Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2023-1755
Vulnerability from csaf_certbund
Published
2023-07-16 22:00
Modified
2023-07-16 22:00
Summary
IBM InfoSphere Information Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1755 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1755.json" }, { "category": "self", "summary": "WID-SEC-2023-1755 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1755" }, { "category": "external", "summary": "IBM Security Bulletin: 7007051 vom 2023-07-16", "url": "https://www.ibm.com/support/pages/node/7007051" }, { "category": "external", "summary": "IBM Security Bulletin: 6988683 vom 2023-07-16", "url": "https://www.ibm.com/support/pages/node/6988683" }, { "category": "external", "summary": "IBM Security Bulletin: 6988679 vom 2023-07-16", "url": "https://www.ibm.com/support/pages/node/6988679" }, { "category": "external", "summary": "IBM Security Bulletin: 6988677 vom 2023-07-16", "url": "https://www.ibm.com/support/pages/node/6988677" } ], "source_lang": "en-US", "title": "IBM InfoSphere Information Server: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-07-16T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:36:38.833+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1755", "initial_release_date": "2023-07-16T22:00:00.000+00:00", "revision_history": [ { "date": "2023-07-16T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM InfoSphere Information Server 11.7", "product": { "name": "IBM InfoSphere Information Server 11.7", "product_id": "444803", "product_identification_helper": { "cpe": "cpe:/a:ibm:infosphere_information_server:11.7" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-2861", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2023-2861" }, { "cve": "CVE-2023-20861", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2023-20861" }, { "cve": "CVE-2023-20860", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2023-20860" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2023-1370" }, { "cve": "CVE-2023-1108", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2023-1108" }, { "cve": "CVE-2022-4492", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-4492" }, { "cve": "CVE-2022-41854", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-41854" }, { "cve": "CVE-2022-38752", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-38752" }, { "cve": "CVE-2022-38751", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-38751" }, { "cve": "CVE-2022-38750", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-38750" }, { "cve": "CVE-2022-38749", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-38749" }, { "cve": "CVE-2022-25857", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-25857" }, { "cve": "CVE-2022-1471", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-1471" }, { "cve": "CVE-2022-1259", "notes": [ { "category": "description", "text": "In IBM InfoSphere Information Server existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten \"SnakeYAML\", \"netplex json-smart-v2\", \"VMware Tanzu Spring Framework\" sowie \"undertow\" zur\u00fcckzuf\u00fchren. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand zu verursachen." } ], "product_status": { "known_affected": [ "444803" ] }, "release_date": "2023-07-16T22:00:00Z", "title": "CVE-2022-1259" } ] }
cve-2023-20861
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-08-02 09:21
Severity ?
EPSS score ?
Summary
In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Spring Framework |
Version: Spring Framework (6.0.0 to 6.0.6, 5.3.0 to 5.3.25, 5.2.0.RELEASE to 5.2.22.RELEASE, Older unsupported versions are also affected) |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:21:32.428Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://spring.io/security/cve-2023-20861" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230420-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Spring Framework", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Spring Framework (6.0.0 to 6.0.6, 5.3.0 to 5.3.25, 5.2.0.RELEASE to 5.2.22.RELEASE, Older unsupported versions are also affected)" } ] } ], "descriptions": [ { "lang": "en", "value": "In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial-of-service vulnerability", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-20T00:00:00", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware" }, "references": [ { "url": "https://spring.io/security/cve-2023-20861" }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0007/" } ] } }, "cveMetadata": { "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2023-20861", "datePublished": "2023-03-23T00:00:00", "dateReserved": "2022-11-01T00:00:00", "dateUpdated": "2024-08-02T09:21:32.428Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-25857
Vulnerability from cvelistv5
Published
2022-08-30 05:05
Modified
2024-09-16 21:57
Severity ?
EPSS score ?
