspecified < 2.0.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.622Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0" }, { "tags": [ "x_transferred" ], "url": "https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726" }, { "name": "[debian-lts-announce] 20230522 [SECURITY] [DLA 3428-1] node-nth-check security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "fb55/nth-check", "vendor": "fb55", "versions": [ { "lessThan": "2.0.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "nth-check is vulnerable to Inefficient Regular Expression Complexity" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1333", "description": "CWE-1333 Inefficient Regular Expression Complexity", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-22T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0" }, { "url": "https://github.com/fb55/nth-check/commit/9894c1d2010870c351f66c6f6efcf656e26bb726" }, { "name": "[debian-lts-announce] 20230522 [SECURITY] [DLA 3428-1] node-nth-check security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00023.html" } ], "source": { "advisory": "8cf8cc06-d2cf-4b4e-b42c-99fafb0b04d0", "discovery": "EXTERNAL" }, "title": "Inefficient Regular Expression Complexity in fb55/nth-check" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3803", "datePublished": "2021-09-17T00:00:00", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2024-08-03T17:09:08.622Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2880
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | net/http/httputil |
Version: 0 ≤ Version: 1.19.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.582Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/54663" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/432976" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-1038" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "net/http/httputil", "product": "net/http/httputil", "programRoutines": [ { "name": "ReverseProxy.ServeHTTP" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.18.7", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.19.2", "status": "affected", "version": "1.19.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Gal Goldstein (Security Researcher, Oxeye)" }, { "lang": "en", "value": "Daniel Abeles (Head of Research, Oxeye)" } ], "descriptions": [ { "lang": "en", "value": "Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-444: Inconsistent Interpretation of HTTP Requests", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:12:40.079Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/54663" }, { "url": "https://go.dev/cl/432976" }, { "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU" }, { "url": "https://pkg.go.dev/vuln/GO-2022-1038" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Incorrect sanitization of forwarded query parameters in net/http/httputil" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-2880", "datePublished": "2022-10-14T00:00:00", "dateReserved": "2022-08-17T00:00:00", "dateUpdated": "2024-08-03T00:52:59.582Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41716
Vulnerability from cvelistv5
Published
2022-11-02 15:28
Modified
2024-10-30 13:59
Severity ?
EPSS score ?
Summary
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" sets the variables "A=B" and "C=D".
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Go standard library | syscall |
Version: 0 ≤ Version: 1.19.0-0 ≤ |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:49:43.904Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20230120-0007/" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/56284" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/446916" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM/m/hSpmRzk-AgAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-1095" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2022-41716", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-01T14:02:04.861393Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-30T13:59:43.967Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "syscall", "platforms": [ "windows" ], "product": "syscall", "programRoutines": [ { "name": "StartProcess" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.18.8", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.19.3", "status": "affected", "version": "1.19.0-0", "versionType": "semver" } ] }, { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "os/exec", "platforms": [ "windows" ], "product": "os/exec", "programRoutines": [ { "name": "Cmd.environ" }, { "name": "dedupEnv" }, { "name": "dedupEnvCase" }, { "name": "Cmd.CombinedOutput" }, { "name": "Cmd.Environ" }, { "name": "Cmd.Output" }, { "name": "Cmd.Run" }, { "name": "Cmd.Start" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.18.8", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.19.3", "status": "affected", "version": "1.19.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "RyotaK (https://twitter.com/ryotkak)" } ], "descriptions": [ { "lang": "en", "value": "Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string \"A=B\\x00C=D\" sets the variables \"A=B\" and \"C=D\"." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-158: Improper Neutralization of Null Byte or NUL Character", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:12:49.198Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/56284" }, { "url": "https://go.dev/cl/446916" }, { "url": "https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM/m/hSpmRzk-AgAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2022-1095" } ], "title": "Unsanitized NUL in environment variables on Windows in syscall and os/exec" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-41716", "datePublished": "2022-11-02T15:28:19.574Z", "dateReserved": "2022-09-28T17:00:06.607Z", "dateUpdated": "2024-10-30T13:59:43.967Z", "requesterUserId": "7d08541a-cd0a-42e2-8f81-76e6ceb65fc3", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30634
Vulnerability from cvelistv5
Published
2022-07-15 19:36
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/rand |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:13.255Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/402257" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/bb1f4416180511231de6d17a1f2f55c82aafc863" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/52561" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0477" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/rand", "platforms": [ "windows" ], "product": "crypto/rand", "programRoutines": [ { "name": "Read" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.11", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.3", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Davis Goodin" }, { "lang": "en", "value": "Quim Muntal of Microsoft" } ], "descriptions": [ { "lang": "en", "value": "Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 \u003c\u003c 32 - 1 bytes." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:27.361Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/402257" }, { "url": "https://go.googlesource.com/go/+/bb1f4416180511231de6d17a1f2f55c82aafc863" }, { "url": "https://go.dev/issue/52561" }, { "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0477" } ], "title": "Indefinite hang with large buffers on Windows in crypto/rand" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30634", "datePublished": "2022-07-15T19:36:19", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:13.255Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3517
Vulnerability from cvelistv5
Published
2022-10-17 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:02.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6" }, { "tags": [ "x_transferred" ], "url": "https://github.com/grafana/grafana-image-renderer/issues/329" }, { "name": "[debian-lts-announce] 20230115 [SECURITY] [DLA 3271-1] node-minimatch security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html" }, { "name": "FEDORA-2023-ce8943223c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/" }, { "name": "FEDORA-2023-18fd476362", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "minimatch", "vendor": "n/a", "versions": [ { "status": "affected", "version": "minimatch versions prior to 3.0.5" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-21T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6" }, { "url": "https://github.com/grafana/grafana-image-renderer/issues/329" }, { "name": "[debian-lts-announce] 20230115 [SECURITY] [DLA 3271-1] node-minimatch security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00011.html" }, { "name": "FEDORA-2023-ce8943223c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/" }, { "name": "FEDORA-2023-18fd476362", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-3517", "datePublished": "2022-10-17T00:00:00", "dateReserved": "2022-10-14T00:00:00", "dateUpdated": "2024-08-03T01:14:02.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-27538
Vulnerability from cvelistv5
Published
2023-03-30 00:00
Modified
2024-08-02 12:16
Severity ?
EPSS score ?
Summary
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:16:35.616Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1898475" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.0.0" } ] } ], "descriptions": [ { "lang": "en", "value": "An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-305", "description": "Authentication Bypass by Primary Weakness (CWE-305)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:34.473900", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1898475" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-27538", "datePublished": "2023-03-30T00:00:00", "dateReserved": "2023-03-02T00:00:00", "dateUpdated": "2024-08-02T12:16:35.616Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-8284
Vulnerability from cvelistv5
Published
2020-12-14 19:38
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: 7.73.0 and earlier |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:56:28.316Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1040166" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2020-8284.html" }, { "name": "FEDORA-2020-ceaf490686", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212325" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212326" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212327" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "7.73.0 and earlier" } ] } ], "descriptions": [ { "lang": "en", "value": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:23:26", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1040166" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2020-8284.html" }, { "name": "FEDORA-2020-ceaf490686", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212325" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212326" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212327" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8284", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "7.73.0 and earlier" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure (CWE-200)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1040166", "refsource": "MISC", "url": "https://hackerone.com/reports/1040166" }, { "name": "https://curl.se/docs/CVE-2020-8284.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2020-8284.html" }, { "name": "FEDORA-2020-ceaf490686", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210122-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "name": "https://support.apple.com/kb/HT212325", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212325" }, { "name": "https://support.apple.com/kb/HT212326", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212326" }, { "name": "https://support.apple.com/kb/HT212327", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212327" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8284", "datePublished": "2020-12-14T19:38:26", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2024-08-04T09:56:28.316Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22898
Vulnerability from cvelistv5
Published
2021-06-11 15:49
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: 7.7 through 7.76.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:25.359Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1176461" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2021-22898.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde" }, { "name": "[guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans.", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "[oss-security] 20210721 [SECURITY ADVISORY] curl: TELNET stack contents disclosure again", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/07/21/4" }, { "name": "FEDORA-2021-83fdddca0f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "7.7 through 7.76.1" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-29T00:06:14", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1176461" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2021-22898.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde" }, { "name": "[guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans.", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "[oss-security] 20210721 [SECURITY ADVISORY] curl: TELNET stack contents disclosure again", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/07/21/4" }, { "name": "FEDORA-2021-83fdddca0f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2021-22898", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "7.7 through 7.76.1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure (CWE-200)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1176461", "refsource": "MISC", "url": "https://hackerone.com/reports/1176461" }, { "name": "https://curl.se/docs/CVE-2021-22898.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2021-22898.html" }, { "name": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde", "refsource": "MISC", "url": "https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde" }, { "name": "[guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans.", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "[oss-security] 20210721 [SECURITY ADVISORY] curl: TELNET stack contents disclosure again", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/07/21/4" }, { "name": "FEDORA-2021-83fdddca0f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/" }, { "name": "FEDORA-2021-5d21b90a30", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "DSA-5197", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22898", "datePublished": "2021-06-11T15:49:37", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:25.359Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-25032
Vulnerability from cvelistv5
Published
2022-03-25 00:00
Modified
2024-08-05 12:26
Severity ?
EPSS score ?
Summary
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T12:26:39.599Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/03/24/1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" }, { "name": "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/03/25/2" }, { "name": "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/03/26/1" }, { "name": "DSA-5111", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5111" }, { "name": "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" }, { "name": "FEDORA-2022-413a80a102", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" }, { "name": "FEDORA-2022-dbd2935e44", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" }, { "name": "FEDORA-2022-12b89e2aad", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" }, { "name": "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" }, { "name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/33" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/38" }, { "name": "FEDORA-2022-61cf1c64f6", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/03/28/3" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/03/28/1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" }, { "tags": [ "x_transferred" ], "url": "https://github.com/madler/zlib/issues/605" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213257" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213255" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220526-0009/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220729-0004/" }, { "name": "FEDORA-2022-3a92250fd5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/" }, { "name": "FEDORA-2022-b58a85e167", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/" }, { "name": "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html" }, { "name": "GLSA-202210-42", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-42" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.openwall.com/lists/oss-security/2022/03/24/1" }, { "url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531" }, { "name": "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/03/25/2" }, { "name": "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/03/26/1" }, { "name": "DSA-5111", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5111" }, { "name": "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html" }, { "name": "FEDORA-2022-413a80a102", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/" }, { "name": "FEDORA-2022-dbd2935e44", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/" }, { "name": "FEDORA-2022-12b89e2aad", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/" }, { "name": "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html" }, { "name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/33" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/38" }, { "name": "FEDORA-2022-61cf1c64f6", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://www.openwall.com/lists/oss-security/2022/03/28/3" }, { "url": "https://www.openwall.com/lists/oss-security/2022/03/28/1" }, { "url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12" }, { "url": "https://github.com/madler/zlib/issues/605" }, { "url": "https://support.apple.com/kb/HT213257" }, { "url": "https://support.apple.com/kb/HT213256" }, { "url": "https://support.apple.com/kb/HT213255" }, { "url": "https://security.netapp.com/advisory/ntap-20220526-0009/" }, { "url": "https://security.netapp.com/advisory/ntap-20220729-0004/" }, { "name": "FEDORA-2022-3a92250fd5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/" }, { "name": "FEDORA-2022-b58a85e167", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/" }, { "name": "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html" }, { "name": "GLSA-202210-42", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-42" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-25032", "datePublished": "2022-03-25T00:00:00", "dateReserved": "2022-03-25T00:00:00", "dateUpdated": "2024-08-05T12:26:39.599Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32148
Vulnerability from cvelistv5
Published
2022-08-09 20:18
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | net/http |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:55.971Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/412857" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53423" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0520" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "net/http", "product": "net/http", "programRoutines": [ { "name": "Header.Clone" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Christian Mehlmauer" } ], "descriptions": [ { "lang": "en", "value": "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-200: Information Exposure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:32.608Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/412857" }, { "url": "https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a" }, { "url": "https://go.dev/issue/53423" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0520" } ], "title": "Exposure of client IP addresses in net/http" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-32148", "datePublished": "2022-08-09T20:18:21", "dateReserved": "2022-05-31T00:00:00", "dateUpdated": "2024-08-03T07:32:55.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-7662
Vulnerability from cvelistv5
Published
2020-06-02 18:28
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | websocket-extensions (npm) |
Version: All versions prior to 0.1.4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:33:20.006Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/faye/websocket-extensions-node/commit/29496f6838bfadfe5a2f85dff33ed0ba33873237" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-WEBSOCKETEXTENSIONS-570623" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "websocket-extensions (npm)", "vendor": "n/a", "versions": [ { "status": "affected", "version": "All versions prior to 0.1.4" } ] } ], "datePublic": "2020-06-02T00:00:00", "descriptions": [ { "lang": "en", "value": "websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header." } ], "problemTypes": [ { "descriptions": [ { "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-12-18T21:10:46", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/faye/websocket-extensions-node/commit/29496f6838bfadfe5a2f85dff33ed0ba33873237" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-WEBSOCKETEXTENSIONS-570623" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "ID": "CVE-2020-7662", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "websocket-extensions (npm)", "version": { "version_data": [ { "version_value": "All versions prior to 0.1.4" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions", "refsource": "MISC", "url": "https://blog.jcoglan.com/2020/06/02/redos-vulnerability-in-websocket-extensions" }, { "name": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv", "refsource": "MISC", "url": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv" }, { "name": "https://github.com/faye/websocket-extensions-node/commit/29496f6838bfadfe5a2f85dff33ed0ba33873237", "refsource": "MISC", "url": "https://github.com/faye/websocket-extensions-node/commit/29496f6838bfadfe5a2f85dff33ed0ba33873237" }, { "name": "https://snyk.io/vuln/SNYK-JS-WEBSOCKETEXTENSIONS-570623", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-WEBSOCKETEXTENSIONS-570623" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2020-7662", "datePublished": "2020-06-02T18:28:46", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-08-04T09:33:20.006Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41715
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 12:49
Severity ?
EPSS score ?
