Vulnerability-Lookup

WID-SEC-W-2023-2853

Vulnerability from csaf_certbund - Published: 2023-11-07 23:00 - Updated: 2025-12-29 23:00

Summary

Red Hat Enterprise Linux: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen oder beliebigen Code auszuführen.

Betroffene Betriebssysteme: - Linux

CVE-2021-32142

CVE-2021-43618

CVE-2022-23527

CVE-2022-40898

CVE-2022-48468

CVE-2023-1672

CVE-2023-1786

CVE-2023-22745

CVE-2023-26767

CVE-2023-26768

CVE-2023-26769

CVE-2023-28100

CVE-2023-28101

CVE-2023-28370

CVE-2023-28625

CVE-2023-29499

CVE-2023-31486

CVE-2023-32611

CVE-2023-32665

CVE-2023-33204

CVE-2023-33460

CVE-2023-38710

CVE-2023-38711

CVE-2023-38712

CVE-2023-4016

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://access.redhat.com/errata/RHSA-2023:6343	external
	https://access.redhat.com/errata/RHSA-2023:6365	external
	https://access.redhat.com/errata/RHSA-2023:6371	external
	https://access.redhat.com/errata/RHSA-2023:6385	external
	https://access.redhat.com/errata/RHSA-2023:6492	external
	https://access.redhat.com/errata/RHSA-2023:6518	external
	https://access.redhat.com/errata/RHSA-2023:6523	external
	https://access.redhat.com/errata/RHSA-2023:6549	external
	https://access.redhat.com/errata/RHSA-2023:6542	external
	https://access.redhat.com/errata/RHSA-2023:6551	external
	https://access.redhat.com/errata/RHSA-2023:6566	external
	https://access.redhat.com/errata/RHSA-2023:6569	external
	https://access.redhat.com/errata/RHSA-2023:6621	external
	https://access.redhat.com/errata/RHSA-2023:6631	external
	https://access.redhat.com/errata/RHSA-2023:6661	external
	https://access.redhat.com/errata/RHSA-2023:6685	external
	https://access.redhat.com/errata/RHSA-2023:6705	external
	https://access.redhat.com/errata/RHSA-2023:6712	external
	https://access.redhat.com/errata/RHSA-2023:7038	external
	https://access.redhat.com/errata/RHSA-2023:7187	external
	https://access.redhat.com/errata/RHSA-2023:6943	external
	https://access.redhat.com/errata/RHSA-2023:7052	external
	https://access.redhat.com/errata/RHSA-2023:6940	external
	https://access.redhat.com/errata/RHSA-2023:7057	external
	https://access.redhat.com/errata/RHSA-2023:6944	external
	https://access.redhat.com/errata/RHSA-2023:7010	external
	https://access.redhat.com/errata/RHSA-2023:7174	external
	https://access.redhat.com/errata/RHSA-2023:7022	external
	https://access.redhat.com/errata/RHSA-2023:7166	external
	https://linux.oracle.com/errata/ELSA-2023-6712.html	external
	https://linux.oracle.com/errata/ELSA-2023-6940.html	external
	https://security.gentoo.org/glsa/202311-18	external
	https://alas.aws.amazon.com/AL2/ALAS-2023-2362.html	external
	https://access.redhat.com/errata/RHSA-2023:7741	external
	https://access.redhat.com/errata/RHSA-2023:7820	external
	https://linux.oracle.com/errata/ELSA-2024-0343.html	external
	https://access.redhat.com/errata/RHSA-2024:0343	external
	https://access.redhat.com/errata/RHSA-2024:0406	external
	https://access.redhat.com/errata/RHSA-2024:0422	external
	https://lists.centos.org/pipermail/centos-announc…	external
	https://access.redhat.com/errata/RHSA-2024:0579	external
	https://www.meinberg.de/german/news/meinberg-secu…	external
	https://access.redhat.com/errata/RHSA-2024:1102	external
	https://access.redhat.com/errata/RHSA-2024:1412	external
	http://linux.oracle.com/errata/ELSA-2024-2033.html	external
	https://access.redhat.com/errata/RHSA-2024:2063	external
	https://access.redhat.com/errata/RHSA-2024:2092	external
	https://access.redhat.com/errata/RHSA-2024:2093	external
	https://access.redhat.com/errata/RHSA-2024:2580	external
	https://access.redhat.com/errata/RHSA-2024:2994	external
	https://access.redhat.com/errata/RHSA-2024:3214	external
	https://linux.oracle.com/errata/ELSA-2024-2994.html	external
	https://ubuntu.com/security/notices/USN-6796-1	external
	https://access.redhat.com/errata/RHSA-2024:3812	external
	https://access.redhat.com/errata/RHSA-2024:4408	external
	https://access.redhat.com/errata/RHSA-2024:4430	external
	https://access.redhat.com/errata/RHSA-2024:4631	external
	https://access.redhat.com/errata/RHSA-2024:4739	external
	https://security.gentoo.org/glsa/202408-33	external
	https://security.gentoo.org/glsa/202409-18	external
	https://access.redhat.com/errata/RHSA-2024:10761	external
	https://access.redhat.com/errata/RHSA-2025:0309	external
	https://access.redhat.com/errata/RHSA-2025:1013	external
	https://ubuntu.com/security/notices/USN-7266-1	external
	https://lists.opensuse.org/archives/list/security…	external
	https://lists.debian.org/debian-lts-announce/2025…	external
	https://lists.suse.com/pipermail/sle-security-upd…	external
	https://lists.opensuse.org/archives/list/security…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen oder beliebigen Code auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2853 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2853.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2853 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2853"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6343"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6365"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6371"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6385"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6492"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6518"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6523"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6549"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6542"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6551"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6566"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6569"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6621"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6631"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6661"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6685"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6705"
      },
      {
        "category": "external",
        "summary": "RedHatSecurity Advisory vom 2023-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2023:6712"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7038 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7038"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7187 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7187"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:6943 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:6943"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7052 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7052"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:6940 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:6940"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7057 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7057"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:6944 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:6944"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7010 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7010"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7174 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7174"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7022 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7022"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7166 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7166"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-6712 vom 2023-11-16",
        "url": "https://linux.oracle.com/errata/ELSA-2023-6712.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-6940 vom 2023-11-21",
        "url": "https://linux.oracle.com/errata/ELSA-2023-6940.html"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202311-18 vom 2023-11-27",
        "url": "https://security.gentoo.org/glsa/202311-18"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2023-2362 vom 2023-12-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2362.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7741 vom 2023-12-12",
        "url": "https://access.redhat.com/errata/RHSA-2023:7741"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7820 vom 2023-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:7820"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-0343 vom 2024-01-24",
        "url": "https://linux.oracle.com/errata/ELSA-2024-0343.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0343 vom 2024-01-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:0343"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0406 vom 2024-01-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:0406"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0422 vom 2024-01-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:0422"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2024:0343 vom 2024-01-26",
        "url": "https://lists.centos.org/pipermail/centos-announce/2024-January/099213.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0579 vom 2024-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:0579"
      },
      {
        "category": "external",
        "summary": "Meinberg Security Advisory",
        "url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2024-01-lantime-firmware-v7-08-007.htm"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1102 vom 2024-03-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:1102"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1412 vom 2024-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:1412"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-2033 vom 2024-04-25",
        "url": "http://linux.oracle.com/errata/ELSA-2024-2033.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2063 vom 2024-04-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:2063"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2092 vom 2024-05-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:2092"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2093 vom 2024-05-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:2093"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2580 vom 2024-04-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:2580"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2994 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2994"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3214 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3214"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-2994 vom 2024-05-28",
        "url": "https://linux.oracle.com/errata/ELSA-2024-2994.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-6796-1 vom 2024-05-29",
        "url": "https://ubuntu.com/security/notices/USN-6796-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3812 vom 2024-06-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:3812"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4408 vom 2024-07-09",
        "url": "https://access.redhat.com/errata/RHSA-2024:4408"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4430 vom 2024-07-09",
        "url": "https://access.redhat.com/errata/RHSA-2024:4430"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:4631"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4739 vom 2024-07-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:4739"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202408-33 vom 2024-08-12",
        "url": "https://security.gentoo.org/glsa/202408-33"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202409-18 vom 2024-09-22",
        "url": "https://security.gentoo.org/glsa/202409-18"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10761 vom 2024-12-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:10761"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0309 vom 2025-01-14",
        "url": "https://access.redhat.com/errata/RHSA-2025:0309"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1013 vom 2025-02-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:1013"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7266-1 vom 2025-02-13",
        "url": "https://ubuntu.com/security/notices/USN-7266-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0741-1 vom 2025-02-28",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/UWWCXAWW252IRDVZWN2IV6HUZ37SPATI/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4336 vom 2025-10-17",
        "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00017.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:4532-1 vom 2025-12-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023659.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:4532-1 vom 2025-12-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BBKJJQYVUC6MKZNDXGZERGROZTUYLEKW/"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-12-29T23:00:00.000+00:00",
      "generator": {
        "date": "2025-12-30T09:05:17.209+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2023-2853",
      "initial_release_date": "2023-11-07T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-11-07T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-11-14T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-11-15T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-11-21T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-11-27T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2023-12-04T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2023-12-12T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-12-13T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-01-23T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-01-25T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-01-28T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von CentOS aufgenommen"
        },
        {
          "date": "2024-01-30T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-05T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-24T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-04-25T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-01T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-09T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-18T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-23T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-11T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-09-22T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-12-03T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-01-13T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-04T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-12T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-03-02T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-10-19T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-12-29T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "33"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.08.007",
                "product": {
                  "name": "Meinberg LANTIME \u003c7.08.007",
                  "product_id": "T032435"
                }
              },
              {
                "category": "product_version",
                "name": "7.08.007",
                "product": {
                  "name": "Meinberg LANTIME 7.08.007",
                  "product_id": "T032435-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:meinberg:lantime:7.08.007"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "LANTIME"
          }
        ],
        "category": "vendor",
        "name": "Meinberg"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7",
                "product": {
                  "name": "Red Hat Enterprise Linux 7",
                  "product_id": "T030979",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8",
                "product": {
                  "name": "Red Hat Enterprise Linux 8",
                  "product_id": "T030980",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9",
                "product": {
                  "name": "Red Hat Enterprise Linux 9",
                  "product_id": "T030981",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Data Foundation \u003c4.12.10",
                "product": {
                  "name": "Red Hat OpenShift Data Foundation \u003c4.12.10",
                  "product_id": "T031698"
                }
              },
              {
                "category": "product_version",
                "name": "Data Foundation 4.12.10",
                "product": {
                  "name": "Red Hat OpenShift Data Foundation 4.12.10",
                  "product_id": "T031698-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:data_foundation__4.12.10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-32142",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2021-32142"
    },
    {
      "cve": "CVE-2021-43618",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2021-43618"
    },
    {
      "cve": "CVE-2022-23527",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-23527"
    },
    {
      "cve": "CVE-2022-40898",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-40898"
    },
    {
      "cve": "CVE-2022-48468",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-48468"
    },
    {
      "cve": "CVE-2023-1672",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-1672"
    },
    {
      "cve": "CVE-2023-1786",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-1786"
    },
    {
      "cve": "CVE-2023-22745",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-22745"
    },
    {
      "cve": "CVE-2023-26767",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-26767"
    },
    {
      "cve": "CVE-2023-26768",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-26768"
    },
    {
      "cve": "CVE-2023-26769",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-26769"
    },
    {
      "cve": "CVE-2023-28100",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-28100"
    },
    {
      "cve": "CVE-2023-28101",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-28101"
    },
    {
      "cve": "CVE-2023-28370",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-28370"
    },
    {
      "cve": "CVE-2023-28625",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-28625"
    },
    {
      "cve": "CVE-2023-29499",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-29499"
    },
    {
      "cve": "CVE-2023-31486",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-31486"
    },
    {
      "cve": "CVE-2023-32611",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-32611"
    },
    {
      "cve": "CVE-2023-32665",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-32665"
    },
    {
      "cve": "CVE-2023-33204",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-33204"
    },
    {
      "cve": "CVE-2023-33460",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-33460"
    },
    {
      "cve": "CVE-2023-38710",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38710"
    },
    {
      "cve": "CVE-2023-38711",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38711"
    },
    {
      "cve": "CVE-2023-38712",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38712"
    },
    {
      "cve": "CVE-2023-4016",
      "product_status": {
        "known_affected": [
          "T030981",
          "T030980",
          "T032435",
          "T031698",
          "67646",
          "T012167",
          "T004914",
          "2951",
          "T002207",
          "T000126",
          "398363",
          "T030979",
          "1727"
        ]
      },
      "release_date": "2023-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-4016"
    }
  ]
}