Summary
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | org.yaml:snakeyaml |
Version: 0 < unspecified Version: unspecified < 1.31 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:49:44.292Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360" }, { "tags": [ "x_transferred" ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174" }, { "tags": [ "x_transferred" ], "url": "https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174" }, { "tags": [ "x_transferred" ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240315-0010/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "org.yaml:snakeyaml", "vendor": "n/a", "versions": [ { "lessThan": "unspecified", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "1.31", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "unknown" } ], "datePublic": "2022-08-30T00:00:00", "descriptions": [ { "lang": "en", "value": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service (DoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-15T11:06:01.014562", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360" }, { "url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174" }, { "url": "https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174" }, { "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html" }, { "url": "https://security.netapp.com/advisory/ntap-20240315-0010/" } ], "title": "Denial of Service (DoS)" } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2022-25857", "datePublished": "2022-08-30T05:05:11.588462Z", "dateReserved": "2022-02-24T00:00:00", "dateUpdated": "2024-09-16T21:57:41.551Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1471
Vulnerability from cvelistv5
Published
2022-12-01 10:47
Modified
2024-09-17 13:52
Severity ?
EPSS score ?
Summary
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:03:06.269Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" }, { "tags": [ "x_transferred" ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479" }, { "tags": [ "x_transferred" ], "url": "https://github.com/mbechler/marshalsec" }, { "tags": [ "x_transferred" ], "url": "https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230818-0015/" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/11/19/1" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-1471", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-07T18:13:22.155371Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T13:52:47.976Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "SnakeYAML", "vendor": "SnakeYAML", "versions": [ { "lessThanOrEqual": "2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSnakeYaml\u0027s Constructor() class does not restrict types which can be instantiated during deserialization.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDeserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml\u0027s SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e" } ], "value": "SnakeYaml\u0027s Constructor() class does not restrict types which can be instantiated during deserialization.\u00a0Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml\u0027s SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\n" } ], "impacts": [ { "capecId": "CAPEC-253", "descriptions": [ { "lang": "en", "value": "CAPEC-253 Remote Code Inclusion" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T16:48:44.288Z", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" }, { "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479" }, { "url": "https://github.com/mbechler/marshalsec" }, { "url": "https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true" }, { "url": "https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc" }, { "url": "https://security.netapp.com/advisory/ntap-20230818-0015/" }, { "url": "http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html" }, { "url": "http://www.openwall.com/lists/oss-security/2023/11/19/1" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "source": { "discovery": "UNKNOWN" }, "title": "Remote Code execution in SnakeYAML", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2022-1471", "datePublished": "2022-12-01T10:47:07.203Z", "dateReserved": "2022-04-26T08:32:53.188Z", "dateUpdated": "2024-09-17T13:52:47.976Z", "requesterUserId": "ed9b5bb2-2df1-4aa3-9791-5fb260d88e62", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38750
Vulnerability from cvelistv5
Published
2022-09-05 00:00
Modified
2024-11-20 14:57
Severity ?
EPSS score ?
Summary
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T11:02:14.509Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47027" }, { "tags": [ "x_transferred" ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/526/stackoverflow-oss-fuzz-47027" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html" }, { "name": "GLSA-202305-28", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-28" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240315-0010/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-38750", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-15T18:43:03.519813Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-20T14:57:41.651Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "SnakeYAML", "vendor": "snakeyaml", "versions": [ { "lessThan": "1.31", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-15T11:06:04.718916", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47027" }, { "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/526/stackoverflow-oss-fuzz-47027" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html" }, { "name": "GLSA-202305-28", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-28" }, { "url": "https://security.netapp.com/advisory/ntap-20240315-0010/" } ], "source": { "discovery": "INTERNAL" }, "title": "DoS in SnakeYAML", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2022-38750", "datePublished": "2022-09-05T00:00:00", "dateReserved": "2022-08-25T00:00:00", "dateUpdated": "2024-11-20T14:57:41.651Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38749
Vulnerability from cvelistv5
Published
2022-09-05 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T11:02:14.586Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47024" }, { "tags": [ "x_transferred" ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror-for-many-open" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html" }, { "name": "GLSA-202305-28", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-28" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240315-0010/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SnakeYAML", "vendor": "snakeyaml", "versions": [ { "lessThan": "1.31", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-15T11:05:59.112402", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47024" }, { "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror-for-many-open" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html" }, { "name": "GLSA-202305-28", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-28" }, { "url": "https://security.netapp.com/advisory/ntap-20240315-0010/" } ], "source": { "discovery": "INTERNAL" }, "title": "DoS in SnakeYAML", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2022-38749", "datePublished": "2022-09-05T00:00:00", "dateReserved": "2022-08-25T00:00:00", "dateUpdated": "2024-08-03T11:02:14.586Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4492
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-08-03 01:41
Severity ?