Summary
Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | regexp/syntax |
Version: 0 ≤ Version: 1.19.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:49:43.550Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/55949" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/439356" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-1039" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "regexp/syntax", "product": "regexp/syntax", "programRoutines": [ { "name": "parser.push" }, { "name": "parser.repeat" }, { "name": "parser.factor" }, { "name": "parse" }, { "name": "Parse" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.18.7", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.19.2", "status": "affected", "version": "1.19.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Adam Korczynski (ADA Logics)" }, { "lang": "en", "value": "OSS-Fuzz" } ], "descriptions": [ { "lang": "en", "value": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE 400: Uncontrolled Resource Consumption", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:05:32.997Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/55949" }, { "url": "https://go.dev/cl/439356" }, { "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU" }, { "url": "https://pkg.go.dev/vuln/GO-2022-1039" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Memory exhaustion when compiling regular expressions in regexp/syntax" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-41715", "datePublished": "2022-10-14T00:00:00", "dateReserved": "2022-09-28T00:00:00", "dateUpdated": "2024-08-03T12:49:43.550Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1705
Vulnerability from cvelistv5
Published
2022-08-09 20:16
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | net/http |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.918Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/409874" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53188" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/410714" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0525" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "net/http", "product": "net/http", "programRoutines": [ { "name": "transferReader.parseTransferEncoding" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Zeyu Zhang (https://www.zeyu2001.com/)" } ], "descriptions": [ { "lang": "en", "value": "Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:43.089Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/409874" }, { "url": "https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f" }, { "url": "https://go.dev/issue/53188" }, { "url": "https://go.dev/cl/410714" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0525" } ], "title": "Improper sanitization of Transfer-Encoding headers in net/http" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-1705", "datePublished": "2022-08-09T20:16:57", "dateReserved": "2022-05-13T00:00:00", "dateUpdated": "2024-08-03T00:10:03.918Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22876
Vulnerability from cvelistv5
Published
2021-04-01 17:45
Modified
2024-08-03 18:51
Severity ?
EPSS score ?
Summary
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: 7.1.1 to and including 7.75.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:51:07.627Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1101882" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2021-22876.html" }, { "name": "FEDORA-2021-cab5c9befb", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "name": "FEDORA-2021-065371f385", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "name": "FEDORA-2021-26a293c72b", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "name": "[debian-lts-announce] 20210517 [SECURITY] [DLA 2664-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html" }, { "name": "GLSA-202105-36", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "7.1.1 to and including 7.75.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-359", "description": "Privacy Violation (CWE-359)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-08T14:06:57", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1101882" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2021-22876.html" }, { "name": "FEDORA-2021-cab5c9befb", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "name": "FEDORA-2021-065371f385", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "name": "FEDORA-2021-26a293c72b", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "name": "[debian-lts-announce] 20210517 [SECURITY] [DLA 2664-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html" }, { "name": "GLSA-202105-36", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2021-22876", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "7.1.1 to and including 7.75.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Privacy Violation (CWE-359)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1101882", "refsource": "MISC", "url": "https://hackerone.com/reports/1101882" }, { "name": "https://curl.se/docs/CVE-2021-22876.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2021-22876.html" }, { "name": "FEDORA-2021-cab5c9befb", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "name": "FEDORA-2021-065371f385", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "name": "FEDORA-2021-26a293c72b", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "name": "[debian-lts-announce] 20210517 [SECURITY] [DLA 2664-1] curl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html" }, { "name": "GLSA-202105-36", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202105-36" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210521-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22876", "datePublished": "2021-04-01T17:45:18", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:51:07.627Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37616
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states "we are in the process of marking this report as invalid"; however, some third parties takes the position that "A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:21.029Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/issues/436" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-9pgh-qqpf-7wqj" }, { "name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3154-1] node-xmldom security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00023.html" }, { "tags": [ "x_transferred" ], "url": "https://dl.acm.org/doi/abs/10.1145/3488932.3497769" }, { "tags": [ "x_transferred" ], "url": "https://dl.acm.org/doi/pdf/10.1145/3488932.3497769" }, { "tags": [ "x_transferred" ], "url": "http://users.encs.concordia.ca/~mmannan/publications/JS-vulnerability-aisaccs2022.pdf" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1327776560" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states \"we are in the process of marking this report as invalid\"; however, some third parties takes the position that \"A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-29T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L1" }, { "url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L3" }, { "url": "https://github.com/xmldom/xmldom/issues/436" }, { "url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-9pgh-qqpf-7wqj" }, { "name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3154-1] node-xmldom security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00023.html" }, { "url": "https://dl.acm.org/doi/abs/10.1145/3488932.3497769" }, { "url": "https://dl.acm.org/doi/pdf/10.1145/3488932.3497769" }, { "url": "http://users.encs.concordia.ca/~mmannan/publications/JS-vulnerability-aisaccs2022.pdf" }, { "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826" }, { "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1327776560" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37616", "datePublished": "2022-10-11T00:00:00", "dateReserved": "2022-08-08T00:00:00", "dateUpdated": "2024-08-03T10:29:21.029Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22897
Vulnerability from cvelistv5
Published
2021-06-11 15:49
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/1172857 | x_refsource_MISC | |
https://curl.se/docs/CVE-2021-22897.html | x_refsource_MISC | |
https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511 | x_refsource_MISC | |
https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20210727-0007/ | x_refsource_CONFIRM | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: 7.61.0 through 7.76.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:24.782Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1172857" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2021-22897.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "7.61.0 through 7.76.1" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single \"static\" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-840", "description": "Business Logic Errors (CWE-840)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:53:46", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1172857" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2021-22897.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2021-22897", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "7.61.0 through 7.76.1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single \"static\" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Business Logic Errors (CWE-840)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1172857", "refsource": "MISC", "url": "https://hackerone.com/reports/1172857" }, { "name": "https://curl.se/docs/CVE-2021-22897.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2021-22897.html" }, { "name": "https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511", "refsource": "MISC", "url": "https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210727-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22897", "datePublished": "2021-06-11T15:49:38", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:24.782Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22922
Vulnerability from cvelistv5
Published
2021-08-05 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.27.0 to and including 7.77.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:26.106Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1213175" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.27.0 to and including 7.77.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-840", "description": "Business Logic Errors (CWE-840)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1213175" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22922", "datePublished": "2021-08-05T00:00:00", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:26.106Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-33987
Vulnerability from cvelistv5
Published
2022-06-18 20:51
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.
References
▼ | URL | Tags |
---|---|---|
https://github.com/sindresorhus/got/pull/2047 | x_refsource_MISC | |
https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0 | x_refsource_MISC | |
https://github.com/sindresorhus/got/releases/tag/v11.8.5 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T08:16:16.308Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sindresorhus/got/pull/2047" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-22T13:05:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sindresorhus/got/pull/2047" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-33987", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/sindresorhus/got/pull/2047", "refsource": "MISC", "url": "https://github.com/sindresorhus/got/pull/2047" }, { "name": "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0", "refsource": "MISC", "url": "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0" }, { "name": "https://github.com/sindresorhus/got/releases/tag/v11.8.5", "refsource": "MISC", "url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-33987", "datePublished": "2022-06-18T20:51:12", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-03T08:16:16.308Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-10746
Vulnerability from cvelistv5
Published
2019-08-23 16:43
Modified
2024-08-04 22:32
Severity ?
EPSS score ?
Summary
mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
References
▼ | URL | Tags |
---|---|---|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/ | vendor-advisory, x_refsource_FEDORA | |
https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | mixin-deep |
Version: All versions before 1.3.2 and version 2.0.0. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:32:01.518Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2020-f80e5c0d65", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/" }, { "name": "FEDORA-2020-4a8f110332", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "mixin-deep", "vendor": "n/a", "versions": [ { "status": "affected", "version": "All versions before 1.3.2 and version 2.0.0." } ] } ], "descriptions": [ { "lang": "en", "value": "mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload." } ], "problemTypes": [ { "descriptions": [ { "description": "Prototype Pollution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-20T22:53:26", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "name": "FEDORA-2020-f80e5c0d65", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/" }, { "name": "FEDORA-2020-4a8f110332", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "ID": "CVE-2019-10746", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "mixin-deep", "version": { "version_data": [ { "version_value": "All versions before 1.3.2 and version 2.0.0." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Prototype Pollution" } ] } ] }, "references": { "reference_data": [ { "name": "FEDORA-2020-f80e5c0d65", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC/" }, { "name": "FEDORA-2020-4a8f110332", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT/" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2019-10746", "datePublished": "2019-08-23T16:43:49", "dateReserved": "2019-04-03T00:00:00", "dateUpdated": "2024-08-04T22:32:01.518Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23773
Vulnerability from cvelistv5
Published
2022-02-11 00:16
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220225-0006/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202208-02 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:51:45.976Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0006/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-04T15:12:04", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0006/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-02" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-23773", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", "refsource": "MISC", "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ" }, { "name": "https://security.netapp.com/advisory/ntap-20220225-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220225-0006/" }, { "name": "GLSA-202208-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-02" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-23773", "datePublished": "2022-02-11T00:16:08", "dateReserved": "2022-01-20T00:00:00", "dateUpdated": "2024-08-03T03:51:45.976Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27774
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 4.9 to and include curl 7.82.0 are affected |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:32:59.946Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1543773" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 4.9 to and include curl 7.82.0 are affected" } ] } ], "descriptions": [ { "lang": "en", "value": "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-522", "description": "Insufficiently Protected Credentials (CWE-522)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-28T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1543773" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-27774", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-03T05:32:59.946Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-43552
Vulnerability from cvelistv5
Published
2023-02-09 00:00
Modified
2024-10-27 14:48
Severity ?
EPSS score ?
Summary
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in curl 7.87.0 |
|
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2022-43552", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T14:27:40.656488Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-27T14:48:12.558Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T13:32:59.678Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1764858" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230214-0002/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in curl 7.87.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A use after free vulnerability exists in curl \u003c7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "Use After Free (CWE-416)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:28.239339", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1764858" }, { "url": "https://security.netapp.com/advisory/ntap-20230214-0002/" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-43552", "datePublished": "2023-02-09T00:00:00", "dateReserved": "2022-10-20T00:00:00", "dateUpdated": "2024-10-27T14:48:12.558Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27191
Vulnerability from cvelistv5
Published
2022-03-18 06:03
Modified
2024-08-03 05:25
Severity ?
EPSS score ?
Summary
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:25:31.128Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s" }, { "name": "FEDORA-2022-a4c9009f3e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/" }, { "name": "FEDORA-2022-d37fb34309", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/" }, { "name": "FEDORA-2022-3a63897745", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/" }, { "name": "FEDORA-2022-5cbd6de569", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/" }, { "name": "FEDORA-2022-c87047f163", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220429-0002/" }, { "name": "FEDORA-2022-14712f9699", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/" }, { "name": "FEDORA-2022-08ae2dd481", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/" }, { "name": "FEDORA-2022-5e637f6cc6", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T03:11:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s" }, { "name": "FEDORA-2022-a4c9009f3e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/" }, { "name": "FEDORA-2022-d37fb34309", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/" }, { "name": "FEDORA-2022-3a63897745", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/" }, { "name": "FEDORA-2022-5cbd6de569", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/" }, { "name": "FEDORA-2022-c87047f163", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220429-0002/" }, { "name": "FEDORA-2022-14712f9699", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/" }, { "name": "FEDORA-2022-08ae2dd481", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/" }, { "name": "FEDORA-2022-5e637f6cc6", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-27191", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/golang-announce", "refsource": "MISC", "url": "https://groups.google.com/g/golang-announce" }, { "name": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", "refsource": "CONFIRM", "url": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s" }, { "name": "FEDORA-2022-a4c9009f3e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/" }, { "name": "FEDORA-2022-d37fb34309", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/" }, { "name": "FEDORA-2022-3a63897745", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/" }, { "name": "FEDORA-2022-5cbd6de569", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/" }, { "name": "FEDORA-2022-c87047f163", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/" }, { "name": "https://security.netapp.com/advisory/ntap-20220429-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220429-0002/" }, { "name": "FEDORA-2022-14712f9699", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/" }, { "name": "FEDORA-2022-08ae2dd481", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/" }, { "name": "FEDORA-2022-5e637f6cc6", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/" }, { "name": "FEDORA-2022-fae3ecee19", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "FEDORA-2022-30c5ed5625", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-27191", "datePublished": "2022-03-18T06:03:34", "dateReserved": "2022-03-15T00:00:00", "dateUpdated": "2024-08-03T05:25:31.128Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-23915
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-08-02 10:42
Severity ?
EPSS score ?
Summary
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.88.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T10:42:27.101Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1826048" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.88.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "Cleartext Transmission of Sensitive Information (CWE-319)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:31.422007", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1826048" }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-23915", "datePublished": "2023-02-23T00:00:00", "dateReserved": "2023-01-19T00:00:00", "dateUpdated": "2024-08-02T10:42:27.101Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40304
Vulnerability from cvelistv5
Published
2022-11-23 00:00
Modified
2024-08-03 12:14
Severity ?
EPSS score ?