CVE-2021-32142 (GCVE-0-2021-32142)

Vulnerability from cvelistv5 – Published: 2023-02-17 00:00 – Updated: 2025-03-19 14:15

Summary

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/LibRaw/LibRaw/issues/400
	https://github.com/LibRaw/LibRaw/commit/bc3aaf422…
	https://github.com/gtt1995
	https://www.libraw.org/
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list
	https://www.debian.org/security/2023/dsa-5412	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:17:29.294Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/LibRaw/LibRaw/issues/400"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/gtt1995"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.libraw.org/"
          },
          {
            "name": "FEDORA-2023-220878f1bf",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7TEZ7CLRNYYQZJ5NJGZXK6YJU46WH2L/"
          },
          {
            "name": "FEDORA-2023-be842ba7fb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ICTVDRGBWGIFBTUWJLGX7QM5GWBWUG7/"
          },
          {
            "name": "[debian-lts-announce] 20230527 [SECURITY] [DLA 3433-1] libraw security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html"
          },
          {
            "name": "DSA-5412",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5412"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-32142",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-19T14:14:57.811217Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-19T14:15:03.957Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-28T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/LibRaw/LibRaw/issues/400"
        },
        {
          "url": "https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49"
        },
        {
          "url": "https://github.com/gtt1995"
        },
        {
          "url": "https://www.libraw.org/"
        },
        {
          "name": "FEDORA-2023-220878f1bf",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7TEZ7CLRNYYQZJ5NJGZXK6YJU46WH2L/"
        },
        {
          "name": "FEDORA-2023-be842ba7fb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ICTVDRGBWGIFBTUWJLGX7QM5GWBWUG7/"
        },
        {
          "name": "[debian-lts-announce] 20230527 [SECURITY] [DLA 3433-1] libraw security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html"
        },
        {
          "name": "DSA-5412",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5412"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-32142",
    "datePublished": "2023-02-17T00:00:00.000Z",
    "dateReserved": "2021-05-07T00:00:00.000Z",
    "dateUpdated": "2025-03-19T14:15:03.957Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-26767 (GCVE-0-2023-26767)

Vulnerability from cvelistv5 – Published: 2023-03-16 00:00 – Updated: 2025-02-26 16:32

Summary

Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/liblouis/liblouis/issues/1292
	https://github.com/liblouis/liblouis/pull/1297

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:53:54.423Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/liblouis/liblouis/issues/1292"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/liblouis/liblouis/pull/1297"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-26767",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T16:32:41.934067Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T16:32:53.428Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-16T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/liblouis/liblouis/issues/1292"
        },
        {
          "url": "https://github.com/liblouis/liblouis/pull/1297"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-26767",
    "datePublished": "2023-03-16T00:00:00.000Z",
    "dateReserved": "2023-02-27T00:00:00.000Z",
    "dateUpdated": "2025-02-26T16:32:53.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-48468 (GCVE-0-2022-48468)