EPSS score ?
Summary
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:41:45.097Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2022-4492" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230324-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "undertow", "vendor": "n/a", "versions": [ { "status": "affected", "version": "2.7" } ] } ], "descriptions": [ { "lang": "en", "value": "The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol." } ], "problemTypes": [ { "descriptions": [ { "description": "ssrf", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-24T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-4492" }, { "url": "https://security.netapp.com/advisory/ntap-20230324-0002/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-4492", "datePublished": "2023-02-23T00:00:00", "dateReserved": "2022-12-14T00:00:00", "dateUpdated": "2024-08-03T01:41:45.097Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1108
Vulnerability from cvelistv5
Published
2023-09-14 14:48
Modified
2024-08-02 05:32
Severity ?
EPSS score ?
Summary
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-1108", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-08T18:37:50.625681Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-08T18:38:02.186Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T05:32:46.370Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:1184", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:1184" }, { "name": "RHSA-2023:1185", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:1185" }, { "name": "RHSA-2023:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:1512" }, { "name": "RHSA-2023:1513", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:1513" }, { "name": "RHSA-2023:1514", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:1514" }, { "name": "RHSA-2023:1516", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:1516" }, { "name": "RHSA-2023:2135", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:2135" }, { "name": "RHSA-2023:3883", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:3883" }, { "name": "RHSA-2023:3884", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:3884" }, { "name": "RHSA-2023:3885", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:3885" }, { "name": "RHSA-2023:3888", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:3888" }, { "name": "RHSA-2023:3892", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:3892" }, { "name": "RHSA-2023:3954", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:3954" }, { "name": "RHSA-2023:4612", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:4612" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-1108" }, { "name": "RHBZ#2174246", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246" }, { "tags": [ "x_transferred" ], "url": "https://github.com/advisories/GHSA-m4mm-pg93-fv78" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231020-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://github.com/undertow-io/undertow", "packageName": "io.undertow:undertow-core", "versions": [ { "status": "unaffected", "version": "2.3.5" }, { "status": "unaffected", "version": "2.2.24" } ] }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" ], "defaultStatus": "unaffected", "product": "EAP 7.4.10 release", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jboss_fuse:7" ], "defaultStatus": "unaffected", "packageName": "undertow", "product": "Red Hat Fuse 7.12", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" ], "defaultStatus": "unaffected", "packageName": "undertow", "product": "Red Hat JBoss Enterprise Application Platform 7.1.0", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-undertow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.22-1.SP3_redhat_00002.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-wildfly", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:7.4.9-6.GA_redhat_00004.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-undertow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.23-1.SP2_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-undertow-jastow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.14-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-undertow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.22-1.SP3_redhat_00002.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-wildfly", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:7.4.9-6.GA_redhat_00004.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-undertow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.23-1.SP2_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-undertow-jastow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.14-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-undertow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.22-1.SP3_redhat_00002.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-wildfly", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:7.4.9-6.GA_redhat_00004.