Summary
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:14:40.052Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221209-0003/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213534" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213533" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213531" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213536" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213535" }, { "name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/21" }, { "name": "20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/25" }, { "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/26" }, { "name": "20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/24" }, { "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/27" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-21T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags" }, { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3" }, { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b" }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0003/" }, { "url": "https://support.apple.com/kb/HT213534" }, { "url": "https://support.apple.com/kb/HT213533" }, { "url": "https://support.apple.com/kb/HT213531" }, { "url": "https://support.apple.com/kb/HT213536" }, { "url": "https://support.apple.com/kb/HT213535" }, { "name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/21" }, { "name": "20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/25" }, { "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/26" }, { "name": "20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/24" }, { "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/27" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-40304", "datePublished": "2022-11-23T00:00:00", "dateReserved": "2022-09-09T00:00:00", "dateUpdated": "2024-08-03T12:14:40.052Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22926
Vulnerability from cvelistv5
Published
2021-08-05 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curll 7.33.0 to and include 7.77.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:25.857Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1234760" }, { "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211022-0003/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curll 7.33.0 to and include 7.77.0" } ] } ], "descriptions": [ { "lang": "en", "value": "libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-840", "description": "Business Logic Errors (CWE-840)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1234760" }, { "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211022-0003/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22926", "datePublished": "2021-08-05T00:00:00", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:25.857Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-8231
Vulnerability from cvelistv5
Published
2020-12-14 19:39
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/948876 | x_refsource_MISC | |
https://curl.haxx.se/docs/CVE-2020-8231.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/202012-14 | vendor-advisory, x_refsource_GENTOO | |
https://www.debian.org/security/2021/dsa-4881 | vendor-advisory, x_refsource_DEBIAN | |
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | mailing-list, x_refsource_MLIST | |
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | mailing-list, x_refsource_MLIST | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: libcurl 7.29.0 to and including 7.71.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:56:27.965Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/948876" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.haxx.se/docs/CVE-2020-8231.html" }, { "name": "GLSA-202012-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "libcurl 7.29.0 to and including 7.71.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "Use After Free (CWE-416)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:23:23", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/948876" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.haxx.se/docs/CVE-2020-8231.html" }, { "name": "GLSA-202012-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8231", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "libcurl 7.29.0 to and including 7.71.1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free (CWE-416)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/948876", "refsource": "MISC", "url": "https://hackerone.com/reports/948876" }, { "name": "https://curl.haxx.se/docs/CVE-2020-8231.html", "refsource": "MISC", "url": "https://curl.haxx.se/docs/CVE-2020-8231.html" }, { "name": "GLSA-202012-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8231", "datePublished": "2020-12-14T19:39:19", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2024-08-04T09:56:27.965Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-7753
Vulnerability from cvelistv5
Published
2020-10-27 08:15
Modified
2024-09-16 22:03
Severity ?
EPSS score ?
Summary
All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:41:01.526Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-TRIM-1017038" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/component/trim/blob/master/index.js%23L6" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] kaxil opened a new pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r75b8d0b88833d7d96afcdce3ead65e212572ead4e7a9f34d21040196%40%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] ryanahamilton commented on pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r10faad1ef9166d37a1a5c9142b1af7099b8ecdc5ad05c51b8ea993d9%40%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] kaxil closed pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r51ff3c2a4c7b8402f321eae7e624672cc2295c7bc8c12c8b871f6b0b%40%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] github-actions[bot] commented on pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rb8462df3b6484e778905c09cd49a8912e1a302659860017ebe36da03%40%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] ryanahamilton closed pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rcc7c2865a52b544a8e49386c6880e9b9ab29bfce1052b5569d09ee4a%40%3Ccommits.airflow.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "trim", "vendor": "n/a", "versions": [ { "lessThan": "unspecified", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Liyuan Chen" } ], "datePublic": "2020-10-27T00:00:00", "descriptions": [ { "lang": "en", "value": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim()." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-05-12T00:06:17", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-TRIM-1017038" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/component/trim/blob/master/index.js%23L6" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] kaxil opened a new pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r75b8d0b88833d7d96afcdce3ead65e212572ead4e7a9f34d21040196%40%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] ryanahamilton commented on pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r10faad1ef9166d37a1a5c9142b1af7099b8ecdc5ad05c51b8ea993d9%40%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] kaxil closed pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r51ff3c2a4c7b8402f321eae7e624672cc2295c7bc8c12c8b871f6b0b%40%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] github-actions[bot] commented on pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rb8462df3b6484e778905c09cd49a8912e1a302659860017ebe36da03%40%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] ryanahamilton closed pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rcc7c2865a52b544a8e49386c6880e9b9ab29bfce1052b5569d09ee4a%40%3Ccommits.airflow.apache.org%3E" } ], "title": "Regular Expression Denial of Service (ReDoS)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2020-10-27T08:12:13.243968Z", "ID": "CVE-2020-7753", "STATE": "PUBLIC", "TITLE": "Regular Expression Denial of Service (ReDoS)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "trim", "version": { "version_data": [ { "version_affected": "\u003e=", "version_value": "0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "credit": [ { "lang": "eng", "value": "Liyuan Chen" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim()." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)" } ] } ] }, "references": { "reference_data": [ { "name": "https://snyk.io/vuln/SNYK-JS-TRIM-1017038", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-TRIM-1017038" }, { "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132" }, { "name": "https://github.com/component/trim/blob/master/index.js%23L6", "refsource": "MISC", "url": "https://github.com/component/trim/blob/master/index.js%23L6" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] kaxil opened a new pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r75b8d0b88833d7d96afcdce3ead65e212572ead4e7a9f34d21040196@%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] ryanahamilton commented on pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r10faad1ef9166d37a1a5c9142b1af7099b8ecdc5ad05c51b8ea993d9@%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] kaxil closed pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r51ff3c2a4c7b8402f321eae7e624672cc2295c7bc8c12c8b871f6b0b@%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] github-actions[bot] commented on pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rb8462df3b6484e778905c09cd49a8912e1a302659860017ebe36da03@%3Ccommits.airflow.apache.org%3E" }, { "name": "[airflow-commits] 20210511 [GitHub] [airflow] ryanahamilton closed pull request #15782: Bump ``trim`` to fix ``CVE-2020-7753``", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rcc7c2865a52b544a8e49386c6880e9b9ab29bfce1052b5569d09ee4a@%3Ccommits.airflow.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2020-7753", "datePublished": "2020-10-27T08:15:15.542691Z", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-09-16T22:03:06.008Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27664
Vulnerability from cvelistv5
Published
2022-09-06 17:29
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
References
▼ | URL | Tags |
---|---|---|
https://groups.google.com/g/golang-announce | x_refsource_MISC | |
https://groups.google.com/g/golang-announce/c/x49AQzIVX-s | x_refsource_CONFIRM | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/ | vendor-advisory, x_refsource_FEDORA | |
https://security.netapp.com/advisory/ntap-20220923-0004/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202209-26 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:32:59.884Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s" }, { "name": "FEDORA-2022-67ec8c61d0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/" }, { "name": "FEDORA-2022-45097317b4", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220923-0004/" }, { "name": "GLSA-202209-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202209-26" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-29T16:06:56", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s" }, { "name": "FEDORA-2022-67ec8c61d0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/" }, { "name": "FEDORA-2022-45097317b4", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220923-0004/" }, { "name": "GLSA-202209-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202209-26" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-27664", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/golang-announce", "refsource": "MISC", "url": "https://groups.google.com/g/golang-announce" }, { "name": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", "refsource": "CONFIRM", "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s" }, { "name": "FEDORA-2022-67ec8c61d0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/" }, { "name": "FEDORA-2022-45097317b4", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/" }, { "name": "https://security.netapp.com/advisory/ntap-20220923-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220923-0004/" }, { "name": "GLSA-202209-26", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202209-26" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-27664", "datePublished": "2022-09-06T17:29:08", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-03T05:32:59.884Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23772
Vulnerability from cvelistv5
Published
2022-02-11 00:11
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
References
▼ | URL | Tags |
---|---|---|
https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html | mailing-list, x_refsource_MLIST | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220225-0006/ | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/202208-02 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:51:46.050Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0006/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-04T15:08:10", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0006/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-02" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-23772", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", "refsource": "MISC", "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ" }, { "name": "https://security.netapp.com/advisory/ntap-20220225-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220225-0006/" }, { "name": "GLSA-202208-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-02" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-23772", "datePublished": "2022-02-11T00:11:15", "dateReserved": "2022-01-20T00:00:00", "dateUpdated": "2024-08-03T03:51:46.050Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41720
Vulnerability from cvelistv5
Published
2022-12-07 16:11
Modified
2024-08-03 12:49
Severity ?
EPSS score ?
Summary
On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS("C:/tmp").Open("COM1") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS("") has changed. Previously, an empty root was treated equivalently to "/", so os.DirFS("").Open("tmp") would open the path "/tmp". This now returns an error.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Go standard library | os |
Version: 0 ≤ Version: 1.19.0-0 ≤ |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:49:43.510Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/56694" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/455716" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-1143" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "os", "platforms": [ "windows" ], "product": "os", "programRoutines": [ { "name": "dirFS.Open" }, { "name": "dirFS.Stat" }, { "name": "DirFS" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.18.9", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.19.4", "status": "affected", "version": "1.19.0-0", "versionType": "semver" } ] }, { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "net/http", "platforms": [ "windows" ], "product": "net/http", "programRoutines": [ { "name": "Dir.Open" }, { "name": "ServeFile" }, { "name": "fileHandler.ServeHTTP" }, { "name": "fileTransport.RoundTrip" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.18.9", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.19.4", "status": "affected", "version": "1.19.0-0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(\"C:/tmp\").Open(\"COM1\") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(\"\") has changed. Previously, an empty root was treated equivalently to \"/\", so os.DirFS(\"\").Open(\"tmp\") would open the path \"/tmp\". This now returns an error." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE 22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:05:39.487Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/56694" }, { "url": "https://go.dev/cl/455716" }, { "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2022-1143" } ], "title": "Restricted file access on Windows in os and net/http" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-41720", "datePublished": "2022-12-07T16:11:18.867Z", "dateReserved": "2022-09-28T17:00:06.609Z", "dateUpdated": "2024-08-03T12:49:43.510Z", "requesterUserId": "7d08541a-cd0a-42e2-8f81-76e6ceb65fc3", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40023
Vulnerability from cvelistv5
Published
2022-09-07 00:00
Modified
2024-08-03 12:07
Severity ?
EPSS score ?
Summary
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:07:43.228Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/sqlalchemy/mako/issues/366" }, { "tags": [ "x_transferred" ], "url": "https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21" }, { "tags": [ "x_transferred" ], "url": "https://pyup.io/vulnerabilities/CVE-2022-40023/50870/" }, { "name": "[debian-lts-announce] 20220921 [SECURITY] [DLA 3116-1] mako security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html" }, { "tags": [ "x_transferred" ], "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-27T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/sqlalchemy/mako/issues/366" }, { "url": "https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c" }, { "url": "https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21" }, { "url": "https://pyup.io/vulnerabilities/CVE-2022-40023/50870/" }, { "name": "[debian-lts-announce] 20220921 [SECURITY] [DLA 3116-1] mako security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html" }, { "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-40023", "datePublished": "2022-09-07T00:00:00", "dateReserved": "2022-09-06T00:00:00", "dateUpdated": "2024-08-03T12:07:43.228Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-20149
Vulnerability from cvelistv5
Published
2019-12-30 18:25
Modified
2024-08-05 02:39
Severity ?
EPSS score ?
Summary
ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
References
▼ | URL | Tags |
---|---|---|
https://github.com/jonschlinkert/kind-of/issues/30 | x_refsource_MISC | |
https://github.com/jonschlinkert/kind-of/pull/31 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T02:39:08.099Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jonschlinkert/kind-of/issues/30" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jonschlinkert/kind-of/pull/31" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by \u0027constructor\u0027: {\u0027name\u0027:\u0027Symbol\u0027}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-12-30T18:25:10", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jonschlinkert/kind-of/issues/30" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jonschlinkert/kind-of/pull/31" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-20149", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by \u0027constructor\u0027: {\u0027name\u0027:\u0027Symbol\u0027}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/jonschlinkert/kind-of/issues/30", "refsource": "MISC", "url": "https://github.com/jonschlinkert/kind-of/issues/30" }, { "name": "https://github.com/jonschlinkert/kind-of/pull/31", "refsource": "MISC", "url": "https://github.com/jonschlinkert/kind-of/pull/31" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-20149", "datePublished": "2019-12-30T18:25:10", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2024-08-05T02:39:08.099Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-15138
Vulnerability from cvelistv5
Published
2020-08-07 16:30
Modified
2024-08-04 13:08
Severity ?
EPSS score ?
Summary
Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism >=v1.1.0 that use the _Previewers_ plugin (>=v1.10.0) or the _Previewer: Easing_ plugin (v1.1.0 to v1.9.0). This problem is fixed in version 1.21.0. To workaround the issue without upgrading, disable the easing preview on all impacted code blocks. You need Prism v1.10.0 or newer to apply this workaround.
References
▼ | URL | Tags |
---|---|---|
https://github.com/PrismJS/prism/security/advisories/GHSA-wvhm-4hhf-97x9 | x_refsource_CONFIRM | |
https://prismjs.com/plugins/previewers/#disabling-a-previewer | x_refsource_MISC | |
https://github.com/PrismJS/prism/pull/2506/commits/7bd7de05edf71112a3a77f87901a2409c9c5c20c | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:08:21.948Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/PrismJS/prism/security/advisories/GHSA-wvhm-4hhf-97x9" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://prismjs.com/plugins/previewers/#disabling-a-previewer" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/PrismJS/prism/pull/2506/commits/7bd7de05edf71112a3a77f87901a2409c9c5c20c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "prism", "vendor": "PrismJS", "versions": [ { "status": "affected", "version": "\u003e= 1.1.0, \u003c 1.21.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism \u003e=v1.1.0 that use the _Previewers_ plugin (\u003e=v1.10.0) or the _Previewer: Easing_ plugin (v1.1.0 to v1.9.0). This problem is fixed in version 1.21.0. To workaround the issue without upgrading, disable the easing preview on all impacted code blocks. You need Prism v1.10.0 or newer to apply this workaround." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "{\"CWE-79\":\"Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-07T16:30:14", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/PrismJS/prism/security/advisories/GHSA-wvhm-4hhf-97x9" }, { "tags": [ "x_refsource_MISC" ], "url": "https://prismjs.com/plugins/previewers/#disabling-a-previewer" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/PrismJS/prism/pull/2506/commits/7bd7de05edf71112a3a77f87901a2409c9c5c20c" } ], "source": { "advisory": "GHSA-wvhm-4hhf-97x9", "discovery": "UNKNOWN" }, "title": "Cross-Site Scripting in Prism", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15138", "STATE": "PUBLIC", "TITLE": "Cross-Site Scripting in Prism" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "prism", "version": { "version_data": [ { "version_value": "\u003e= 1.1.0, \u003c 1.21.0" } ] } } ] }, "vendor_name": "PrismJS" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism \u003e=v1.1.0 that use the _Previewers_ plugin (\u003e=v1.10.0) or the _Previewer: Easing_ plugin (v1.1.0 to v1.9.0). This problem is fixed in version 1.21.0. To workaround the issue without upgrading, disable the easing preview on all impacted code blocks. You need Prism v1.10.0 or newer to apply this workaround." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "{\"CWE-79\":\"Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/PrismJS/prism/security/advisories/GHSA-wvhm-4hhf-97x9", "refsource": "CONFIRM", "url": "https://github.com/PrismJS/prism/security/advisories/GHSA-wvhm-4hhf-97x9" }, { "name": "https://prismjs.com/plugins/previewers/#disabling-a-previewer", "refsource": "MISC", "url": "https://prismjs.com/plugins/previewers/#disabling-a-previewer" }, { "name": "https://github.com/PrismJS/prism/pull/2506/commits/7bd7de05edf71112a3a77f87901a2409c9c5c20c", "refsource": "MISC", "url": "https://github.com/PrismJS/prism/pull/2506/commits/7bd7de05edf71112a3a77f87901a2409c9c5c20c" } ] }, "source": { "advisory": "GHSA-wvhm-4hhf-97x9", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15138", "datePublished": "2020-08-07T16:30:14", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:21.948Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-33587
Vulnerability from cvelistv5
Published
2021-05-28 00:00
Modified
2024-08-03 23:50
Severity ?