Vulnerability from cvelistv5 – Published: 2023-04-13 00:00 – Updated: 2025-02-13 16:34

Summary

protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/protobuf-c/protobuf-c/issues/499
	https://github.com/protobuf-c/protobuf-c/pull/513
	https://github.com/protobuf-c/protobuf-c/commit/e…
	https://github.com/protobuf-c/protobuf-c/releases…
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.190Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/protobuf-c/protobuf-c/issues/499"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/protobuf-c/protobuf-c/pull/513"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/protobuf-c/protobuf-c/commit/ec3d900001a13ccdaa8aef996b34c61159c76217"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/protobuf-c/protobuf-c/releases/tag/v1.4.1"
          },
          {
            "name": "FEDORA-2023-4e094d5297",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI4JZSHJXW7WOOTAQSV5SUCC5GE2GC2B/"
          },
          {
            "name": "FEDORA-2023-6cfe134db6",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNUEZZEPR2F6M67ANXLOPJX6AQL3TK4P/"
          },
          {
            "name": "FEDORA-2023-8b0938312e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGLZZYPOLI733DPETL444E3GY5KSS6LG/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-48468",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T16:49:53.192391Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-07T16:50:47.918Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-29T04:06:14.418Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/protobuf-c/protobuf-c/issues/499"
        },
        {
          "url": "https://github.com/protobuf-c/protobuf-c/pull/513"
        },
        {
          "url": "https://github.com/protobuf-c/protobuf-c/commit/ec3d900001a13ccdaa8aef996b34c61159c76217"
        },
        {
          "url": "https://github.com/protobuf-c/protobuf-c/releases/tag/v1.4.1"
        },
        {
          "name": "FEDORA-2023-4e094d5297",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI4JZSHJXW7WOOTAQSV5SUCC5GE2GC2B/"
        },
        {
          "name": "FEDORA-2023-6cfe134db6",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNUEZZEPR2F6M67ANXLOPJX6AQL3TK4P/"
        },
        {
          "name": "FEDORA-2023-8b0938312e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGLZZYPOLI733DPETL444E3GY5KSS6LG/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-48468",
    "datePublished": "2023-04-13T00:00:00.000Z",
    "dateReserved": "2023-04-13T00:00:00.000Z",
    "dateUpdated": "2025-02-13T16:34:04.027Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-43618 (GCVE-0-2021-43618)

Vulnerability from cvelistv5 – Published: 2021-11-15 00:00 – Updated: 2024-08-04 04:03

Summary

GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://gmplib.org/list-archives/gmp-bugs/2021-Se…
	https://bugs.debian.org/994405
	https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
	https://lists.debian.org/debian-lts-announce/2021…	mailing-list
	http://www.openwall.com/lists/oss-security/2022/10/13/3	mailing-list
	http://seclists.org/fulldisclosure/2022/Oct/8	mailing-list
	https://security.netapp.com/advisory/ntap-2022111…
	https://security.gentoo.org/glsa/202309-13	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:03:08.577Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/994405"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e"
          },
          {
            "name": "[debian-lts-announce] 20211202 [SECURITY] [DLA 2837-1] gmp security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html"
          },
          {
            "name": "[oss-security] 20221013 Re: sagemath denial of service with abort() in gmp: overflow in mpz type",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/10/13/3"
          },
          {
            "name": "20221016 Re: over 2000 packages depend on abort()ing libgmp",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Oct/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221111-0001/"
          },
          {
            "name": "GLSA-202309-13",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202309-13"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-29T14:06:22.071Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html"
        },
        {
          "url": "https://bugs.debian.org/994405"
        },
        {
          "url": "https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e"
        },
        {
          "name": "[debian-lts-announce] 20211202 [SECURITY] [DLA 2837-1] gmp security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html"
        },
        {
          "name": "[oss-security] 20221013 Re: sagemath denial of service with abort() in gmp: overflow in mpz type",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/10/13/3"
        },
        {
          "name": "20221016 Re: over 2000 packages depend on abort()ing libgmp",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Oct/8"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20221111-0001/"
        },
        {
          "name": "GLSA-202309-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202309-13"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-43618",
    "datePublished": "2021-11-15T00:00:00.000Z",
    "dateReserved": "2021-11-15T00:00:00.000Z",
    "dateUpdated": "2024-08-04T04:03:08.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-31486 (GCVE-0-2023-31486)

Vulnerability from cvelistv5 – Published: 2023-04-28 00:00 – Updated: 2025-01-30 19:26

Summary

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://blog.hackeriet.no/perl-http-tiny-insecure…
	https://www.openwall.com/lists/oss-security/2023/…
	https://www.reddit.com/r/perl/comments/111tadi/ps…
	https://hackeriet.github.io/cpan-http-tiny-overview/
	http://www.openwall.com/lists/oss-security/2023/04/29/1	mailing-list
	http://www.openwall.com/lists/oss-security/2023/05/03/3	mailing-list
	http://www.openwall.com/lists/oss-security/2023/05/03/5	mailing-list
	https://www.openwall.com/lists/oss-security/2023/…
	http://www.openwall.com/lists/oss-security/2023/05/07/2	mailing-list
	https://github.com/chansen/p5-http-tiny/pull/153

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-29T12:04:38.466Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/04/18/14"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://hackeriet.github.io/cpan-http-tiny-overview/"
          },
          {
            "name": "[oss-security] 20230429 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/04/29/1"
          },
          {
            "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/05/03/3"
          },
          {
            "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/05/03/4"
          },
          {
            "name": "[oss-security] 20230507 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/chansen/p5-http-tiny/pull/153"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241129-0011/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-31486",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-30T19:18:03.667792Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-295",
                "description": "CWE-295 Improper Certificate Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-30T19:26:26.203Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-20T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/04/18/14"
        },
        {
          "url": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/"
        },
        {
          "url": "https://hackeriet.github.io/cpan-http-tiny-overview/"
        },
        {
          "name": "[oss-security] 20230429 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/04/29/1"
        },
        {
          "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/05/03/3"
        },
        {
          "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/05/03/4"
        },
        {
          "name": "[oss-security] 20230507 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2"
        },
        {
          "url": "https://github.com/chansen/p5-http-tiny/pull/153"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-31486",
    "datePublished": "2023-04-28T00:00:00.000Z",
    "dateReserved": "2023-04-28T00:00:00.000Z",
    "dateUpdated": "2025-01-30T19:26:26.203Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28101 (GCVE-0-2023-28101)

Vulnerability from cvelistv5 – Published: 2023-03-16 15:55 – Updated: 2025-02-25 14:55

Title

Flatpak metadata with ANSI control codes can cause misleading terminal output

Summary

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust.

Severity ?