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-undertow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.23-1.SP2_redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-undertow-jastow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.14-1.Final_redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7.6.4" ], "defaultStatus": "unaffected", "packageName": "undertow", "product": "Red Hat Single Sign-On 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7" ], "defaultStatus": "affected", "packageName": "rh-sso7-keycloak", "product": "Red Hat Single Sign-On 7.6 for RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:18.0.8-1.redhat_00001.1.el7sso", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8" ], "defaultStatus": "affected", "packageName": "rh-sso7-keycloak", "product": "Red Hat Single Sign-On 7.6 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:18.0.8-1.redhat_00001.1.el8sso", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9" ], "defaultStatus": "affected", "packageName": "rh-sso7-keycloak", "product": "Red Hat Single Sign-On 7.6 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:18.0.8-1.redhat_00001.1.el9sso", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:openshift_application_runtimes:1.0" ], "defaultStatus": "unaffected", "packageName": "undertow", "product": "Red Hat support for Spring Boot 2.7.13", "vendor": "Red Hat" }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:rhosemc:1.0::el8" ], "defaultStatus": "affected", "packageName": "rh-sso-7/sso76-openshift-rhel8", "product": "RHEL-8 based Middleware Containers", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "7.6-24", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13" ], "defaultStatus": "unaffected", "packageName": "undertow", "product": "RHPAM 7.13.1 async", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:quarkus:2" ], "defaultStatus": "unaffected", "packageName": "io.quarkus/quarkus-undertow", "product": "Red Hat build of Quarkus", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_data_grid:8" ], "defaultStatus": "unaffected", "packageName": "undertow", "product": "Red Hat Data Grid 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:integration:1" ], "defaultStatus": "affected", "packageName": "undertow", "product": "Red Hat Integration Camel K", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:camel_quarkus:2" ], "defaultStatus": "unaffected", "packageName": "undertow", "product": "Red Hat Integration Camel Quarkus", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:service_registry:2" ], "defaultStatus": "affected", "packageName": "undertow", "product": "Red Hat Integration Service Registry", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jboss_data_grid:7" ], "defaultStatus": "unknown", "packageName": "undertow", "product": "Red Hat JBoss Data Grid 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jbosseapxp" ], "defaultStatus": "affected", "packageName": "undertow", "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jboss_fuse:6" ], "defaultStatus": "unknown", "packageName": "undertow", "product": "Red Hat JBoss Fuse 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:openstack:13" ], "defaultStatus": "affected", "packageName": "undertow", "product": "Red Hat OpenStack Platform 13 (Queens)", "vendor": "Red Hat" } ], "datePublic": "2023-03-07T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-835", "description": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-03T15:32:32.904Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:1184", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:1184" }, { "name": "RHSA-2023:1185", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:1185" }, { "name": "RHSA-2023:1512", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:1512" }, { "name": "RHSA-2023:1513", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:1513" }, { "name": "RHSA-2023:1514", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:1514" }, { "name": "RHSA-2023:1516", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:1516" }, { "name": "RHSA-2023:2135", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:2135" }, { "name": "RHSA-2023:3883", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:3883" }, { "name": "RHSA-2023:3884", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:3884" }, { "name": "RHSA-2023:3885", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:3885" }, { "name": "RHSA-2023:3888", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:3888" }, { "name": "RHSA-2023:3892", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:3892" }, { "name": "RHSA-2023:3954", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:3954" }, { "name": "RHSA-2023:4612", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:4612" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-1108" }, { "name": "RHBZ#2174246", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246" }, { "url": "https://github.com/advisories/GHSA-m4mm-pg93-fv78" }, { "url": "https://security.netapp.com/advisory/ntap-20231020-0002/" } ], "timeline": [ { "lang": "en", "time": "2023-02-07T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-03-07T00:00:00+00:00", "value": "Made public." } ], "title": "Undertow: infinite loop in sslconduit during close", "x_redhatCweChain": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-1108", "datePublished": "2023-09-14T14:48:58.869Z", "dateReserved": "2023-03-01T00:27:23.587Z", "dateUpdated": "2024-08-02T05:32:46.370Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1370
Vulnerability from cvelistv5
Published
2023-03-13 09:04
Modified
2024-08-02 05:49
Severity ?