EPSS score ?
Summary
The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:50:43.024Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/fb55/css-what/releases/tag/v5.0.1" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210706-0007/" }, { "name": "[debian-lts-announce] 20230303 [SECURITY] [DLA 3350-1] node-css-what security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00001.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-03T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/fb55/css-what/releases/tag/v5.0.1" }, { "url": "https://security.netapp.com/advisory/ntap-20210706-0007/" }, { "name": "[debian-lts-announce] 20230303 [SECURITY] [DLA 3350-1] node-css-what security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00001.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-33587", "datePublished": "2021-05-28T00:00:00", "dateReserved": "2021-05-27T00:00:00", "dateUpdated": "2024-08-03T23:50:43.024Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1370
Vulnerability from cvelistv5
Published
2023-03-13 09:04
Modified
2024-08-02 05:49
Severity ?
EPSS score ?
Summary
[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.
When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively.
It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | json-smart | json-smart |
Version: 0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:49:10.250Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://mvnrepository.com", "packageName": "net.minidev:json-smart", "product": "json-smart", "vendor": "json-smart", "versions": [ { "lessThan": "2.4.9", "status": "affected", "version": "0", "versionType": "maven" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003e[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\u003c/p\u003e\u003cp\u003eWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\u003c/p\u003e\u003cp\u003eIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.\u003c/p\u003e" } ], "value": "[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\n\nWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\n\nIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-22T05:04:36.365Z", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON" } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2023-1370", "datePublished": "2023-03-13T09:04:36.365Z", "dateReserved": "2023-03-13T08:35:00.695Z", "dateUpdated": "2024-08-02T05:49:10.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35260
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-11-19 20:09
Severity ?
EPSS score ?
Summary
curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.86.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:29:17.464Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1721098" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213604" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-35260", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-27T19:48:27.630222Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T20:09:10.400Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.86.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "Out-of-bounds Read (CWE-125)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-24T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1721098" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "url": "https://support.apple.com/kb/HT213604" }, { "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-35260", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-07-06T00:00:00", "dateUpdated": "2024-11-19T20:09:10.400Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-27537
Vulnerability from cvelistv5
Published
2023-03-30 00:00
Modified
2024-08-02 12:16
Severity ?
EPSS score ?
Summary
A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:16:35.551Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1897203" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.0.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A double free vulnerability exists in libcurl \u003c8.0.0 when sharing HSTS data between separate \"handles\". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS data could end up doing a double-free or use-after-free." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-415", "description": "Double Free (CWE-415)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:37.578536", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1897203" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-27537", "datePublished": "2023-03-30T00:00:00", "dateReserved": "2023-03-02T00:00:00", "dateUpdated": "2024-08-02T12:16:35.551Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-10744
Vulnerability from cvelistv5
Published
2019-07-25 23:43
Modified
2024-08-04 22:32
Severity ?
EPSS score ?
Summary
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2019:3024 | vendor-advisory, x_refsource_REDHAT | |
https://www.oracle.com/security-alerts/cpuoct2020.html | x_refsource_MISC | |
https://snyk.io/vuln/SNYK-JS-LODASH-450202 | x_refsource_CONFIRM | |
https://security.netapp.com/advisory/ntap-20191004-0005/ | x_refsource_CONFIRM | |
https://support.f5.com/csp/article/K47105354?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM | |
https://www.oracle.com/security-alerts/cpujan2021.html | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:32:01.271Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2019:3024", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3024" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-LODASH-450202" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20191004-0005/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/csp/article/K47105354?utm_source=f5support\u0026amp%3Butm_medium=RSS" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "lodash", "vendor": "Snyk", "versions": [ { "status": "affected", "version": "All versions prior to 4.17.12" } ] } ], "descriptions": [ { "lang": "en", "value": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload." } ], "problemTypes": [ { "descriptions": [ { "description": "Prototype Pollution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-01-20T14:42:00", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "name": "RHSA-2019:3024", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3024" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://snyk.io/vuln/SNYK-JS-LODASH-450202" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20191004-0005/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/csp/article/K47105354?utm_source=f5support\u0026amp%3Butm_medium=RSS" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "ID": "CVE-2019-10744", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "lodash", "version": { "version_data": [ { "version_value": "All versions prior to 4.17.12" } ] } } ] }, "vendor_name": "Snyk" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Prototype Pollution" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2019:3024", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3024" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://snyk.io/vuln/SNYK-JS-LODASH-450202", "refsource": "CONFIRM", "url": "https://snyk.io/vuln/SNYK-JS-LODASH-450202" }, { "name": "https://security.netapp.com/advisory/ntap-20191004-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20191004-0005/" }, { "name": "https://support.f5.com/csp/article/K47105354?utm_source=f5support\u0026amp;utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K47105354?utm_source=f5support\u0026amp;utm_medium=RSS" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2019-10744", "datePublished": "2019-07-25T23:43:03", "dateReserved": "2019-04-03T00:00:00", "dateUpdated": "2024-08-04T22:32:01.271Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27781
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 05:33
Severity ?
EPSS score ?
Summary
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.83.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:33:00.192Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1555441" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.83.1" } ] } ], "descriptions": [ { "lang": "en", "value": "libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server\u0027s certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "Denial of Service (CWE-400)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1555441" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-27781", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-03T05:33:00.192Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40303
Vulnerability from cvelistv5
Published
2022-11-22 00:00
Modified
2024-08-03 12:14
Severity ?
EPSS score ?
Summary
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:14:40.053Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221209-0003/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213534" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213533" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213531" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213536" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213535" }, { "name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/21" }, { "name": "20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/25" }, { "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/26" }, { "name": "20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/24" }, { "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/27" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-21T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3" }, { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0" }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0003/" }, { "url": "https://support.apple.com/kb/HT213534" }, { "url": "https://support.apple.com/kb/HT213533" }, { "url": "https://support.apple.com/kb/HT213531" }, { "url": "https://support.apple.com/kb/HT213536" }, { "url": "https://support.apple.com/kb/HT213535" }, { "name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/21" }, { "name": "20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/25" }, { "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/26" }, { "name": "20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/24" }, { "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Dec/27" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-40303", "datePublished": "2022-11-22T00:00:00", "dateReserved": "2022-09-09T00:00:00", "dateUpdated": "2024-08-03T12:14:40.053Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-23343
Vulnerability from cvelistv5
Published
2021-05-04 08:25
Modified
2024-09-16 22:14
Severity ?
EPSS score ?
Summary
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
References
▼ | URL | Tags |
---|---|---|
https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067 | x_refsource_MISC | |
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028 | x_refsource_MISC | |
https://github.com/jbgutierrez/path-parse/issues/8 | x_refsource_MISC | |
https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85%40%3Cdev.myfaces.apache.org%3E | mailing-list, x_refsource_MLIST |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | path-parse |
Version: 0 < unspecified |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:05:55.625Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jbgutierrez/path-parse/issues/8" }, { "name": "[myfaces-dev] 20210531 Re: [VOTE] Release Tobago 4.5.4, 5.0.0-alpha-1 and checkstyle-rules 14", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85%40%3Cdev.myfaces.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "path-parse", "vendor": "n/a", "versions": [ { "lessThan": "unspecified", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Yeting Li" } ], "datePublic": "2021-05-04T00:00:00", "descriptions": [ { "lang": "en", "value": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-05-31T05:06:14", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jbgutierrez/path-parse/issues/8" }, { "name": "[myfaces-dev] 20210531 Re: [VOTE] Release Tobago 4.5.4, 5.0.0-alpha-1 and checkstyle-rules 14", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85%40%3Cdev.myfaces.apache.org%3E" } ], "title": "Regular Expression Denial of Service (ReDoS)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2021-05-04T08:24:17.714828Z", "ID": "CVE-2021-23343", "STATE": "PUBLIC", "TITLE": "Regular Expression Denial of Service (ReDoS)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "path-parse", "version": { "version_data": [ { "version_affected": "\u003e=", "version_value": "0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "credit": [ { "lang": "eng", "value": "Yeting Li" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)" } ] } ] }, "references": { "reference_data": [ { "name": "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067" }, { "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1279028" }, { "name": "https://github.com/jbgutierrez/path-parse/issues/8", "refsource": "MISC", "url": "https://github.com/jbgutierrez/path-parse/issues/8" }, { "name": "[myfaces-dev] 20210531 Re: [VOTE] Release Tobago 4.5.4, 5.0.0-alpha-1 and checkstyle-rules 14", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6a32cb3eda3b19096ad48ef1e7aa8f26e005f2f63765abb69ce08b85@%3Cdev.myfaces.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2021-23343", "datePublished": "2021-05-04T08:25:17.431572Z", "dateReserved": "2021-01-08T00:00:00", "dateUpdated": "2024-09-16T22:14:48.595Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22901
Vulnerability from cvelistv5
Published
2021-06-11 15:49
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/1180380 | x_refsource_MISC | |
https://curl.se/docs/CVE-2021-22901.html | x_refsource_MISC | |
https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479 | x_refsource_MISC | |
https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20210723-0001/ | x_refsource_CONFIRM | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20210727-0007/ | x_refsource_CONFIRM | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: 7.75.0 through 7.76.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:25.389Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1180380" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2021-22901.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210723-0001/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "7.75.0 through 7.76.1" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "Use After Free (CWE-416)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-05-10T11:06:06", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1180380" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2021-22901.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210723-0001/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2021-22901", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "7.75.0 through 7.76.1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use After Free (CWE-416)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1180380", "refsource": "MISC", "url": "https://hackerone.com/reports/1180380" }, { "name": "https://curl.se/docs/CVE-2021-22901.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2021-22901.html" }, { "name": "https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479", "refsource": "MISC", "url": "https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210723-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210723-0001/" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210727-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22901", "datePublished": "2021-06-11T15:49:38", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:25.389Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37603
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:21.025Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L38" }, { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L107" }, { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/issues/213" }, { "name": "FEDORA-2023-86d75130fe", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/" }, { "name": "FEDORA-2023-a4f0b29f6c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/" }, { "name": "FEDORA-2023-2e38c3756f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-30T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L38" }, { "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L107" }, { "url": "https://github.com/webpack/loader-utils/issues/213" }, { "name": "FEDORA-2023-86d75130fe", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAC5KQ2SEWAMQ6UZAUBZ5KXKEOESH375/" }, { "name": "FEDORA-2023-a4f0b29f6c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERN6YE3DS7NBW7UH44SCJBMNC2NWQ7SM/" }, { "name": "FEDORA-2023-2e38c3756f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNV2GNZXOTEDAJRFH3ZYWRUBGIVL7BSU/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37603", "datePublished": "2022-10-14T00:00:00", "dateReserved": "2022-08-08T00:00:00", "dateUpdated": "2024-08-03T10:29:21.025Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46175
Vulnerability from cvelistv5
Published
2022-12-24 00:00
Modified
2024-08-03 14:24
Severity ?
EPSS score ?
Summary
JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 versions 1.0.2, 2.2.2, and later.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:24:03.459Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" }, { "tags": [ "x_transferred" ], "url": "https://github.com/json5/json5/issues/199" }, { "tags": [ "x_transferred" ], "url": "https://github.com/json5/json5/issues/295" }, { "tags": [ "x_transferred" ], "url": "https://github.com/json5/json5/pull/298" }, { "name": "FEDORA-2023-e7297a4aeb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3S26TLPLVFAJTUN3VIXFDEBEXDYO22CE/" }, { "name": "[debian-lts-announce] 20231125 [SECURITY] [DLA 3665-1] node-json5 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00021.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "json5", "vendor": "json5", "versions": [ { "status": "affected", "version": "\u003c 2.2.2" } ] } ], "descriptions": [ { "lang": "en", "value": "JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 versions 1.0.2, 2.2.2, and later." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1321", "description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-26T00:06:12.132080", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" }, { "url": "https://github.com/json5/json5/issues/199" }, { "url": "https://github.com/json5/json5/issues/295" }, { "url": "https://github.com/json5/json5/pull/298" }, { "name": "FEDORA-2023-e7297a4aeb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3S26TLPLVFAJTUN3VIXFDEBEXDYO22CE/" }, { "name": "[debian-lts-announce] 20231125 [SECURITY] [DLA 3665-1] node-json5 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00021.html" } ], "source": { "advisory": "GHSA-9c47-m6qq-7p4h", "discovery": "UNKNOWN" } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-46175", "datePublished": "2022-12-24T00:00:00", "dateReserved": "2022-11-28T00:00:00", "dateUpdated": "2024-08-03T14:24:03.459Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-27534
Vulnerability from cvelistv5
Published
2023-03-30 00:00
Modified
2024-08-02 12:16
Severity ?
EPSS score ?