5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-116 - Improper Encoding or Escaping of Output

Assigner

GitHub_M

References

URL

Tags

	https://github.com/flatpak/flatpak/security/advis…	x_refsource_CONFIRM
	https://github.com/flatpak/flatpak/commit/409e341…	x_refsource_MISC
	https://github.com/flatpak/flatpak/commit/6cac99d…	x_refsource_MISC
	https://github.com/flatpak/flatpak/commit/7fe63f2…	x_refsource_MISC
	https://security.gentoo.org/glsa/202312-12

Impacted products

	Vendor	Product	Version
	flatpak	flatpak	Affected: < 1.10.8 Affected: >= 1.12.0, < 1.12.8 Affected: >= 1.14.0, < 1.14.4 Affected: >= 1.15.0, < 1.15.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:30:24.112Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/flatpak/flatpak/security/advisories/GHSA-h43h-fwqx-mpp8",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/flatpak/flatpak/security/advisories/GHSA-h43h-fwqx-mpp8"
          },
          {
            "name": "https://github.com/flatpak/flatpak/commit/409e34187de2b2b2c4ef34c79f417be698830f6c",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/flatpak/flatpak/commit/409e34187de2b2b2c4ef34c79f417be698830f6c"
          },
          {
            "name": "https://github.com/flatpak/flatpak/commit/6cac99dafe6003c8a4bd5666341c217876536869",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/flatpak/flatpak/commit/6cac99dafe6003c8a4bd5666341c217876536869"
          },
          {
            "name": "https://github.com/flatpak/flatpak/commit/7fe63f2e8f1fd2dafc31d45154cf0b191ebec66c",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/flatpak/flatpak/commit/7fe63f2e8f1fd2dafc31d45154cf0b191ebec66c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202312-12"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28101",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T14:29:25.331087Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T14:55:35.911Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "flatpak",
          "vendor": "flatpak",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.10.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.12.0, \u003c 1.12.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.14.0, \u003c 1.14.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.15.0, \u003c 1.15.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4, if an attacker publishes a Flatpak app with elevated permissions, they can hide those permissions from users of the `flatpak(1)` command-line interface by setting other permissions to crafted values that contain non-printable control characters such as `ESC`. A fix is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, use a GUI like GNOME Software rather than the command-line interface, or only install apps whose maintainers you trust."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-116",
              "description": "CWE-116: Improper Encoding or Escaping of Output",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-23T10:06:26.709Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/flatpak/flatpak/security/advisories/GHSA-h43h-fwqx-mpp8",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/flatpak/flatpak/security/advisories/GHSA-h43h-fwqx-mpp8"
        },
        {
          "name": "https://github.com/flatpak/flatpak/commit/409e34187de2b2b2c4ef34c79f417be698830f6c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/flatpak/flatpak/commit/409e34187de2b2b2c4ef34c79f417be698830f6c"
        },
        {
          "name": "https://github.com/flatpak/flatpak/commit/6cac99dafe6003c8a4bd5666341c217876536869",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/flatpak/flatpak/commit/6cac99dafe6003c8a4bd5666341c217876536869"
        },
        {
          "name": "https://github.com/flatpak/flatpak/commit/7fe63f2e8f1fd2dafc31d45154cf0b191ebec66c",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/flatpak/flatpak/commit/7fe63f2e8f1fd2dafc31d45154cf0b191ebec66c"
        },
        {
          "url": "https://security.gentoo.org/glsa/202312-12"
        }
      ],
      "source": {
        "advisory": "GHSA-h43h-fwqx-mpp8",
        "discovery": "UNKNOWN"
      },
      "title": "Flatpak metadata with ANSI control codes can cause misleading terminal output"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-28101",
    "datePublished": "2023-03-16T15:55:53.576Z",
    "dateReserved": "2023-03-10T18:34:29.226Z",
    "dateUpdated": "2025-02-25T14:55:35.911Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32611 (GCVE-0-2023-32611)

Vulnerability from cvelistv5 – Published: 2023-09-14 19:07 – Updated: 2025-02-13 16:54

Title

G_variant_byteswap() can take a long time with some non-normal inputs

Summary

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2023-32611	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2211829	issue-trackingx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/glib/-/issues/2797
	https://lists.debian.org/debian-lts-announce/2023…
	https://security.netapp.com/advisory/ntap-2023102…
	https://security.gentoo.org/glsa/202311-18

Impacted products

Vendor

Product

Version

n/a

glib2

Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Fedora	Extra Packages for Enterprise Linux
Fedora	Fedora 38
Fedora	Fedora 37
Fedora	Fedora 37
Fedora	Fedora 38

Date Public ?

2022-12-14 00:00

Credits

Upstream acknowledges William Manley as the original reporter.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:25:35.683Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-32611"
          },
          {
            "name": "RHBZ#2211829",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211829"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2797"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231027-0005/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-18"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "glib2",
          "vendor": "n/a"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib",
          "product": "Extra Packages for Enterprise Linux",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Fedora 38",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Fedora 37",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Fedora 37",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Fedora 38",
          "vendor": "Fedora"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges William Manley as the original reporter."
        }
      ],
      "datePublic": "2022-12-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-27T14:06:18.108Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-32611"
        },
        {
          "name": "RHBZ#2211829",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211829"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2797"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231027-0005/"
        },
        {
          "url": "https://security.gentoo.org/glsa/202311-18"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-05-24T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2022-12-14T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "G_variant_byteswap() can take a long time with some non-normal inputs",
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-32611",
    "datePublished": "2023-09-14T19:07:19.011Z",
    "dateReserved": "2023-05-30T11:48:42.101Z",
    "dateUpdated": "2025-02-13T16:54:50.478Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-38710 (GCVE-0-2023-38710)

Vulnerability from cvelistv5 – Published: 2023-08-25 00:00 – Updated: 2024-11-26 21:53

Summary

An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/libreswan/libreswan/tags
	https://libreswan.org/security/CVE-2023-38710/

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:46:56.611Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/libreswan/libreswan/tags"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://libreswan.org/security/CVE-2023-38710/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-38710",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-18T17:07:09.396495Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T21:53:27.752Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload\u0027s protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-25T20:28:53.862Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/libreswan/libreswan/tags"
        },
        {
          "url": "https://libreswan.org/security/CVE-2023-38710/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-38710",
    "datePublished": "2023-08-25T00:00:00.000Z",
    "dateReserved": "2023-07-24T00:00:00.000Z",
    "dateUpdated": "2024-11-26T21:53:27.752Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-26769 (GCVE-0-2023-26769)

Vulnerability from cvelistv5 – Published: 2023-03-16 00:00 – Updated: 2025-02-26 16:31

Summary

Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://loutrace.com
	https://github.com/liblouis/liblouis
	https://github.com/liblouis/liblouis/pull/1300

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:53:54.604Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://loutrace.com"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/liblouis/liblouis"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/liblouis/liblouis/pull/1300"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-26769",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T16:31:04.883408Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T16:31:26.878Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-16T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "http://loutrace.com"
        },
        {
          "url": "https://github.com/liblouis/liblouis"
        },
        {
          "url": "https://github.com/liblouis/liblouis/pull/1300"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-26769",
    "datePublished": "2023-03-16T00:00:00.000Z",
    "dateReserved": "2023-02-27T00:00:00.000Z",
    "dateUpdated": "2025-02-26T16:31:26.878Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-23527 (GCVE-0-2022-23527)

Vulnerability from cvelistv5 – Published: 2022-12-14 17:22 – Updated: 2025-04-18 14:23

Title

Open Redirect in oidc_validate_redirect_url()

Summary

mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /\t, leading to an open redirect. This issue has been patched in version 2.4.12.2. Users unable to upgrade can mitigate the issue by configuring mod_auth_openidc to only allow redirection when the destination matches a given regular expression with OIDCRedirectURLsAllowed.

Severity ?