EPSS score ?
Summary
[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.
When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively.
It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | json-smart | json-smart |
Version: 0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:49:10.250Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://mvnrepository.com", "packageName": "net.minidev:json-smart", "product": "json-smart", "vendor": "json-smart", "versions": [ { "lessThan": "2.4.9", "status": "affected", "version": "0", "versionType": "maven" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003e[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\u003c/p\u003e\u003cp\u003eWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\u003c/p\u003e\u003cp\u003eIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.\u003c/p\u003e" } ], "value": "[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\n\nWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\n\nIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-22T05:04:36.365Z", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON" } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2023-1370", "datePublished": "2023-03-13T09:04:36.365Z", "dateReserved": "2023-03-13T08:35:00.695Z", "dateUpdated": "2024-08-02T05:49:10.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20860
Vulnerability from cvelistv5
Published
2023-03-27 00:00
Modified
2024-08-02 09:21
Severity ?
EPSS score ?
Summary
Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Spring Framework |
Version: Spring Framework (versions 6.0.0 to 6.0.6 and 5.3.0 to 5.3.25) |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:21:32.430Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://spring.io/security/cve-2023-20860" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230505-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Spring Framework", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Spring Framework (versions 6.0.0 to 6.0.6 and 5.3.0 to 5.3.25)" } ] } ], "descriptions": [ { "lang": "en", "value": "Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using \"**\" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass." } ], "problemTypes": [ { "descriptions": [ { "description": "Potential for security bypass with Spring mvcRequestMatcher configuration", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-05T00:00:00", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware" }, "references": [ { "url": "https://spring.io/security/cve-2023-20860" }, { "url": "https://security.netapp.com/advisory/ntap-20230505-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2023-20860", "datePublished": "2023-03-27T00:00:00", "dateReserved": "2022-11-01T00:00:00", "dateUpdated": "2024-08-02T09:21:32.430Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2861
Vulnerability from cvelistv5
Published
2023-12-06 06:19
Modified
2024-08-02 06:33
Severity ?
EPSS score ?
Summary
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/security/cve/CVE-2023-2861 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2219266 | issue-tracking, x_refsource_REDHAT | |
https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html | ||
https://security.netapp.com/advisory/ntap-20240125-0005/ | ||
https://security.netapp.com/advisory/ntap-20240229-0002/ |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:qemu:qemu:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qemu", "vendor": "qemu", "versions": [ { "lessThanOrEqual": "8.1.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-2861", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-01-24T16:40:48.930612Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:16:52.155Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T06:33:05.791Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-2861" }, { "name": "RHBZ#2219266", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219266" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240125-0005/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240229-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://gitlab.com/qemu-project/qemu", "defaultStatus": "affected", "packageName": "qemu", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8.1.0-rc0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Red Hat would like to thank Jietao Xiao, Jinku Li, Wenbo Shen, and Yanwu Shen for reporting this issue." } ], "datePublic": "2023-06-07T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Low" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-19T13:40:08.248Z", "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-2861" }, { "name": "RHBZ#2219266", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219266" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html" }, { "url": "https://security.netapp.com/advisory/ntap-20240125-0005/" }, { "url": "https://security.netapp.com/advisory/ntap-20240229-0002/" } ], "timeline": [ { "lang": "en", "time": "2023-05-16T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-06-07T00:00:00+00:00", "value": "Made public." } ], "title": "Qemu: 9pfs: improper access control on special files", "x_redhatCweChain": "CWE-284: Improper Access Control" } }, "cveMetadata": { "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "assignerShortName": "fedora", "cveId": "CVE-2023-2861", "datePublished": "2023-12-06T06:19:40.625Z", "dateReserved": "2023-05-24T07:54:12.009Z", "dateUpdated": "2024-08-02T06:33:05.791Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1259
Vulnerability from cvelistv5
Published
2022-08-31 00:00