Summary
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:16:35.536Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1892351" }, { "name": "FEDORA-2023-7e7414e64d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230420-0012/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "name": "[debian-lts-announce] 20240317 [SECURITY] [DLA 3763-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00016.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.0.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A path traversal vulnerability exists in curl \u003c8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user\u0027s home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "Path Traversal (CWE-22)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-17T12:05:55.110367", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1892351" }, { "name": "FEDORA-2023-7e7414e64d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0012/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "name": "[debian-lts-announce] 20240317 [SECURITY] [DLA 3763-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00016.html" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-27534", "datePublished": "2023-03-30T00:00:00", "dateReserved": "2023-03-02T00:00:00", "dateUpdated": "2024-08-02T12:16:35.536Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30631
Vulnerability from cvelistv5
Published
2022-08-09 20:16
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | compress/gzip |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:13.231Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/417067" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53168" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0524" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "compress/gzip", "product": "compress/gzip", "programRoutines": [ { "name": "Reader.Read" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-674: Uncontrolled Recursion", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:40.977Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/417067" }, { "url": "https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e" }, { "url": "https://go.dev/issue/53168" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0524" } ], "title": "Stack exhaustion when reading certain archives in compress/gzip" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30631", "datePublished": "2022-08-09T20:16:32", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:13.231Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-7774
Vulnerability from cvelistv5
Published
2020-11-17 12:30
Modified
2024-09-16 20:13
Severity ?
EPSS score ?
Summary
The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:41:01.338Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-Y18N-1021887" }, { "tags": [ "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306" }, { "tags": [ "x_transferred" ], "url": "https://github.com/yargs/y18n/pull/108" }, { "tags": [ "x_transferred" ], "url": "https://github.com/yargs/y18n/issues/96" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "y18n", "vendor": "n/a", "versions": [ { "lessThan": "5.0.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "po6ix" } ], "datePublic": "2020-11-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "integrityImpact": "LOW", "privilegesRequired": "NONE", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", "temporalScore": 6.9, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Prototype Pollution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-14T00:00:00", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "url": "https://snyk.io/vuln/SNYK-JS-Y18N-1021887" }, { "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306" }, { "url": "https://github.com/yargs/y18n/pull/108" }, { "url": "https://github.com/yargs/y18n/issues/96" }, { "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "Prototype Pollution" } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2020-7774", "datePublished": "2020-11-17T12:30:20.482040Z", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-09-16T20:13:29.664Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32208
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:55.993Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1590071" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.84.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When curl \u003c 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-840", "description": "Business Logic Errors (CWE-840)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1590071" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32208", "datePublished": "2022-07-07T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:55.993Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4200
Vulnerability from cvelistv5
Published
2023-01-02 21:49
Modified
2024-08-03 01:34
Severity ?
EPSS score ?
Summary
The Login with Cognito WordPress plugin through 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
References
▼ | URL | Tags |
---|---|---|
https://wpscan.com/vulnerability/ac2e3fea-e1e6-4d90-9945-d8434a00a3cf | exploit, vdb-entry, technical-description |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Unknown | Login with Cognito |
Version: 0 < |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:34:49.549Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "exploit", "vdb-entry", "technical-description", "x_transferred" ], "url": "https://wpscan.com/vulnerability/ac2e3fea-e1e6-4d90-9945-d8434a00a3cf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "affected", "product": "Login with Cognito", "vendor": "Unknown", "versions": [ { "lessThanOrEqual": "1.4.8", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "iohex" }, { "lang": "en", "type": "coordinator", "value": "WPScan" } ], "descriptions": [ { "lang": "en", "value": "The Login with Cognito WordPress plugin through 1.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Cross-Site Scripting (XSS)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-10T09:08:57.612Z", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan" }, "references": [ { "tags": [ "exploit", "vdb-entry", "technical-description" ], "url": "https://wpscan.com/vulnerability/ac2e3fea-e1e6-4d90-9945-d8434a00a3cf" } ], "source": { "discovery": "EXTERNAL" }, "title": "Login with Cognito \u003c= 1.4.8 - Admin+ Stored XSS", "x_generator": { "engine": "WPScan CVE Generator" } } }, "cveMetadata": { "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2022-4200", "datePublished": "2023-01-02T21:49:34.280Z", "dateReserved": "2022-11-29T04:08:03.585Z", "dateUpdated": "2024-08-03T01:34:49.549Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27778
Vulnerability from cvelistv5
Published
2022-06-01 19:03
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/1553598 | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220609-0009/ | x_refsource_CONFIRM | |
https://security.netapp.com/advisory/ntap-20220729-0004/ | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: fixed in 7.83.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:32:59.845Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1553598" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220729-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "fixed in 7.83.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-706", "description": "Use of Incorrectly-Resolved Name or Reference (CWE-706)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-29T19:09:59", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1553598" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220729-0004/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2022-27778", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "fixed in 7.83.1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Use of Incorrectly-Resolved Name or Reference (CWE-706)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1553598", "refsource": "MISC", "url": "https://hackerone.com/reports/1553598" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20220609-0009/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "https://security.netapp.com/advisory/ntap-20220729-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220729-0004/" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-27778", "datePublished": "2022-06-01T19:03:32", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-03T05:32:59.845Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-27536
Vulnerability from cvelistv5
Published
2023-03-30 00:00
Modified
2024-08-02 12:16
Severity ?
EPSS score ?
Summary
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:16:35.616Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1895135" }, { "name": "FEDORA-2023-7e7414e64d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.0.0" } ] } ], "descriptions": [ { "lang": "en", "value": "An authentication bypass vulnerability exists libcurl \u003c8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-305", "description": "Authentication Bypass by Primary Weakness (CWE-305)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:17.316068", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1895135" }, { "name": "FEDORA-2023-7e7414e64d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-27536", "datePublished": "2023-03-30T00:00:00", "dateReserved": "2023-03-02T00:00:00", "dateUpdated": "2024-08-02T12:16:35.616Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30633
Vulnerability from cvelistv5
Published
2022-08-09 20:16
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | encoding/xml |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:13.196Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/417061" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53611" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0523" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "encoding/xml", "product": "encoding/xml", "programRoutines": [ { "name": "Decoder.DecodeElement" }, { "name": "Decoder.unmarshal" }, { "name": "Decoder.unmarshalPath" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the \u0027any\u0027 field tag." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-674: Uncontrolled Recursion", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:39.511Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/417061" }, { "url": "https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08" }, { "url": "https://go.dev/issue/53611" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0523" } ], "title": "Stack exhaustion when unmarshaling certain documents in encoding/xml" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30633", "datePublished": "2022-08-09T20:16:19", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:13.196Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-29060
Vulnerability from cvelistv5
Published
2021-06-21 15:45
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.
References
▼ | URL | Tags |
---|---|---|
https://github.com/yetingli/SaveResults/blob/main/js/color-string.js | x_refsource_MISC | |
https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3 | x_refsource_MISC | |
https://www.npmjs.com/package/color-string | x_refsource_MISC | |
https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T21:55:12.637Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.npmjs.com/package/color-string" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-21T15:45:53", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.npmjs.com/package/color-string" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-29060", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js", "refsource": "MISC", "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js" }, { "name": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3", "refsource": "MISC", "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3" }, { "name": "https://www.npmjs.com/package/color-string", "refsource": "MISC", "url": "https://www.npmjs.com/package/color-string" }, { "name": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md", "refsource": "MISC", "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-29060", "datePublished": "2021-06-21T15:45:53", "dateReserved": "2021-03-22T00:00:00", "dateUpdated": "2024-08-03T21:55:12.637Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22947
Vulnerability from cvelistv5
Published
2021-09-29 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.20.0 to and including 7.78.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:26.408Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1334763" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html" }, { "name": "FEDORA-2021-fc96a3a749", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "FEDORA-2021-1d24845e93", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.20.0 to and including 7.78.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When curl \u003e= 7.20.0 and \u003c= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker\u0027s injected data comes from the TLS-protected server." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-310", "description": "Cryptographic Issues - Generic (CWE-310)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1334763" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html" }, { "name": "FEDORA-2021-fc96a3a749", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "FEDORA-2021-1d24845e93", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "url": "https://support.apple.com/kb/HT213183" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22947", "datePublished": "2021-09-29T00:00:00", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:26.408Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27779
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 05:33
Severity ?
EPSS score ?
Summary
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.83.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:33:00.476Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1553301" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.83.1" } ] } ], "descriptions": [ { "lang": "en", "value": "libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl\u0027s \"cookie engine\" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-201", "description": "Information Exposure Through Sent Data (CWE-201)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1553301" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-27779", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-03T05:33:00.476Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35737
Vulnerability from cvelistv5
Published
2022-08-03 00:00
Modified
2024-08-03 09:44
Severity ?
EPSS score ?
Summary
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:44:21.941Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.sqlite.org/cves.html" }, { "tags": [ "x_transferred" ], "url": "https://kb.cert.org/vuls/id/720344" }, { "tags": [ "x_transferred" ], "url": "https://sqlite.org/releaselog/3_39_2.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0009/" }, { "tags": [ "x_transferred" ], "url": "https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/" }, { "name": "GLSA-202210-40", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-40" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.sqlite.org/cves.html" }, { "url": "https://kb.cert.org/vuls/id/720344" }, { "url": "https://sqlite.org/releaselog/3_39_2.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0009/" }, { "url": "https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/" }, { "name": "GLSA-202210-40", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-40" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-35737", "datePublished": "2022-08-03T00:00:00", "dateReserved": "2022-07-13T00:00:00", "dateUpdated": "2024-08-03T09:44:21.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-23916
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-08-02 10:42
Severity ?
EPSS score ?
Summary
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.88.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T10:42:26.847Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1826048" }, { "name": "[debian-lts-announce] 20230224 [SECURITY] [DLA 3341-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" }, { "name": "FEDORA-2023-94df30cbec", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/" }, { "name": "DSA-5365", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5365" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.88.0" } ] } ], "descriptions": [ { "lang": "en", "value": "An allocation of resources without limits or throttling vulnerability exists in curl \u003cv7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling (CWE-770)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:40.617377", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1826048" }, { "name": "[debian-lts-announce] 20230224 [SECURITY] [DLA 3341-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" }, { "name": "FEDORA-2023-94df30cbec", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/" }, { "name": "DSA-5365", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5365" }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-23916", "datePublished": "2023-02-23T00:00:00", "dateReserved": "2023-01-19T00:00:00", "dateUpdated": "2024-08-02T10:42:26.847Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32207
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.011Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1573634" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.84.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When curl \u003c 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-840", "description": "Business Logic Errors (CWE-840)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1573634" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32207", "datePublished": "2022-07-07T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.011Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-29526
Vulnerability from cvelistv5
Published
2022-06-22 13:15
Modified
2024-08-03 06:26
Severity ?
EPSS score ?
Summary
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:26:06.342Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/golang/go/issues/52313" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ffe7dba2cb", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220729-0001/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T03:08:35", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/golang/go/issues/52313" }, { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ffe7dba2cb", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220729-0001/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-29526", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/golang-announce", "refsource": "MISC", "url": "https://groups.google.com/g/golang-announce" }, { "name": "https://github.com/golang/go/issues/52313", "refsource": "MISC", "url": "https://github.com/golang/go/issues/52313" }, { "name": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", "refsource": "MISC", "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU" }, { "name": "FEDORA-2022-fae3ecee19", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ffe7dba2cb", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/" }, { "name": "FEDORA-2022-ba365d3703", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "https://security.netapp.com/advisory/ntap-20220729-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220729-0001/" }, { "name": "GLSA-202208-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-29526", "datePublished": "2022-06-22T13:15:32", "dateReserved": "2022-04-20T00:00:00", "dateUpdated": "2024-08-03T06:26:06.342Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27776
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-11-20 15:23
Severity ?
EPSS score ?
Summary
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: fixed in curl 7.83.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:32:59.926Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1547048" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "FEDORA-2022-f83aec6d57", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/" }, { "name": "FEDORA-2022-bca2c95559", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-27776", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-20T15:23:04.795275Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-20T15:23:17.772Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "fixed in curl 7.83.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-522", "description": "Insufficiently Protected Credentials (CWE-522)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1547048" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "FEDORA-2022-f83aec6d57", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/" }, { "name": "FEDORA-2022-bca2c95559", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-27776", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-11-20T15:23:17.772Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27782
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.83.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:32:59.911Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1555796" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/03/20/6" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.83.1" } ] } ], "descriptions": [ { "lang": "en", "value": "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-840", "description": "Business Logic Errors (CWE-840)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-20T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1555796" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0009/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/03/20/6" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-27782", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-03T05:32:59.911Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22946
Vulnerability from cvelistv5
Published
2021-09-29 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.20.0 to and including 7.78.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:26.135Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1334111" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html" }, { "name": "FEDORA-2021-fc96a3a749", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "FEDORA-2021-1d24845e93", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220121-0008/" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.20.0 to and including 7.78.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-325", "description": "Missing Required Cryptographic Step (CWE-325)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1334111" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html" }, { "name": "FEDORA-2021-fc96a3a749", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "FEDORA-2021-1d24845e93", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/" }, { "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, { "url": "https://security.netapp.com/advisory/ntap-20220121-0008/" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "url": "https://support.apple.com/kb/HT213183" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22946", "datePublished": "2021-09-29T00:00:00", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:26.135Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-43680
Vulnerability from cvelistv5
Published
2022-10-24 00:00
Modified
2024-08-03 13:40
Severity ?
EPSS score ?