4.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CWE

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/zmartzone/mod_auth_openidc/sec…	x_refsource_CONFIRM
	https://github.com/zmartzone/mod_auth_openidc/blo…	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2023…

Impacted products

	Vendor	Product	Version
	zmartzone	mod_auth_openidc	Affected: < 2.4.12.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:43:46.551Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-q6f2-285m-gr53",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-q6f2-285m-gr53"
          },
          {
            "name": "https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.12.1/auth_openidc.conf#L975-L984",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.12.1/auth_openidc.conf#L975-L984"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-23527",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-18T14:22:50.911621Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-18T14:23:56.649Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "mod_auth_openidc",
          "vendor": "zmartzone",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.4.12.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "mod_auth_openidc is an OpenID Certified\u2122 authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /\\t, leading to an open redirect. This issue has been patched in version 2.4.12.2. Users unable to upgrade can mitigate the issue by configuring mod_auth_openidc to only allow redirection when the destination matches a given regular expression with OIDCRedirectURLsAllowed."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-19T00:06:14.639Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-q6f2-285m-gr53",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-q6f2-285m-gr53"
        },
        {
          "name": "https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.12.1/auth_openidc.conf#L975-L984",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.12.1/auth_openidc.conf#L975-L984"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00020.html"
        }
      ],
      "source": {
        "advisory": "GHSA-q6f2-285m-gr53",
        "discovery": "UNKNOWN"
      },
      "title": "Open Redirect in oidc_validate_redirect_url()"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-23527",
    "datePublished": "2022-12-14T17:22:30.105Z",
    "dateReserved": "2022-01-19T21:23:53.784Z",
    "dateUpdated": "2025-04-18T14:23:56.649Z",
    "requesterUserId": "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28370 (GCVE-0-2023-28370)

Vulnerability from cvelistv5 – Published: 2023-05-25 00:00 – Updated: 2025-11-03 21:47

Summary

Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.

Severity ?

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

Open redirect

Assigner

jpcert

References

URL

Tags

	https://github.com/tornadoweb/tornado/releases/ta…
	https://jvn.jp/en/jp/JVN45127776/

Impacted products

	Vendor	Product	Version
	tornadoweb	Tornado	Affected: versions 6.3.1 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T21:47:34.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/tornadoweb/tornado/releases/tag/v6.3.2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN45127776/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.1,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-28370",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T15:19:04.826114Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-601",
                "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T15:19:11.787Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Tornado",
          "vendor": "tornadoweb",
          "versions": [
            {
              "status": "affected",
              "version": "versions 6.3.1 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Open redirect",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-25T00:00:00.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://github.com/tornadoweb/tornado/releases/tag/v6.3.2"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN45127776/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2023-28370",
    "datePublished": "2023-05-25T00:00:00.000Z",
    "dateReserved": "2023-05-11T00:00:00.000Z",
    "dateUpdated": "2025-11-03T21:47:34.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-32665 (GCVE-0-2023-32665)

Vulnerability from cvelistv5 – Published: 2023-09-14 19:03 – Updated: 2025-02-13 16:54

Title

Gvariant deserialisation does not match spec for non-normal data

Summary

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2023-32665	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2211827	issue-trackingx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/glib/-/issues/2121
	https://lists.debian.org/debian-lts-announce/2023…
	https://security.gentoo.org/glsa/202311-18
	https://security.netapp.com/advisory/ntap-2024042…

Impacted products

Vendor

Product

Version

n/a

glib2

Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Fedora	Fedora 38
Fedora	Extra Packages for Enterprise Linux
Fedora	Fedora
Fedora	Fedora 37
Fedora	Fedora 38
Fedora	Fedora 37

Date Public ?

2022-12-14 00:00

Credits

Upstream acknowledges William Manley as the original reporter.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32665",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-11-27T17:04:41.563399Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-24T19:16:35.238Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:25:36.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-32665"
          },
          {
            "name": "RHBZ#2211827",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211827"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2121"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240426-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "glib2",
          "vendor": "n/a"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Fedora 38",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib",
          "product": "Extra Packages for Enterprise Linux",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Fedora",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Fedora 37",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Fedora 38",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Fedora 37",
          "vendor": "Fedora"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges William Manley as the original reporter."
        }
      ],
      "datePublic": "2022-12-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-26T09:06:01.299Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-32665"
        },
        {
          "name": "RHBZ#2211827",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211827"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2121"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html"
        },
        {
          "url": "https://security.gentoo.org/glsa/202311-18"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240426-0006/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-05-24T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2022-12-14T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Gvariant deserialisation does not match spec for non-normal data",
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-32665",
    "datePublished": "2023-09-14T19:03:58.229Z",
    "dateReserved": "2023-05-30T11:48:42.074Z",
    "dateUpdated": "2025-02-13T16:54:55.463Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-33460 (GCVE-0-2023-33460)

Vulnerability from cvelistv5 – Published: 2023-06-06 00:00 – Updated: 2025-01-08 16:24

Summary

There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/lloyd/yajl/issues/250
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:47:05.692Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/lloyd/yajl/issues/250"
          },
          {
            "name": "[debian-lts-announce] 20230702 [SECURITY] [DLA 3478-1] yajl security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230711 [SECURITY] [DLA 3492-1] yajl security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html"
          },
          {
            "name": "FEDORA-2023-00572178e1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN/"
          },
          {
            "name": "FEDORA-2023-0b0bb84049",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB/"
          },
          {
            "name": "FEDORA-2023-852b377773",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J/"
          },
          {
            "name": "[debian-lts-announce] 20230805 [SECURITY] [DLA 3516-1] burp security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00003.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-33460",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-08T16:24:41.242233Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-401",
                "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-08T16:24:46.526Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "There\u0027s a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-05T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/lloyd/yajl/issues/250"
        },
        {
          "name": "[debian-lts-announce] 20230702 [SECURITY] [DLA 3478-1] yajl security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20230711 [SECURITY] [DLA 3492-1] yajl security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html"
        },
        {
          "name": "FEDORA-2023-00572178e1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLE3C4CECEJ4EUYI56KXI6OWACWXX7WN/"
        },
        {
          "name": "FEDORA-2023-0b0bb84049",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUUHG27RM4ROEYKMVRROR27AX6R63MB/"
        },
        {
          "name": "FEDORA-2023-852b377773",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YO32YDJ74DADC7CMJNLSLBVWN5EXGF5J/"
        },
        {
          "name": "[debian-lts-announce] 20230805 [SECURITY] [DLA 3516-1] burp security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00003.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-33460",
    "datePublished": "2023-06-06T00:00:00.000Z",
    "dateReserved": "2023-05-22T00:00:00.000Z",
    "dateUpdated": "2025-01-08T16:24:46.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22745 (GCVE-0-2023-22745)

Vulnerability from cvelistv5 – Published: 2023-01-19 22:12 – Updated: 2025-11-21 19:10

Title

Buffer Overlow in TSS2_RC_Decode in tpm2-tss

Summary

tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege. Versions 4.1.0-rc0, 4.0.1, and 3.2.2-rc1 fix the issue.

Severity ?

6.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/tpm2-software/tpm2-tss/securit…	x_refsource_CONFIRM
	https://github.com/tpm2-software/tpm2-tss/commit/…	x_refsource_MISC
	https://github.com/tpm2-software/tpm2-tss/commit/…	x_refsource_MISC
	https://github.com/tpm2-software/tpm2-tss/commit/…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	tpm2-software	tpm2-tss	Affected: < 4.0.1 Affected: < 3.2.2-rc0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:20:30.190Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/tpm2-software/tpm2-tss/security/advisories/GHSA-4j3v-fh23-vx67",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tpm2-software/tpm2-tss/security/advisories/GHSA-4j3v-fh23-vx67"
          },
          {
            "name": "https://github.com/tpm2-software/tpm2-tss/commit/306490c8d848c367faa2d9df81f5e69dab46ffb5",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tpm2-software/tpm2-tss/commit/306490c8d848c367faa2d9df81f5e69dab46ffb5"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22745",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-10T21:01:10.360058Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-10T21:21:37.784Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tpm2-tss",
          "vendor": "tpm2-software",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.0.1"
            },
            {
              "status": "affected",
              "version": "\u003c 3.2.2-rc0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege. Versions 4.1.0-rc0, 4.0.1, and 3.2.2-rc1 fix the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-21T19:10:18.693Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/tpm2-software/tpm2-tss/security/advisories/GHSA-4j3v-fh23-vx67",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tpm2-software/tpm2-tss/security/advisories/GHSA-4j3v-fh23-vx67"
        },
        {
          "name": "https://github.com/tpm2-software/tpm2-tss/commit/306490c8d848c367faa2d9df81f5e69dab46ffb5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tpm2-software/tpm2-tss/commit/306490c8d848c367faa2d9df81f5e69dab46ffb5"
        },
        {
          "name": "https://github.com/tpm2-software/tpm2-tss/commit/49107d65d5c7be430671398416bbd89dae4e34e7",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tpm2-software/tpm2-tss/commit/49107d65d5c7be430671398416bbd89dae4e34e7"
        },
        {
          "name": "https://github.com/tpm2-software/tpm2-tss/commit/7ab42953216adec046d000a5e3085f3ee5e9cabf",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tpm2-software/tpm2-tss/commit/7ab42953216adec046d000a5e3085f3ee5e9cabf"
        }
      ],
      "source": {
        "advisory": "GHSA-4j3v-fh23-vx67",
        "discovery": "UNKNOWN"
      },
      "title": "Buffer Overlow in TSS2_RC_Decode in tpm2-tss"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-22745",
    "datePublished": "2023-01-19T22:12:40.208Z",
    "dateReserved": "2023-01-06T14:21:05.893Z",
    "dateUpdated": "2025-11-21T19:10:18.693Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-40898 (GCVE-0-2022-40898)