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:55:24.711Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2022-1259" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221014-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "undertow", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 2.3.0.Final, 2.2.17.SP1, 2.2.20.Final, 2.2.19.SP1." } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 - Uncontrolled Resource Consumption.", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-14T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339" }, { "url": "https://access.redhat.com/security/cve/CVE-2022-1259" }, { "url": "https://security.netapp.com/advisory/ntap-20221014-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1259", "datePublished": "2022-08-31T00:00:00", "dateReserved": "2022-04-06T00:00:00", "dateUpdated": "2024-08-02T23:55:24.711Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38751
Vulnerability from cvelistv5
Published
2022-09-05 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T11:02:14.576Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039" }, { "tags": [ "x_transferred" ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz-47039" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html" }, { "name": "GLSA-202305-28", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-28" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240315-0010/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SnakeYAML", "vendor": "snakeyaml", "versions": [ { "lessThan": "1.31", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-15T11:06:02.859568", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039" }, { "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz-47039" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html" }, { "name": "GLSA-202305-28", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-28" }, { "url": "https://security.netapp.com/advisory/ntap-20240315-0010/" } ], "source": { "discovery": "INTERNAL" }, "title": "DoS in SnakeYAML", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2022-38751", "datePublished": "2022-09-05T00:00:00", "dateReserved": "2022-08-25T00:00:00", "dateUpdated": "2024-08-03T11:02:14.576Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41854
Vulnerability from cvelistv5
Published
2022-11-11 13:10
Modified
2024-09-16 16:24
Severity ?
EPSS score ?
Summary
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:56:38.200Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355" }, { "name": "FEDORA-2022-c01dd659fa", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MKE4XWRXTH32757H7QJU4ACS67DYDCR/" }, { "name": "FEDORA-2022-8a4e8aa190", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSPAJ5Y45A4ZDION2KN5RDWLHK4XKY2J/" }, { "name": "FEDORA-2023-27ec59a486", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DDXEXXWAZGF5AVHIPGFPXIWL6TSMKJE/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240315-0009/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SnakeYaml", "vendor": "SnakeYaml", "versions": [ { "lessThan": "1.32", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2022-09-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:06:02.723948", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355" }, { "name": "FEDORA-2022-c01dd659fa", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MKE4XWRXTH32757H7QJU4ACS67DYDCR/" }, { "name": "FEDORA-2022-8a4e8aa190", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSPAJ5Y45A4ZDION2KN5RDWLHK4XKY2J/" }, { "name": "FEDORA-2023-27ec59a486", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DDXEXXWAZGF5AVHIPGFPXIWL6TSMKJE/" }, { "url": "https://security.netapp.com/advisory/ntap-20240315-0009/" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "source": { "discovery": "INTERNAL" }, "title": "Stack Overflow in Snakeyaml", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2022-41854", "datePublished": "2022-11-11T13:10:10.912038Z", "dateReserved": "2022-09-30T00:00:00", "dateUpdated": "2024-09-16T16:24:11.627Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38752
Vulnerability from cvelistv5
Published
2022-09-05 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:snakeyaml_project:snakeyaml:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "snakeyaml", "vendor": "snakeyaml_project", "versions": [ { "lessThan": "1.32", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2022-38752", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-22T14:02:33.055634Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-22T14:03:52.086Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T11:02:14.529Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081" }, { "tags": [ "x_transferred" ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081" }, { "name": "GLSA-202305-28", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-28" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240315-0009/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SnakeYAML", "vendor": "snakeyaml", "versions": [ { "lessThanOrEqual": "1.31", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-15T11:06:17.930113", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081" }, { "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081" }, { "name": "GLSA-202305-28", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-28" }, { "url": "https://security.netapp.com/advisory/ntap-20240315-0009/" } ], "source": { "discovery": "INTERNAL" }, "title": "DoS in SnakeYAML", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2022-38752", "datePublished": "2022-09-05T00:00:00", "dateReserved": "2022-08-25T00:00:00", "dateUpdated": "2024-08-03T11:02:14.529Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.