Summary
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:40:06.144Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/650" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/issues/649" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/616" }, { "name": "[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html" }, { "name": "DSA-5266", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5266" }, { "name": "GLSA-202210-38", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-38" }, { "name": "FEDORA-2022-ae2559a8f4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/" }, { "name": "FEDORA-2022-3cf0e7ebc7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/" }, { "name": "FEDORA-2022-f3a939e960", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/" }, { "name": "FEDORA-2022-5f1e2e9016", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/" }, { "name": "FEDORA-2022-49db80f821", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/" }, { "name": "FEDORA-2022-c43235716e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221118-0007/" }, { "name": "[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/28/5" }, { "name": "[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/01/03/5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-03T12:06:22.913559", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/libexpat/libexpat/pull/650" }, { "url": "https://github.com/libexpat/libexpat/issues/649" }, { "url": "https://github.com/libexpat/libexpat/pull/616" }, { "name": "[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html" }, { "name": "DSA-5266", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5266" }, { "name": "GLSA-202210-38", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-38" }, { "name": "FEDORA-2022-ae2559a8f4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/" }, { "name": "FEDORA-2022-3cf0e7ebc7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/" }, { "name": "FEDORA-2022-f3a939e960", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/" }, { "name": "FEDORA-2022-5f1e2e9016", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/" }, { "name": "FEDORA-2022-49db80f821", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/" }, { "name": "FEDORA-2022-c43235716e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/" }, { "url": "https://security.netapp.com/advisory/ntap-20221118-0007/" }, { "name": "[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/28/5" }, { "name": "[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/01/03/5" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-43680", "datePublished": "2022-10-24T00:00:00", "dateReserved": "2022-10-24T00:00:00", "dateUpdated": "2024-08-03T13:40:06.144Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-23382
Vulnerability from cvelistv5
Published
2021-04-26 15:30
Modified
2024-09-16 23:26
Severity ?
EPSS score ?
Summary
The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern \/\*\s* sourceMappingURL=(.*).
References
▼ | URL | Tags |
---|---|---|
https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640 | x_refsource_MISC | |
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641 | x_refsource_MISC | |
https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:05:56.024Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "postcss", "vendor": "n/a", "versions": [ { "lessThan": "8.2.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Yeting Li" } ], "datePublic": "2021-04-26T00:00:00", "descriptions": [ { "lang": "en", "value": "The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern \\/\\*\\s* sourceMappingURL=(.*)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-26T15:30:26", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956" } ], "title": "Regular Expression Denial of Service (ReDoS)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2021-04-26T15:23:19.916713Z", "ID": "CVE-2021-23382", "STATE": "PUBLIC", "TITLE": "Regular Expression Denial of Service (ReDoS)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "postcss", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.13" } ] } } ] }, "vendor_name": "n/a" } ] } }, "credit": [ { "lang": "eng", "value": "Yeting Li" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern \\/\\*\\s* sourceMappingURL=(.*)." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)" } ] } ] }, "references": { "reference_data": [ { "name": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" }, { "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641" }, { "name": "https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956", "refsource": "MISC", "url": "https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2021-23382", "datePublished": "2021-04-26T15:30:26.301297Z", "dateReserved": "2021-01-08T00:00:00", "dateUpdated": "2024-09-16T23:26:53.744Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-8286
Vulnerability from cvelistv5
Published
2020-12-14 19:39
Modified
2024-11-15 15:30
Severity ?
EPSS score ?
Summary
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: 7.41.0 to and including 7.73.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:56:28.324Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1048457" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2020-8286.html" }, { "name": "FEDORA-2020-ceaf490686", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "name": "20210427 APPLE-SA-2021-04-26-2 macOS Big Sur 11.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/Apr/50" }, { "name": "20210427 APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2021/Apr/54" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212325" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212326" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT212327" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2020-8286", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-15T15:29:39.778689Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-15T15:30:03.757Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "7.41.0 to and including 7.73.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-295", "description": "Improper Certificate Validation (CWE-295)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:23:30", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1048457" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2020-8286.html" }, { "name": "FEDORA-2020-ceaf490686", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "name": "20210427 APPLE-SA-2021-04-26-2 macOS Big Sur 11.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2021/Apr/50" }, { "name": "20210427 APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2021/Apr/54" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212325" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212326" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT212327" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8286", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "7.41.0 to and including 7.73.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Improper Certificate Validation (CWE-295)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1048457", "refsource": "MISC", "url": "https://hackerone.com/reports/1048457" }, { "name": "https://curl.se/docs/CVE-2020-8286.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2020-8286.html" }, { "name": "FEDORA-2020-ceaf490686", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/" }, { "name": "[debian-lts-announce] 20201219 [SECURITY] [DLA 2500-1] curl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html" }, { "name": "FEDORA-2020-7ab62c73bc", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/" }, { "name": "GLSA-202012-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202012-14" }, { "name": "DSA-4881", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Apr/51" }, { "name": "20210427 APPLE-SA-2021-04-26-2 macOS Big Sur 11.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Apr/50" }, { "name": "20210427 APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Apr/54" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210122-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210122-0007/" }, { "name": "https://support.apple.com/kb/HT212325", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212325" }, { "name": "https://support.apple.com/kb/HT212326", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212326" }, { "name": "https://support.apple.com/kb/HT212327", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212327" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8286", "datePublished": "2020-12-14T19:39:28", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2024-11-15T15:30:03.757Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-31129
Vulnerability from cvelistv5
Published
2022-07-06 00:00
Modified
2024-08-03 07:11
Severity ?
EPSS score ?
Summary
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:11:39.222Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" }, { "tags": [ "x_transferred" ], "url": "https://github.com/moment/moment/pull/6015#issuecomment-1152961973" }, { "tags": [ "x_transferred" ], "url": "https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3" }, { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/" }, { "name": "FEDORA-2022-85aa8e5706", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/" }, { "name": "FEDORA-2022-35b698150c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/" }, { "name": "FEDORA-2022-b9ef7c3c3c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/" }, { "name": "FEDORA-2022-798fd95813", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221014-0003/" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "moment", "vendor": "moment", "versions": [ { "status": "affected", "version": " \u003e= 2.18.0, \u003c 2.29.4" } ] } ], "descriptions": [ { "lang": "en", "value": "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-31T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" }, { "url": "https://github.com/moment/moment/pull/6015#issuecomment-1152961973" }, { "url": "https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3" }, { "url": "https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/" }, { "name": "FEDORA-2022-85aa8e5706", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/" }, { "name": "FEDORA-2022-35b698150c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/" }, { "name": "FEDORA-2022-b9ef7c3c3c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/" }, { "name": "FEDORA-2022-798fd95813", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/" }, { "url": "https://security.netapp.com/advisory/ntap-20221014-0003/" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html" } ], "source": { "advisory": "GHSA-wc69-rhjr-hc9g", "discovery": "UNKNOWN" }, "title": "Inefficient Regular Expression Complexity in moment" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-31129", "datePublished": "2022-07-06T00:00:00", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2024-08-03T07:11:39.222Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3520
Vulnerability from cvelistv5
Published
2021-06-02 12:32
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1954559 | x_refsource_MISC | |
https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpuoct2021.html | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20211104-0005/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:01:07.870Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211104-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "lz4", "vendor": "n/a", "versions": [ { "status": "affected", "version": "lz4-1.8.3" } ] } ], "descriptions": [ { "lang": "en", "value": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190-\u003eCWE-787", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:56:39", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20211104-0005/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-3520", "datePublished": "2021-06-02T12:32:32", "dateReserved": "2021-04-28T00:00:00", "dateUpdated": "2024-08-03T17:01:07.870Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-31566
Vulnerability from cvelistv5
Published
2022-08-23 00:00
Modified
2024-08-03 23:03
Severity ?
EPSS score ?
Summary
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | libarchive |
Version: Fixed in libarchive 3.5.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:03:33.486Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/libarchive/libarchive/issues/1566" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libarchive/libarchive/commit/b41daecb5ccb4c8e3b2c53fd6147109fc12c3043" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024237" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2021-31566" }, { "name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3202-1] libarchive security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00030.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libarchive", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in libarchive 3.5.2" } ] } ], "descriptions": [ { "lang": "en", "value": "An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59 - Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-22T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://github.com/libarchive/libarchive/issues/1566" }, { "url": "https://github.com/libarchive/libarchive/commit/b41daecb5ccb4c8e3b2c53fd6147109fc12c3043" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024237" }, { "url": "https://access.redhat.com/security/cve/CVE-2021-31566" }, { "name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3202-1] libarchive security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00030.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-31566", "datePublished": "2022-08-23T00:00:00", "dateReserved": "2021-12-16T00:00:00", "dateUpdated": "2024-08-03T23:03:33.486Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32206
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.021Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1570651" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20230215 curl: CVE-2023-23916: HTTP multi-header compression denial of service", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/02/15/3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.84.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling (CWE-770)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-15T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1570651" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20230215 curl: CVE-2023-23916: HTTP multi-header compression denial of service", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/02/15/3" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32206", "datePublished": "2022-07-07T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.021Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-27533
Vulnerability from cvelistv5
Published
2023-03-30 00:00
Modified
2024-08-02 12:16
Severity ?
EPSS score ?
Summary
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:16:35.624Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1891474" }, { "name": "FEDORA-2023-7e7414e64d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230420-0011/" }, { "name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.0.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in input validation exists in curl \u003c8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and \"telnet options\" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application\u0027s intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-75", "description": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:42.278011", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1891474" }, { "name": "FEDORA-2023-7e7414e64d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0011/" }, { "name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-27533", "datePublished": "2023-03-30T00:00:00", "dateReserved": "2023-03-02T00:00:00", "dateUpdated": "2024-08-02T12:16:35.624Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0286
Vulnerability from cvelistv5
Published
2023-02-08 19:01
Modified
2024-08-02 05:02
Severity ?
EPSS score ?
Summary
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but
the public structure definition for GENERAL_NAME incorrectly specified the type
of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by
the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an
ASN1_STRING.
When CRL checking is enabled (i.e. the application sets the
X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass
arbitrary pointers to a memcmp call, enabling them to read memory contents or
enact a denial of service. In most cases, the attack requires the attacker to
provide both the certificate chain and CRL, neither of which need to have a
valid signature. If the attacker only controls one of these inputs, the other
input must already contain an X.400 address as a CRL distribution point, which
is uncommon. As such, this vulnerability is most likely to only affect
applications which have implemented their own functionality for retrieving CRLs
over a network.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:02:44.187Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "name": "3.0.8 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658" }, { "name": "1.1.1t git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9" }, { "name": "1.0.2zg patch (premium)", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d" }, { "tags": [ "x_transferred" ], "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig" }, { "tags": [ "x_transferred" ], "url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-08" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "lessThan": "3.0.8", "status": "affected", "version": "3.0.0", "versionType": "semver" }, { "lessThan": "1.1.1t", "status": "affected", "version": "1.1.1", "versionType": "custom" }, { "lessThan": "1.0.2zg", "status": "affected", "version": "1.0.2", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "David Benjamin (Google)" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": "Hugo Landau" } ], "datePublic": "2023-02-07T00:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "There is a type confusion vulnerability relating to X.400 address processing\u003cbr\u003einside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but\u003cbr\u003ethe public structure definition for GENERAL_NAME incorrectly specified the type\u003cbr\u003eof the x400Address field as ASN1_TYPE. This field is subsequently interpreted by\u003cbr\u003ethe OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an\u003cbr\u003eASN1_STRING.\u003cbr\u003e\u003cbr\u003eWhen CRL checking is enabled (i.e. the application sets the\u003cbr\u003eX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass\u003cbr\u003earbitrary pointers to a memcmp call, enabling them to read memory contents or\u003cbr\u003eenact a denial of service. In most cases, the attack requires the attacker to\u003cbr\u003eprovide both the certificate chain and CRL, neither of which need to have a\u003cbr\u003evalid signature. If the attacker only controls one of these inputs, the other\u003cbr\u003einput must already contain an X.400 address as a CRL distribution point, which\u003cbr\u003eis uncommon. As such, this vulnerability is most likely to only affect\u003cbr\u003eapplications which have implemented their own functionality for retrieving CRLs\u003cbr\u003eover a network.\u003cbr\u003e\u003cbr\u003e" } ], "value": "There is a type confusion vulnerability relating to X.400 address processing\ninside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but\nthe public structure definition for GENERAL_NAME incorrectly specified the type\nof the x400Address field as ASN1_TYPE. This field is subsequently interpreted by\nthe OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an\nASN1_STRING.\n\nWhen CRL checking is enabled (i.e. the application sets the\nX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass\narbitrary pointers to a memcmp call, enabling them to read memory contents or\nenact a denial of service. In most cases, the attack requires the attacker to\nprovide both the certificate chain and CRL, neither of which need to have a\nvalid signature. If the attacker only controls one of these inputs, the other\ninput must already contain an X.400 address as a CRL distribution point, which\nis uncommon. As such, this vulnerability is most likely to only affect\napplications which have implemented their own functionality for retrieving CRLs\nover a network.\n\n" } ], "metrics": [ { "format": "other", "other": { "content": { "text": "High" }, "type": "https://www.openssl.org/policies/secpolicy.html" } } ], "problemTypes": [ { "descriptions": [ { "description": " type confusion vulnerability", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-27T18:25:32.958867Z", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "name": "3.0.8 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2f7530077e0ef79d98718138716bc51ca0cad658" }, { "name": "1.1.1t git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9" }, { "name": "1.0.2zg patch (premium)", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fd2af07dc083a350c959147097003a14a5e8ac4d" }, { "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/018_x509.patch.sig" }, { "url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt" }, { "url": "https://security.gentoo.org/glsa/202402-08" } ], "source": { "discovery": "UNKNOWN" }, "title": "X.400 address type confusion in X.509 GeneralName", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2023-0286", "datePublished": "2023-02-08T19:01:50.514Z", "dateReserved": "2023-01-13T10:40:41.259Z", "dateUpdated": "2024-08-02T05:02:44.187Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-23368
Vulnerability from cvelistv5
Published
2021-04-12 13:50
Modified
2024-09-16 17:27
Severity ?
EPSS score ?