Vulnerability from cvelistv5 – Published: 2022-12-22 00:00 – Updated: 2025-04-15 15:53

Summary

An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://pypi.org/project/wheel/
	https://github.com/pypa/wheel/blob/main/src/wheel…
	https://pyup.io/posts/pyup-discovers-redos-vulner…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:28:42.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pypi.org/project/wheel/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-40898",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T15:53:45.337918Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-20",
                "description": "CWE-20 Improper Input Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T15:53:50.771Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-22T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://pypi.org/project/wheel/"
        },
        {
          "url": "https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18"
        },
        {
          "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-40898",
    "datePublished": "2022-12-22T00:00:00.000Z",
    "dateReserved": "2022-09-19T00:00:00.000Z",
    "dateUpdated": "2025-04-15T15:53:50.771Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-1672 (GCVE-0-2023-1672)

Vulnerability from cvelistv5 – Published: 2023-07-11 11:47 – Updated: 2025-02-13 16:39

Title

Race condition exists in the key generation and rotation functionality

Summary

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2023-1672	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2180999	issue-trackingx_refsource_REDHAT
	https://github.com/latchset/tang/commit/8dbbed108…
	https://www.openwall.com/lists/oss-security/2023/…
	https://lists.debian.org/debian-lts-announce/2023…

Impacted products

Vendor

Product

Version

n/a

tang

Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Fedora	Fedora

Date Public ?

2023-06-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:57:24.884Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-1672"
          },
          {
            "name": "RHBZ#2180999",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180999"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/latchset/tang/commit/8dbbed10870378f1b2c3cf3df2ea7edca7617096"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/06/15/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00004.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-1672",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-01T16:29:42.615646Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-01T16:29:57.256Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "tang",
          "vendor": "n/a"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "tang",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "tang",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "tang",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "tang",
          "product": "Fedora",
          "vendor": "Fedora"
        }
      ],
      "datePublic": "2023-06-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-07T21:06:32.549Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-1672"
        },
        {
          "name": "RHBZ#2180999",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180999"
        },
        {
          "url": "https://github.com/latchset/tang/commit/8dbbed10870378f1b2c3cf3df2ea7edca7617096"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/06/15/1"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00004.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-03-22T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-06-07T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Race condition exists in the key generation and rotation functionality",
      "x_redhatCweChain": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-1672",
    "datePublished": "2023-07-11T11:47:35.363Z",
    "dateReserved": "2023-03-28T15:03:04.864Z",
    "dateUpdated": "2025-02-13T16:39:29.669Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-26768 (GCVE-0-2023-26768)

Vulnerability from cvelistv5 – Published: 2023-03-16 00:00 – Updated: 2025-02-26 15:46

Summary

Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/liblouis/liblouis/issues/1301
	https://github.com/liblouis/liblouis/pull/1302

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:53:54.602Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/liblouis/liblouis/issues/1301"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/liblouis/liblouis/pull/1302"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-26768",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T15:42:55.170057Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T15:46:04.214Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-16T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/liblouis/liblouis/issues/1301"
        },
        {
          "url": "https://github.com/liblouis/liblouis/pull/1302"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-26768",
    "datePublished": "2023-03-16T00:00:00.000Z",
    "dateReserved": "2023-02-27T00:00:00.000Z",
    "dateUpdated": "2025-02-26T15:46:04.214Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28100 (GCVE-0-2023-28100)

Vulnerability from cvelistv5 – Published: 2023-03-16 15:51 – Updated: 2025-02-13 16:45

Title

TIOCLINUX can send commands outside sandbox if running on a virtual console

Summary

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the `TIOCLINUX` ioctl command instead of `TIOCSTI`. If a Flatpak app is run on a Linux virtual console such as `/dev/tty1`, it can copy text from the virtual console and paste it into the command buffer, from which the command might be run after the Flatpak app has exited. Ordinary graphical terminal emulators like xterm, gnome-terminal and Konsole are unaffected. This vulnerability is specific to the Linux virtual consoles `/dev/tty1`, `/dev/tty2` and so on. A patch is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, don't run Flatpak on a Linux virtual console. Flatpak is primarily designed to be used in a Wayland or X11 graphical environment.

Severity ?

10 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-20 - Improper Input Validation

Assigner

GitHub_M

References

URL

Tags

	https://github.com/flatpak/flatpak/security/advis…	x_refsource_CONFIRM
	https://github.com/flatpak/flatpak/commit/8e63de9…	x_refsource_MISC
	https://marc.info/?l=oss-security&m=167879021709955&w=2	x_refsource_MISC
	https://security.gentoo.org/glsa/202312-12

Impacted products

	Vendor	Product	Version
	flatpak	flatpak	Affected: < 1.10.8 Affected: >= 1.12.0, < 1.12.8 Affected: >= 1.14.0, < 1.14.4 Affected: >= 1.15.0, < 1.15.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:30:23.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/flatpak/flatpak/security/advisories/GHSA-7qpw-3vjv-xrqp",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/flatpak/flatpak/security/advisories/GHSA-7qpw-3vjv-xrqp"
          },
          {
            "name": "https://github.com/flatpak/flatpak/commit/8e63de9a7d3124f91140fc74f8ca9ed73ed53be9",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/flatpak/flatpak/commit/8e63de9a7d3124f91140fc74f8ca9ed73ed53be9"
          },
          {
            "name": "https://marc.info/?l=oss-security\u0026m=167879021709955\u0026w=2",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://marc.info/?l=oss-security\u0026m=167879021709955\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202312-12"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28100",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T16:24:16.321968Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T16:24:40.956Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "flatpak",
          "vendor": "flatpak",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.10.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.12.0, \u003c 1.12.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.14.0, \u003c 1.14.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 1.15.0, \u003c 1.15.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the `TIOCLINUX` ioctl command instead of `TIOCSTI`. If a Flatpak app is run on a Linux virtual console such as `/dev/tty1`, it can copy text from the virtual console and paste it into the command buffer, from which the command might be run after the Flatpak app has exited. Ordinary graphical terminal emulators like xterm, gnome-terminal and Konsole are unaffected. This vulnerability is specific to the Linux virtual consoles `/dev/tty1`, `/dev/tty2` and so on. A patch is available in versions 1.10.8, 1.12.8, 1.14.4, and 1.15.4. As a workaround, don\u0027t run Flatpak on a Linux virtual console. Flatpak is primarily designed to be used in a Wayland or X11 graphical environment."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-23T10:06:23.380Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/flatpak/flatpak/security/advisories/GHSA-7qpw-3vjv-xrqp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/flatpak/flatpak/security/advisories/GHSA-7qpw-3vjv-xrqp"
        },
        {
          "name": "https://github.com/flatpak/flatpak/commit/8e63de9a7d3124f91140fc74f8ca9ed73ed53be9",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/flatpak/flatpak/commit/8e63de9a7d3124f91140fc74f8ca9ed73ed53be9"
        },
        {
          "name": "https://marc.info/?l=oss-security\u0026m=167879021709955\u0026w=2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://marc.info/?l=oss-security\u0026m=167879021709955\u0026w=2"
        },
        {
          "url": "https://security.gentoo.org/glsa/202312-12"
        }
      ],
      "source": {
        "advisory": "GHSA-7qpw-3vjv-xrqp",
        "discovery": "UNKNOWN"
      },
      "title": "TIOCLINUX can send commands outside sandbox if running on a virtual console"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-28100",
    "datePublished": "2023-03-16T15:51:32.037Z",
    "dateReserved": "2023-03-10T18:34:29.226Z",
    "dateUpdated": "2025-02-13T16:45:39.112Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-1786 (GCVE-0-2023-1786)

Vulnerability from cvelistv5 – Published: 2023-04-26 22:23 – Updated: 2025-02-13 16:39

Title

sensitive data exposure in cloud-init logs

Summary

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-532

Assigner

canonical

References

URL

Tags

	https://github.com/canonical/cloud-init/commit/a3…	patch
	https://bugs.launchpad.net/cloud-init/+bug/2013967	issue-tracking
	https://ubuntu.com/security/notices/USN-6042-1	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…

Impacted products

	Vendor	Product	Version
	Canonical Ltd.	cloud-init	Affected: 0 , < 23.1.2 (semver)

Date Public ?

2023-04-26 00:00

Credits

James Golovich

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:57:25.074Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/canonical/cloud-init/commit/a378b7e4f47375458651c0972e7cd813f6fe0a6b"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/cloud-init/+bug/2013967"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6042-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ATBJSXPL2IOAD2LDQRKWPLIC7QXS44GZ/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-1786",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-31T19:16:40.437499Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-31T19:16:51.183Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/canonical/cloud-init/releases",
          "packageName": "cloud-init",
          "platforms": [
            "Linux"
          ],
          "product": "cloud-init",
          "repo": "https://github.com/canonical/cloud-init/",
          "vendor": "Canonical Ltd.",
          "versions": [
            {
              "lessThan": "23.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "James Golovich"
        }
      ],
      "datePublic": "2023-04-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-07T02:06:08.088Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/canonical/cloud-init/commit/a378b7e4f47375458651c0972e7cd813f6fe0a6b"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://bugs.launchpad.net/cloud-init/+bug/2013967"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-6042-1"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ATBJSXPL2IOAD2LDQRKWPLIC7QXS44GZ/"
        }
      ],
      "title": "sensitive data exposure in cloud-init logs"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2023-1786",
    "datePublished": "2023-04-26T22:23:47.305Z",
    "dateReserved": "2023-03-31T20:40:07.757Z",
    "dateUpdated": "2025-02-13T16:39:30.230Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-28625 (GCVE-0-2023-28625)

Vulnerability from cvelistv5 – Published: 2023-04-03 13:19 – Updated: 2025-02-13 16:48

Title

mod_auth_openidc core dump when OIDCStripCookies is set and an empty Cookie header is supplied

Summary

mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL pointer dereference would occur, resulting in a segmentation fault. This could be used in a Denial-of-Service attack and thus presents an availability risk. Version 2.4.13.2 contains a patch for this issue. As a workaround, avoid using `OIDCStripCookies`.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-476 - NULL Pointer Dereference

Assigner

GitHub_M

References

URL

Tags

	https://github.com/OpenIDC/mod_auth_openidc/secur…	x_refsource_CONFIRM
	https://github.com/OpenIDC/mod_auth_openidc/commi…	x_refsource_MISC
	https://github.com/OpenIDC/mod_auth_openidc/blame…	x_refsource_MISC
	https://github.com/OpenIDC/mod_auth_openidc/relea…	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2023…
	https://www.debian.org/security/2023/dsa-5405
	https://lists.fedoraproject.org/archives/list/pac…

Impacted products

	Vendor	Product	Version
	OpenIDC	mod_auth_openidc	Affected: >= 2.0.0, < 2.4.13.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:43:23.184Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr"
          },
          {
            "name": "https://github.com/OpenIDC/mod_auth_openidc/commit/c0e1edac3c4c19988ccdc7713d7aebfce6ff916a",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/OpenIDC/mod_auth_openidc/commit/c0e1edac3c4c19988ccdc7713d7aebfce6ff916a"
          },
          {
            "name": "https://github.com/OpenIDC/mod_auth_openidc/blame/3f11976dab56af0a46a7dddb7a275cc16d6eb726/src/mod_auth_openidc.c#L178-L179",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/OpenIDC/mod_auth_openidc/blame/3f11976dab56af0a46a7dddb7a275cc16d6eb726/src/mod_auth_openidc.c#L178-L179"
          },
          {
            "name": "https://github.com/OpenIDC/mod_auth_openidc/releases/tag/v2.4.13.2",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/OpenIDC/mod_auth_openidc/releases/tag/v2.4.13.2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00034.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5405"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIBKFC22PDH6UXMSZ23PHTD7736ZC7BB/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28625",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T15:56:43.295806Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T15:57:04.485Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "mod_auth_openidc",
          "vendor": "OpenIDC",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.0.0, \u003c 2.4.13.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL pointer dereference would occur, resulting in a segmentation fault. This could be used in a Denial-of-Service attack and thus presents an availability risk. Version 2.4.13.2 contains a patch for this issue. As a workaround, avoid using `OIDCStripCookies`."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-31T19:06:16.794Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr"
        },
        {
          "name": "https://github.com/OpenIDC/mod_auth_openidc/commit/c0e1edac3c4c19988ccdc7713d7aebfce6ff916a",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OpenIDC/mod_auth_openidc/commit/c0e1edac3c4c19988ccdc7713d7aebfce6ff916a"
        },
        {
          "name": "https://github.com/OpenIDC/mod_auth_openidc/blame/3f11976dab56af0a46a7dddb7a275cc16d6eb726/src/mod_auth_openidc.c#L178-L179",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OpenIDC/mod_auth_openidc/blame/3f11976dab56af0a46a7dddb7a275cc16d6eb726/src/mod_auth_openidc.c#L178-L179"
        },
        {
          "name": "https://github.com/OpenIDC/mod_auth_openidc/releases/tag/v2.4.13.2",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OpenIDC/mod_auth_openidc/releases/tag/v2.4.13.2"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00034.html"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5405"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIBKFC22PDH6UXMSZ23PHTD7736ZC7BB/"
        }
      ],
      "source": {
        "advisory": "GHSA-f5xw-rvfr-24qr",
        "discovery": "UNKNOWN"
      },
      "title": "mod_auth_openidc core dump when OIDCStripCookies is set and an empty Cookie header is supplied"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-28625",
    "datePublished": "2023-04-03T13:19:40.422Z",
    "dateReserved": "2023-03-20T12:19:47.206Z",
    "dateUpdated": "2025-02-13T16:48:46.211Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-4016 (GCVE-0-2023-4016)

Vulnerability from cvelistv5 – Published: 2023-08-02 04:20 – Updated: 2025-02-13 17:03

Summary

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

Severity ?