Summary
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:05:55.799Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] henningn opened a new pull request #774: build(postcss): update dependency to fix CVE-2021-23368", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1%40%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] henningn merged pull request #774: build(postcss): update dependency to fix CVE-2021-23368", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33%40%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #775: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be%40%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-commits] 20210421 [myfaces-tobago] branch master updated: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013%40%3Ccommits.myfaces.apache.org%3E" }, { "name": "[myfaces-commits] 20210421 [myfaces-tobago] branch master updated: build(postcss): update dependency to fix CVE-2021-23368", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb%40%3Ccommits.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] lofwyr14 merged pull request #775: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab%40%3Cdev.myfaces.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "postcss", "vendor": "n/a", "versions": [ { "lessThan": "unspecified", "status": "affected", "version": "7.0.0", "versionType": "custom" }, { "lessThan": "8.2.10", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Yeting Li" } ], "datePublic": "2021-04-12T00:00:00", "descriptions": [ { "lang": "en", "value": "The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-21T10:06:19", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] henningn opened a new pull request #774: build(postcss): update dependency to fix CVE-2021-23368", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1%40%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] henningn merged pull request #774: build(postcss): update dependency to fix CVE-2021-23368", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33%40%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #775: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be%40%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-commits] 20210421 [myfaces-tobago] branch master updated: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013%40%3Ccommits.myfaces.apache.org%3E" }, { "name": "[myfaces-commits] 20210421 [myfaces-tobago] branch master updated: build(postcss): update dependency to fix CVE-2021-23368", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb%40%3Ccommits.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] lofwyr14 merged pull request #775: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab%40%3Cdev.myfaces.apache.org%3E" } ], "title": "Regular Expression Denial of Service (ReDoS)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2021-04-12T13:48:15.877501Z", "ID": "CVE-2021-23368", "STATE": "PUBLIC", "TITLE": "Regular Expression Denial of Service (ReDoS)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "postcss", "version": { "version_data": [ { "version_affected": "\u003e=", "version_value": "7.0.0" }, { "version_affected": "\u003c", "version_value": "8.2.10" } ] } } ] }, "vendor_name": "n/a" } ] } }, "credit": [ { "lang": "eng", "value": "Yeting Li" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)" } ] } ] }, "references": { "reference_data": [ { "name": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595" }, { "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795" }, { "name": "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5", "refsource": "MISC", "url": "https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5" }, { "name": "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4", "refsource": "MISC", "url": "https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] henningn opened a new pull request #774: build(postcss): update dependency to fix CVE-2021-23368", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1@%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] henningn merged pull request #774: build(postcss): update dependency to fix CVE-2021-23368", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33@%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #775: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be@%3Cdev.myfaces.apache.org%3E" }, { "name": "[myfaces-commits] 20210421 [myfaces-tobago] branch master updated: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013@%3Ccommits.myfaces.apache.org%3E" }, { "name": "[myfaces-commits] 20210421 [myfaces-tobago] branch master updated: build(postcss): update dependency to fix CVE-2021-23368", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb@%3Ccommits.myfaces.apache.org%3E" }, { "name": "[myfaces-dev] 20210421 [GitHub] [myfaces-tobago] lofwyr14 merged pull request #775: Updating lib, to avoid CVE problem CVE-2021-23368 with postcss", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab@%3Cdev.myfaces.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2021-23368", "datePublished": "2021-04-12T13:50:14.764222Z", "dateReserved": "2021-01-08T00:00:00", "dateUpdated": "2024-09-16T17:27:47.659Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30629
Vulnerability from cvelistv5
Published
2022-08-09 20:17
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/tls |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:13.230Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/405994" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/52814" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0531" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/tls", "product": "crypto/tls", "programRoutines": [ { "name": "serverHandshakeStateTLS13.sendSessionTickets" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.11", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.3", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Github user @nervuri" } ], "descriptions": [ { "lang": "en", "value": "Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-200: Information Exposure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:50.302Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/405994" }, { "url": "https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5" }, { "url": "https://go.dev/issue/52814" }, { "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0531" } ], "title": "Session tickets lack random ticket_age_add in crypto/tls" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30629", "datePublished": "2022-08-09T20:17:31", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:13.230Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-43565
Vulnerability from cvelistv5
Published
2022-09-06 17:03
Modified
2024-08-04 04:03
Severity ?
EPSS score ?
Summary
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
References
▼ | URL | Tags |
---|---|---|
https://groups.google.com/forum/#%21forum/golang-announce | x_refsource_MISC | |
https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:03:07.828Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/forum/#%21forum/golang-announce" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-06T17:03:42", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/forum/#%21forum/golang-announce" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-43565", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/forum/#!forum/golang-announce", "refsource": "MISC", "url": "https://groups.google.com/forum/#!forum/golang-announce" }, { "name": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", "refsource": "CONFIRM", "url": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-43565", "datePublished": "2022-09-06T17:03:42", "dateReserved": "2021-11-09T00:00:00", "dateUpdated": "2024-08-04T04:03:07.828Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24921
Vulnerability from cvelistv5
Published
2022-03-05 00:00
Modified
2024-08-03 04:29
Severity ?
EPSS score ?
Summary
regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:29:01.519Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220325-0010/" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" }, { "name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-19T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk" }, { "url": "https://security.netapp.com/advisory/ntap-20220325-0010/" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html" }, { "name": "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" }, { "name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-24921", "datePublished": "2022-03-05T00:00:00", "dateReserved": "2022-02-10T00:00:00", "dateUpdated": "2024-08-03T04:29:01.519Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30635
Vulnerability from cvelistv5
Published
2022-08-09 20:16
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | encoding/gob |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:13.235Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/417064" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/6fa37e98ea4382bf881428ee0c150ce591500eb7" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53615" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0526" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "encoding/gob", "product": "encoding/gob", "programRoutines": [ { "name": "Decoder.decIgnoreOpFor" }, { "name": "Decoder.compileIgnoreSingle" }, { "name": "Decoder.compileDec" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-674: Uncontrolled Recursion", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:46.476Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/417064" }, { "url": "https://go.googlesource.com/go/+/6fa37e98ea4382bf881428ee0c150ce591500eb7" }, { "url": "https://go.dev/issue/53615" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0526" } ], "title": "Stack exhaustion when decoding certain messages in encoding/gob" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30635", "datePublished": "2022-08-09T20:16:05", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:13.235Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24675
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:20:49.135Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "FEDORA-2022-a49babed75", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/" }, { "name": "FEDORA-2022-c0f780ecf1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/" }, { "name": "FEDORA-2022-e46e6e8317", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0010/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-14T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/g/golang-announce" }, { "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "FEDORA-2022-a49babed75", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/" }, { "name": "FEDORA-2022-c0f780ecf1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/" }, { "name": "FEDORA-2022-e46e6e8317", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0010/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-24675", "datePublished": "2022-04-20T00:00:00", "dateReserved": "2022-02-08T00:00:00", "dateUpdated": "2024-08-03T04:20:49.135Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32205
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.071Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1569946" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.84.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling (CWE-770)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1569946" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32205", "datePublished": "2022-07-07T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.071Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-8177
Vulnerability from cvelistv5
Published
2020-12-14 19:42
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/887462 | x_refsource_MISC | |
https://curl.se/docs/CVE-2020-8177.html | x_refsource_MISC | |
https://www.debian.org/security/2021/dsa-4881 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.20.0 to and including 7.70.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:56:26.901Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/887462" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2020-8177.html" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.20.0 to and including 7.70.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-99", "description": "Resource Injection (CWE-99)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-08T14:06:43", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/887462" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2020-8177.html" }, { "name": "DSA-4881", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4881" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8177", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "curl 7.20.0 to and including 7.70.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Resource Injection (CWE-99)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/887462", "refsource": "MISC", "url": "https://hackerone.com/reports/887462" }, { "name": "https://curl.se/docs/CVE-2020-8177.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2020-8177.html" }, { "name": "DSA-4881", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4881" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8177", "datePublished": "2020-12-14T19:42:16", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2024-08-04T09:56:26.901Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37599
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:21.031Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L38" }, { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L83" }, { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/issues/211" }, { "tags": [ "x_transferred" ], "url": "https://github.com/webpack/loader-utils/issues/216" }, { "name": "FEDORA-2024-5ecc250449", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/" }, { "name": "FEDORA-2024-28fc0c2ef4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-28T02:06:10.213450", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L38" }, { "url": "https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/interpolateName.js#L83" }, { "url": "https://github.com/webpack/loader-utils/issues/211" }, { "url": "https://github.com/webpack/loader-utils/issues/216" }, { "name": "FEDORA-2024-5ecc250449", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PVVPNSAGSDS63HQ74PJ7MZ3MU5IYNVZ/" }, { "name": "FEDORA-2024-28fc0c2ef4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3HUE6ZR5SL73KHL7XUPAOEL6SB7HUDT2/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37599", "datePublished": "2022-10-11T00:00:00", "dateReserved": "2022-08-08T00:00:00", "dateUpdated": "2024-08-03T10:29:21.031Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22924
Vulnerability from cvelistv5
Published
2021-08-05 20:16
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.10.4 to and include curl 7.77.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:25.955Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1223565" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.10.4 to and include curl 7.77.0" } ] } ], "descriptions": [ { "lang": "en", "value": "libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can setto qualify how to verify the server certificate." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "Improper Input Validation (CWE-20)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-29T00:06:17", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1223565" }, { "name": "FEDORA-2021-5d21b90a30", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2021-22924", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "curl 7.10.4 to and include curl 7.77.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can setto qualify how to verify the server certificate." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Improper Input Validation (CWE-20)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1223565", "refsource": "MISC", "url": "https://hackerone.com/reports/1223565" }, { "name": "FEDORA-2021-5d21b90a30", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/" }, { "name": "[debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html" }, { "name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E" }, { "name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210902-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210902-0003/" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf" }, { "name": "DSA-5197", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22924", "datePublished": "2021-08-05T20:16:56", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:25.955Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4304
Vulnerability from cvelistv5
Published
2023-02-08 19:04
Modified
2024-08-03 01:34
Severity ?
EPSS score ?
Summary
A timing based side channel exists in the OpenSSL RSA Decryption implementation
which could be sufficient to recover a plaintext across a network in a
Bleichenbacher style attack. To achieve a successful decryption an attacker
would have to be able to send a very large number of trial messages for
decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,
RSA-OEAP and RSASVE.
For example, in a TLS connection, RSA is commonly used by a client to send an
encrypted pre-master secret to the server. An attacker that had observed a
genuine connection between a client and a server could use this flaw to send
trial messages to the server and record the time taken to process them. After a
sufficiently large number of messages the attacker could recover the pre-master
secret used for the original connection and thus be able to decrypt the
application data sent over that connection.
References
▼ | URL | Tags |
---|---|---|
https://www.openssl.org/news/secadv/20230207.txt | vendor-advisory | |
https://security.gentoo.org/glsa/202402-08 |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:34:50.158Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-08" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "lessThan": "3.0.8", "status": "affected", "version": "3.0.0", "versionType": "semver" }, { "lessThan": "1.1.1t", "status": "affected", "version": "1.1.1", "versionType": "custom" }, { "lessThan": "1.0.2zg", "status": "affected", "version": "1.0.2", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Hubert Kario from RedHat" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": "Dmitry Belyavsky from RedHat" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": " Hubert Kario from RedHat" } ], "datePublic": "2023-02-07T00:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A timing based side channel exists in the OpenSSL RSA Decryption implementation\u003cbr\u003ewhich could be sufficient to recover a plaintext across a network in a\u003cbr\u003eBleichenbacher style attack. To achieve a successful decryption an attacker\u003cbr\u003ewould have to be able to send a very large number of trial messages for\u003cbr\u003edecryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,\u003cbr\u003eRSA-OEAP and RSASVE.\u003cbr\u003e\u003cbr\u003eFor example, in a TLS connection, RSA is commonly used by a client to send an\u003cbr\u003eencrypted pre-master secret to the server. An attacker that had observed a\u003cbr\u003egenuine connection between a client and a server could use this flaw to send\u003cbr\u003etrial messages to the server and record the time taken to process them. After a\u003cbr\u003esufficiently large number of messages the attacker could recover the pre-master\u003cbr\u003esecret used for the original connection and thus be able to decrypt the\u003cbr\u003eapplication data sent over that connection.\u003cbr\u003e\u003cbr\u003e" } ], "value": "A timing based side channel exists in the OpenSSL RSA Decryption implementation\nwhich could be sufficient to recover a plaintext across a network in a\nBleichenbacher style attack. To achieve a successful decryption an attacker\nwould have to be able to send a very large number of trial messages for\ndecryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,\nRSA-OEAP and RSASVE.\n\nFor example, in a TLS connection, RSA is commonly used by a client to send an\nencrypted pre-master secret to the server. An attacker that had observed a\ngenuine connection between a client and a server could use this flaw to send\ntrial messages to the server and record the time taken to process them. After a\nsufficiently large number of messages the attacker could recover the pre-master\nsecret used for the original connection and thus be able to decrypt the\napplication data sent over that connection.\n\n" } ], "metrics": [ { "format": "other", "other": { "content": { "text": "MODERATE" }, "type": "https://www.openssl.org/policies/secpolicy.html" } } ], "problemTypes": [ { "descriptions": [ { "description": "timing based side channel attack", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-08T19:04:28.890Z", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "url": "https://security.gentoo.org/glsa/202402-08" } ], "source": { "discovery": "UNKNOWN" }, "title": "Timing Oracle in RSA Decryption", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2022-4304", "datePublished": "2023-02-08T19:04:28.890Z", "dateReserved": "2022-12-06T10:38:40.463Z", "dateUpdated": "2024-08-03T01:34:50.158Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27775
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: curl 7.65.0 to 7.82.0 are vulnerable |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:32:59.833Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1546268" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "curl 7.65.0 to 7.82.0 are vulnerable" } ] } ], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-19T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1546268" }, { "url": "https://security.netapp.com/advisory/ntap-20220609-0008/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-27775", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-03T05:32:59.833Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30632
Vulnerability from cvelistv5
Published
2022-08-09 20:15
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | path/filepath |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:13.251Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/417066" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/ac68c6c683409f98250d34ad282b9e1b0c9095ef" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53416" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0522" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "path/filepath", "product": "path/filepath", "programRoutines": [ { "name": "Glob" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Juho Nurminen of Mattermost" } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-674: Uncontrolled Recursion", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:36.688Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/417066" }, { "url": "https://go.googlesource.com/go/+/ac68c6c683409f98250d34ad282b9e1b0c9095ef" }, { "url": "https://go.dev/issue/53416" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0522" } ], "title": "Stack exhaustion on crafted paths in path/filepath" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30632", "datePublished": "2022-08-09T20:15:37", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:13.251Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-22890
Vulnerability from cvelistv5
Published
2021-04-01 17:46
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/1129529 | x_refsource_MISC | |
https://curl.se/docs/CVE-2021-22890.html | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/ | vendor-advisory, x_refsource_FEDORA | |
https://security.gentoo.org/glsa/202105-36 | vendor-advisory, x_refsource_GENTOO | |
https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20210521-0007/ | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: 7.63.0 to and including 7.75.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:58:25.687Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1129529" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://curl.se/docs/CVE-2021-22890.html" }, { "name": "FEDORA-2021-cab5c9befb", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "name": "FEDORA-2021-065371f385", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "name": "FEDORA-2021-26a293c72b", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "name": "GLSA-202105-36", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "7.63.0 to and including 7.75.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly \"short-cut\" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-300", "description": "Man-in-the-Middle (CWE-300)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-08T14:08:39", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1129529" }, { "tags": [ "x_refsource_MISC" ], "url": "https://curl.se/docs/CVE-2021-22890.html" }, { "name": "FEDORA-2021-cab5c9befb", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "name": "FEDORA-2021-065371f385", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "name": "FEDORA-2021-26a293c72b", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "name": "GLSA-202105-36", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202105-36" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2021-22890", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "https://github.com/curl/curl", "version": { "version_data": [ { "version_value": "7.63.0 to and including 7.75.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly \"short-cut\" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Man-in-the-Middle (CWE-300)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/1129529", "refsource": "MISC", "url": "https://hackerone.com/reports/1129529" }, { "name": "https://curl.se/docs/CVE-2021-22890.html", "refsource": "MISC", "url": "https://curl.se/docs/CVE-2021-22890.html" }, { "name": "FEDORA-2021-cab5c9befb", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/" }, { "name": "FEDORA-2021-065371f385", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/" }, { "name": "FEDORA-2021-26a293c72b", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/" }, { "name": "GLSA-202105-36", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202105-36" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20210521-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210521-0007/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22890", "datePublished": "2021-04-01T17:46:17", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:25.687Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-27535
Vulnerability from cvelistv5
Published
2023-03-30 00:00
Modified
2024-08-02 12:16
Severity ?