2.5 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

trellix

References

URL

Tags

	https://gitlab.com/procps-ng/procps
	https://lists.fedoraproject.org/archives/list/pac…

Impacted products

	Vendor	Product	Version
	Linux	Linux Kernal	Affected: 3.3.0 (might be earlier) - latest

Credits

Michael Berlin, BGU Prof. Oded Margalit, BGU and Trellix Prof. Gera Weiss, BGU

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:17:10.954Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.com/procps-ng/procps"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "Linux Kernal",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.3.0 (might be earlier) - latest"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Michael Berlin, BGU"
        },
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Prof. Oded Margalit, BGU and Trellix"
        },
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Prof. Gera Weiss, BGU"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Under some circumstances, this weakness allows a user who has access to run the \u201cps\u201d utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap."
            }
          ],
          "value": "Under some circumstances, this weakness allows a user who has access to run the \u201cps\u201d utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-9",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-9 Buffer Overflow in Local Command-Line Utilities"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-21T02:06:11.188Z",
        "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "shortName": "trellix"
      },
      "references": [
        {
          "url": "https://gitlab.com/procps-ng/procps"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
    "assignerShortName": "trellix",
    "cveId": "CVE-2023-4016",
    "datePublished": "2023-08-02T04:20:20.645Z",
    "dateReserved": "2023-07-31T10:40:24.737Z",
    "dateUpdated": "2025-02-13T17:03:24.515Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-33204 (GCVE-0-2023-33204)

Vulnerability from cvelistv5 – Published: 2023-05-18 00:00 – Updated: 2025-11-03 17:31

Summary

sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/sysstat/sysstat/pull/360
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:31:04.036Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/sysstat/sysstat/pull/360"
          },
          {
            "name": "[debian-lts-announce] 20230527 [SECURITY] [DLA 3434-1] sysstat security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00026.html"
          },
          {
            "name": "FEDORA-2023-ac947ec260",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NUBFX3UNOSM7KFUIB3J32ASYT5ZRXJQV/"
          },
          {
            "name": "FEDORA-2023-4706cef256",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7UUEKMNDMC6RZTI4O367ZD2YKCOX5THX/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-33204",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-22T14:49:24.378524Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-22T14:49:28.299Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-20T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/sysstat/sysstat/pull/360"
        },
        {
          "name": "[debian-lts-announce] 20230527 [SECURITY] [DLA 3434-1] sysstat security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00026.html"
        },
        {
          "name": "FEDORA-2023-ac947ec260",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NUBFX3UNOSM7KFUIB3J32ASYT5ZRXJQV/"
        },
        {
          "name": "FEDORA-2023-4706cef256",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7UUEKMNDMC6RZTI4O367ZD2YKCOX5THX/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-33204",
    "datePublished": "2023-05-18T00:00:00.000Z",
    "dateReserved": "2023-05-18T00:00:00.000Z",
    "dateUpdated": "2025-11-03T17:31:04.036Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-29499 (GCVE-0-2023-29499)

Vulnerability from cvelistv5 – Published: 2023-09-14 19:06 – Updated: 2025-12-18 15:23

Title

Gvariant offset table entry size is not checked in is_normal()

Summary

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2023-29499	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2211828	issue-trackingx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/glib/-/issues/2794
	https://lists.debian.org/debian-lts-announce/2023…
	https://security.netapp.com/advisory/ntap-2023110…
	https://security.gentoo.org/glsa/202311-18

Impacted products

Vendor

Product

Version

n/a

glib2

Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Fedora	Extra Packages for Enterprise Linux
Fedora	Fedora 37
Fedora	Fedora 38
Fedora	Fedora 38
Fedora	Fedora 37

Date Public ?

2022-12-14 00:00

Credits

Upstream acknowledges William Manley as the original reporter.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:07:46.408Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-29499"
          },
          {
            "name": "RHBZ#2211828",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211828"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2794"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231103-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-18"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-29499",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-18T15:23:31.856597Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-18T15:23:36.882Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "glib2",
          "vendor": "n/a"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib",
          "product": "Extra Packages for Enterprise Linux",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Fedora 37",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Fedora 38",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Fedora 38",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Fedora 37",
          "vendor": "Fedora"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges William Manley as the original reporter."
        }
      ],
      "datePublic": "2022-12-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-27T14:06:16.355Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-29499"
        },
        {
          "name": "RHBZ#2211828",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211828"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2794"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231103-0001/"
        },
        {
          "url": "https://security.gentoo.org/glsa/202311-18"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-05-24T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2022-12-14T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Gvariant offset table entry size is not checked in is_normal()",
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-29499",
    "datePublished": "2023-09-14T19:06:17.810Z",
    "dateReserved": "2023-05-30T11:48:42.094Z",
    "dateUpdated": "2025-12-18T15:23:36.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-38711 (GCVE-0-2023-38711)

Vulnerability from cvelistv5 – Published: 2023-08-25 00:00 – Updated: 2024-08-02 17:46

Summary

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/libreswan/libreswan/tags
	https://libreswan.org/security/CVE-2023-38711/

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-38711",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-22T19:44:03.355698Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-22T19:44:10.044Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:46:56.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/libreswan/libreswan/tags"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://libreswan.org/security/CVE-2023-38711/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-25T20:30:07.355Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/libreswan/libreswan/tags"
        },
        {
          "url": "https://libreswan.org/security/CVE-2023-38711/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-38711",
    "datePublished": "2023-08-25T00:00:00.000Z",
    "dateReserved": "2023-07-24T00:00:00.000Z",
    "dateUpdated": "2024-08-02T17:46:56.601Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-38712 (GCVE-0-2023-38712)

Vulnerability from cvelistv5 – Published: 2023-08-25 00:00 – Updated: 2024-08-02 17:46

Summary

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/libreswan/libreswan/tags
	https://libreswan.org/security/CVE-2023-38712/

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:46:56.799Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/libreswan/libreswan/tags"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://libreswan.org/security/CVE-2023-38712/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-25T20:31:56.483Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/libreswan/libreswan/tags"
        },
        {
          "url": "https://libreswan.org/security/CVE-2023-38712/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-38712",
    "datePublished": "2023-08-25T00:00:00.000Z",
    "dateReserved": "2023-07-24T00:00:00.000Z",
    "dateUpdated": "2024-08-02T17:46:56.799Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2023-2853

CVE-2021-32142 (GCVE-0-2021-32142)

CVE-2023-26767 (GCVE-0-2023-26767)

CVE-2022-48468 (GCVE-0-2022-48468)

CVE-2021-43618 (GCVE-0-2021-43618)

CVE-2023-31486 (GCVE-0-2023-31486)

CVE-2023-28101 (GCVE-0-2023-28101)

CVE-2023-32611 (GCVE-0-2023-32611)

CVE-2023-38710 (GCVE-0-2023-38710)

CVE-2023-26769 (GCVE-0-2023-26769)

CVE-2022-23527 (GCVE-0-2022-23527)

CVE-2023-28370 (GCVE-0-2023-28370)

CVE-2023-32665 (GCVE-0-2023-32665)

CVE-2023-33460 (GCVE-0-2023-33460)

CVE-2023-22745 (GCVE-0-2023-22745)

CVE-2022-40898 (GCVE-0-2022-40898)

CVE-2023-1672 (GCVE-0-2023-1672)

CVE-2023-26768 (GCVE-0-2023-26768)

CVE-2023-28100 (GCVE-0-2023-28100)

CVE-2023-1786 (GCVE-0-2023-1786)

CVE-2023-28625 (GCVE-0-2023-28625)

CVE-2023-4016 (GCVE-0-2023-4016)

CVE-2023-33204 (GCVE-0-2023-33204)

CVE-2023-29499 (GCVE-0-2023-29499)

CVE-2023-38711 (GCVE-0-2023-38711)

CVE-2023-38712 (GCVE-0-2023-38712)

Tags

Sightings

Nomenclature