EPSS score ?
Summary
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:16:35.540Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1892780" }, { "name": "FEDORA-2023-7e7414e64d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.0.0" } ] } ], "descriptions": [ { "lang": "en", "value": "An authentication bypass vulnerability exists in libcurl \u003c8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-305", "description": "Authentication Bypass by Primary Weakness (CWE-305)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:20.841607", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1892780" }, { "name": "FEDORA-2023-7e7414e64d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" }, { "name": "[debian-lts-announce] 20230421 [SECURITY] [DLA 3398-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-27535", "datePublished": "2023-03-30T00:00:00", "dateReserved": "2023-03-02T00:00:00", "dateUpdated": "2024-08-02T12:16:35.540Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42915
Vulnerability from cvelistv5
Published
2022-10-29 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:19:05.396Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://curl.se/docs/CVE-2022-42915.html" }, { "name": "FEDORA-2022-01ffde372c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/" }, { "name": "FEDORA-2022-39688a779d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/" }, { "name": "FEDORA-2022-e9d65906c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221209-0010/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213604" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-24T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://curl.se/docs/CVE-2022-42915.html" }, { "name": "FEDORA-2022-01ffde372c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/" }, { "name": "FEDORA-2022-39688a779d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/" }, { "name": "FEDORA-2022-e9d65906c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/" }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0010/" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "url": "https://support.apple.com/kb/HT213604" }, { "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-42915", "datePublished": "2022-10-29T00:00:00", "dateReserved": "2022-10-13T00:00:00", "dateUpdated": "2024-08-03T13:19:05.396Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32189
Vulnerability from cvelistv5
Published
2022-08-09 20:17
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | math/big |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.026Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/417774" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/055113ef364337607e3e72ed7d48df67fde6fc66" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53871" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/YqYYG87xB10" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0537" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "math/big", "product": "math/big", "programRoutines": [ { "name": "Float.GobDecode" }, { "name": "Rat.GobDecode" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.13", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.5", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "@catenacyber" } ], "descriptions": [ { "lang": "en", "value": "A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE 400: Uncontrolled Resource Consumption", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:05:15.506Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/417774" }, { "url": "https://go.googlesource.com/go/+/055113ef364337607e3e72ed7d48df67fde6fc66" }, { "url": "https://go.dev/issue/53871" }, { "url": "https://groups.google.com/g/golang-announce/c/YqYYG87xB10" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0537" } ], "title": "Panic when decoding Float and Rat types in math/big" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-32189", "datePublished": "2022-08-09T20:17:59", "dateReserved": "2022-05-31T00:00:00", "dateUpdated": "2024-08-03T07:32:56.026Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-33503
Vulnerability from cvelistv5
Published
2021-06-29 10:55
Modified
2024-08-03 23:50
Severity ?
EPSS score ?
Summary
An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.
References
▼ | URL | Tags |
---|---|---|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/ | vendor-advisory, x_refsource_FEDORA | |
https://security.gentoo.org/glsa/202107-36 | vendor-advisory, x_refsource_GENTOO | |
https://www.oracle.com/security-alerts/cpuoct2021.html | x_refsource_MISC | |
https://github.com/advisories/GHSA-q2q7-5pp4-w6pg | x_refsource_CONFIRM | |
https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:50:42.973Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2021-a6bde7ab18", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/" }, { "name": "FEDORA-2021-9c5f3b8aae", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/" }, { "name": "GLSA-202107-36", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202107-36" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/advisories/GHSA-q2q7-5pp4-w6pg" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-10-20T10:42:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FEDORA-2021-a6bde7ab18", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/" }, { "name": "FEDORA-2021-9c5f3b8aae", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/" }, { "name": "GLSA-202107-36", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202107-36" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/advisories/GHSA-q2q7-5pp4-w6pg" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33503", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FEDORA-2021-a6bde7ab18", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/" }, { "name": "FEDORA-2021-9c5f3b8aae", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/" }, { "name": "GLSA-202107-36", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-36" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "https://github.com/advisories/GHSA-q2q7-5pp4-w6pg", "refsource": "CONFIRM", "url": "https://github.com/advisories/GHSA-q2q7-5pp4-w6pg" }, { "name": "https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec", "refsource": "CONFIRM", "url": "https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-33503", "datePublished": "2021-06-29T10:55:35", "dateReserved": "2021-05-21T00:00:00", "dateUpdated": "2024-08-03T23:50:42.973Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32221
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.86.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.010Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1704017" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213604" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "name": "DSA-5330", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5330" }, { "name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "name": "[oss-security] 20230517 curl: CVE-2023-28322: more POST-after-PUT confusion", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.86.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-17T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1704017" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "url": "https://support.apple.com/kb/HT213604" }, { "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "name": "DSA-5330", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5330" }, { "name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "name": "[oss-security] 20230517 curl: CVE-2023-28322: more POST-after-PUT confusion", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32221", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.010Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30580
Vulnerability from cvelistv5
Published
2022-08-09 20:18
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | os/exec |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:12.971Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/403759" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/960ffa98ce73ef2c2060c84c7ac28d37a83f345e" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/52574" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0532" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "os/exec", "platforms": [ "windows" ], "product": "os/exec", "programRoutines": [ { "name": "Cmd.Start" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.11", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.3", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Chris Darroch (chrisd8088@github.com)" }, { "lang": "en", "value": "brian m. carlson (bk2204@github.com)" }, { "lang": "en", "value": "Mikhail Shcherbakov (https://twitter.com/yu5k3)" } ], "descriptions": [ { "lang": "en", "value": "Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either \"..com\" or \"..exe\" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:12:35.518Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/403759" }, { "url": "https://go.googlesource.com/go/+/960ffa98ce73ef2c2060c84c7ac28d37a83f345e" }, { "url": "https://go.dev/issue/52574" }, { "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0532" } ], "title": "Empty Cmd.Path can trigger unintended binary in os/exec on Windows" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30580", "datePublished": "2022-08-09T20:18:04", "dateReserved": "2022-05-11T00:00:00", "dateUpdated": "2024-08-03T06:56:12.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-28131
Vulnerability from cvelistv5
Published
2022-08-09 00:00
Modified
2024-08-03 05:48
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | encoding/xml |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:48:36.830Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/417062" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/08c46ed43d80bbb67cb904944ea3417989be4af3" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/53614" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0521" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "encoding/xml", "product": "encoding/xml", "programRoutines": [ { "name": "Decoder.Skip" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.4", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Go Security Team" }, { "lang": "en", "value": "Juho Nurminen of Mattermost" } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-674: Uncontrolled Recursion", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:35.004Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/417062" }, { "url": "https://go.googlesource.com/go/+/08c46ed43d80bbb67cb904944ea3417989be4af3" }, { "url": "https://go.dev/issue/53614" }, { "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0521" } ], "title": "Stack exhaustion from deeply nested XML documents in encoding/xml" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-28131", "datePublished": "2022-08-09T00:00:00", "dateReserved": "2022-03-29T00:00:00", "dateUpdated": "2024-08-03T05:48:36.830Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-33502
Vulnerability from cvelistv5
Published
2021-05-24 15:42
Modified
2024-08-03 23:50
Severity ?
EPSS score ?
Summary
The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.
References
▼ | URL | Tags |
---|---|---|
https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1 | x_refsource_CONFIRM | |
https://security.netapp.com/advisory/ntap-20210706-0001/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:50:43.171Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210706-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-06T07:06:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210706-0001/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33502", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1", "refsource": "CONFIRM", "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "name": "https://security.netapp.com/advisory/ntap-20210706-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210706-0001/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-33502", "datePublished": "2021-05-24T15:42:34", "dateReserved": "2021-05-21T00:00:00", "dateUpdated": "2024-08-03T23:50:43.171Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-8203
Vulnerability from cvelistv5
Published
2020-07-15 16:10
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
References
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/712065 | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpuApr2021.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20200724-0006/ | x_refsource_CONFIRM | |
https://github.com/lodash/lodash/issues/4874 | x_refsource_MISC | |
https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpuoct2021.html | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T09:56:28.214Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/712065" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20200724-0006/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/lodash/lodash/issues/4874" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "lodash", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Not Fixed" } ] } ], "descriptions": [ { "lang": "en", "value": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling (CWE-770)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:23:22", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/712065" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20200724-0006/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/lodash/lodash/issues/4874" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8203", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "lodash", "version": { "version_data": [ { "version_value": "Not Fixed" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Allocation of Resources Without Limits or Throttling (CWE-770)" } ] } ] }, "references": { "reference_data": [ { "name": "https://hackerone.com/reports/712065", "refsource": "MISC", "url": "https://hackerone.com/reports/712065" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://security.netapp.com/advisory/ntap-20200724-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20200724-0006/" }, { "name": "https://github.com/lodash/lodash/issues/4874", "refsource": "MISC", "url": "https://github.com/lodash/lodash/issues/4874" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8203", "datePublished": "2020-07-15T16:10:27", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2024-08-04T09:56:28.214Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24999
Vulnerability from cvelistv5
Published
2022-11-26 00:00
Modified
2024-08-03 04:29
Severity ?
EPSS score ?
Summary
qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: qs@6.9.7" in its release description, is not vulnerable).
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:29:01.569Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ljharb/qs/pull/428" }, { "tags": [ "x_transferred" ], "url": "https://github.com/n8tz/CVE-2022-24999" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3299-1] node-qs security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230908-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has \"deps: qs@6.9.7\" in its release description, is not vulnerable)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-08T16:06:42.462757", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "url": "https://github.com/ljharb/qs/pull/428" }, { "url": "https://github.com/n8tz/CVE-2022-24999" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3299-1] node-qs security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html" }, { "url": "https://security.netapp.com/advisory/ntap-20230908-0005/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-24999", "datePublished": "2022-11-26T00:00:00", "dateReserved": "2022-02-14T00:00:00", "dateUpdated": "2024-08-03T04:29:01.569Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-43551
Vulnerability from cvelistv5
Published
2022-12-23 00:00
Modified
2024-08-03 13:32
Severity ?
EPSS score ?
Summary
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in curl 7.87.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:32:59.718Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1755083" }, { "name": "FEDORA-2022-d7ee33d4ad", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in curl 7.87.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability exists in curl \u003c7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "Cleartext Transmission of Sensitive Information (CWE-319)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-26T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1755083" }, { "name": "FEDORA-2022-d7ee33d4ad", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" }, { "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-43551", "datePublished": "2022-12-23T00:00:00", "dateReserved": "2022-10-20T00:00:00", "dateUpdated": "2024-08-03T13:32:59.718Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-23914
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-08-02 10:42
Severity ?
EPSS score ?
Summary
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.88.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T10:42:27.094Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1813864" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.88.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "Cleartext Transmission of Sensitive Information (CWE-319)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:32.942653", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1813864" }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-23914", "datePublished": "2023-02-23T00:00:00", "dateReserved": "2023-01-19T00:00:00", "dateUpdated": "2024-08-02T10:42:27.094Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27292
Vulnerability from cvelistv5
Published
2021-03-17 12:34
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time.
References
▼ | URL | Tags |
---|---|---|
https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14 | x_refsource_MISC | |
https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76 | x_refsource_MISC | |
https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:48:16.474Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "ua-parser-js \u003e= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-03-18T15:55:13", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14" }, { "tags": [ "x_refsource_MISC" ], "url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-27292", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ua-parser-js \u003e= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14", "refsource": "MISC", "url": "https://github.com/pygments/pygments/commit/2e7e8c4a7b318f4032493773732754e418279a14" }, { "name": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76", "refsource": "MISC", "url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76" }, { "name": "https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566", "refsource": "MISC", "url": "https://github.com/faisalman/ua-parser-js/commit/809439e20e273ce0d25c1d04e111dcf6011eb566" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-27292", "datePublished": "2021-03-17T12:34:48", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2024-08-03T20:48:16.474Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.