Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2023-2917
Vulnerability from csaf_certbund
Published
2023-11-14 23:00
Modified
2024-03-11 23:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2917 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2917.json" }, { "category": "self", "summary": "WID-SEC-2023-2917 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2917" }, { "category": "external", "summary": "Xerox Security Bulletin XRX23-016 vom 2023-11-14", "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2023/11/XRX23-016_FFPSv7-S10_MediaInstall_Nov2023.pdf" }, { "category": "external", "summary": "Xerox Security Bulletin XRX23-017 vom 2023-11-14", "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2023/11/XRX23-017_FFPSv7-S11_MediaInstall_Nov2023.pdf" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-019 vom 2023-11-16", "url": "https://security.business.xerox.com/wp-content/uploads/2023/11/Xerox-Security-Bulletin-XRX23-019-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf" }, { "category": "external", "summary": "Xerox Security Bulletin XRX23-021", "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2023/11/XRX23-021_FFPSv2_Win10_SecurityBulletin_Nov2023.pdf" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-022 vom 2023-12-01", "url": "https://security.business.xerox.com/wp-content/uploads/2023/11/XRX23-022_FFPSv9-S11_MediaInstall_Nov2023.pdf" }, { "category": "external", "summary": "XEROX Security Advisory XRX24-005 vom 2024-03-04", "url": "https://security.business.xerox.com/wp-content/uploads/2024/03/Xerox-Security-Bulletin-XRX24-005-Xerox-FreeFlow%C2%AE-Print-Server-v9_Feb-2024.pdf" }, { "category": "external", "summary": "XEROX Security Advisory XRX24-001 vom 2024-03-11", "url": "https://security.business.xerox.com/wp-content/uploads/2024/03/Xerox%C2%AE-Security-Bulletin-XRX24-001-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf" } ], "source_lang": "en-US", "title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-03-11T23:00:00.000+00:00", "generator": { "date": "2024-03-12T09:06:44.710+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2917", "initial_release_date": "2023-11-14T23:00:00.000+00:00", "revision_history": [ { "date": "2023-11-14T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-11-16T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2023-11-28T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2023-11-30T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2024-03-03T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2024-03-11T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von XEROX aufgenommen" } ], "status": "final", "version": "6" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "9", "product": { "name": "Xerox FreeFlow Print Server 9", "product_id": "T002977", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:9" } } }, { "category": "product_version", "name": "v7", "product": { "name": "Xerox FreeFlow Print Server v7", "product_id": "T015631", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v7" } } }, { "category": "product_version", "name": "v9", "product": { "name": "Xerox FreeFlow Print Server v9", "product_id": "T015632", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v9" } } }, { "category": "product_version", "name": "v9 for Solaris", "product": { "name": "Xerox FreeFlow Print Server v9 for Solaris", "product_id": "T028053", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v9_for_solaris" } } }, { "category": "product_version", "name": "v2 / Windows 10", "product": { "name": "Xerox FreeFlow Print Server v2 / Windows 10", "product_id": "T031383", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v2__windows_10" } } } ], "category": "product_name", "name": "FreeFlow Print Server" } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-4584", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4584" }, { "cve": "CVE-2023-4581", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4581" }, { "cve": "CVE-2023-45802", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-45802" }, { "cve": "CVE-2023-4576", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4576" }, { "cve": "CVE-2023-4575", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4575" }, { "cve": "CVE-2023-4574", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4574" }, { "cve": "CVE-2023-4573", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4573" }, { "cve": "CVE-2023-4504", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4504" }, { "cve": "CVE-2023-43622", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-43622" }, { "cve": "CVE-2023-41081", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-41081" }, { "cve": "CVE-2023-41080", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-41080" }, { "cve": "CVE-2023-4056", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4056" }, { "cve": "CVE-2023-4055", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4055" }, { "cve": "CVE-2023-4054", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4054" }, { "cve": "CVE-2023-4050", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4050" }, { "cve": "CVE-2023-4049", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4049" }, { "cve": "CVE-2023-4048", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4048" }, { "cve": "CVE-2023-40477", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-40477" }, { "cve": "CVE-2023-4047", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4047" }, { "cve": "CVE-2023-4046", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4046" }, { "cve": "CVE-2023-4045", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-4045" }, { "cve": "CVE-2023-38403", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-38403" }, { "cve": "CVE-2023-3824", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-3824" }, { "cve": "CVE-2023-3823", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-3823" }, { "cve": "CVE-2023-37211", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-37211" }, { "cve": "CVE-2023-37208", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-37208" }, { "cve": "CVE-2023-37207", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-37207" }, { "cve": "CVE-2023-37202", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-37202" }, { "cve": "CVE-2023-37201", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-37201" }, { "cve": "CVE-2023-36664", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-36664" }, { "cve": "CVE-2023-3666", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-3666" }, { "cve": "CVE-2023-36191", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-36191" }, { "cve": "CVE-2023-36053", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-36053" }, { "cve": "CVE-2023-34969", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-34969" }, { "cve": "CVE-2023-34241", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-34241" }, { "cve": "CVE-2023-32763", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32763" }, { "cve": "CVE-2023-32762", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32762" }, { "cve": "CVE-2023-32681", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32681" }, { "cve": "CVE-2023-32665", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32665" }, { "cve": "CVE-2023-32643", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32643" }, { "cve": "CVE-2023-32636", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32636" }, { "cve": "CVE-2023-32611", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32611" }, { "cve": "CVE-2023-32573", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32573" }, { "cve": "CVE-2023-32559", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32559" }, { "cve": "CVE-2023-32558", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32558" }, { "cve": "CVE-2023-3247", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-3247" }, { "cve": "CVE-2023-32067", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32067" }, { "cve": "CVE-2023-32006", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32006" }, { "cve": "CVE-2023-32005", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32005" }, { "cve": "CVE-2023-32004", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32004" }, { "cve": "CVE-2023-32003", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32003" }, { "cve": "CVE-2023-32002", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-32002" }, { "cve": "CVE-2023-3195", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-3195" }, { "cve": "CVE-2023-31486", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-31486" }, { "cve": "CVE-2023-31484", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-31484" }, { "cve": "CVE-2023-3138", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-3138" }, { "cve": "CVE-2023-31147", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-31147" }, { "cve": "CVE-2023-31130", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-31130" }, { "cve": "CVE-2023-31124", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-31124" }, { "cve": "CVE-2023-31122", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-31122" }, { "cve": "CVE-2023-30590", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30590" }, { "cve": "CVE-2023-30589", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30589" }, { "cve": "CVE-2023-30588", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30588" }, { "cve": "CVE-2023-30587", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30587" }, { "cve": "CVE-2023-30586", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30586" }, { "cve": "CVE-2023-30585", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30585" }, { "cve": "CVE-2023-30584", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30584" }, { "cve": "CVE-2023-30583", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30583" }, { "cve": "CVE-2023-30582", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30582" }, { "cve": "CVE-2023-30581", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-30581" }, { "cve": "CVE-2023-29499", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-29499" }, { "cve": "CVE-2023-29491", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-29491" }, { "cve": "CVE-2023-29409", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-29409" }, { "cve": "CVE-2023-29406", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-29406" }, { "cve": "CVE-2023-29405", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-29405" }, { "cve": "CVE-2023-29404", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-29404" }, { "cve": "CVE-2023-29403", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-29403" }, { "cve": "CVE-2023-29402", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-29402" }, { "cve": "CVE-2023-2911", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2911" }, { "cve": "CVE-2023-28879", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-28879" }, { "cve": "CVE-2023-2879", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2879" }, { "cve": "CVE-2023-2858", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2858" }, { "cve": "CVE-2023-2857", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2857" }, { "cve": "CVE-2023-2855", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2855" }, { "cve": "CVE-2023-2854", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2854" }, { "cve": "CVE-2023-28450", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-28450" }, { "cve": "CVE-2023-28322", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-28322" }, { "cve": "CVE-2023-28321", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-28321" }, { "cve": "CVE-2023-28320", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-28320" }, { "cve": "CVE-2023-28319", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-28319" }, { "cve": "CVE-2023-2828", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2828" }, { "cve": "CVE-2023-27986", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-27986" }, { "cve": "CVE-2023-27985", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-27985" }, { "cve": "CVE-2023-2650", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2650" }, { "cve": "CVE-2023-25193", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-25193" }, { "cve": "CVE-2023-24805", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-24805" }, { "cve": "CVE-2023-24329", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-24329" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-23915", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-23915" }, { "cve": "CVE-2023-23914", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-23914" }, { "cve": "CVE-2023-22129", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-22129" }, { "cve": "CVE-2023-22128", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-22128" }, { "cve": "CVE-2023-22081", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-22081" }, { "cve": "CVE-2023-22067", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-22067" }, { "cve": "CVE-2023-22043", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-22043" }, { "cve": "CVE-2023-22025", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-22025" }, { "cve": "CVE-2023-2004", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-2004" }, { "cve": "CVE-2023-1981", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-1981" }, { "cve": "CVE-2023-1906", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-1906" }, { "cve": "CVE-2023-1393", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-1393" }, { "cve": "CVE-2023-1175", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-1175" }, { "cve": "CVE-2023-1170", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-1170" }, { "cve": "CVE-2023-1127", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-1127" }, { "cve": "CVE-2023-0668", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0668" }, { "cve": "CVE-2023-0666", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0666" }, { "cve": "CVE-2023-0512", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0512" }, { "cve": "CVE-2023-0466", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0466" }, { "cve": "CVE-2023-0465", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0465" }, { "cve": "CVE-2023-0288", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0288" }, { "cve": "CVE-2023-0054", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0054" }, { "cve": "CVE-2023-0051", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0051" }, { "cve": "CVE-2023-0049", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2023-0049" }, { "cve": "CVE-2022-4899", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-4899" }, { "cve": "CVE-2022-48339", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-48339" }, { "cve": "CVE-2022-48338", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-48338" }, { "cve": "CVE-2022-48337", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-48337" }, { "cve": "CVE-2022-41409", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-41409" }, { "cve": "CVE-2022-3924", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-3924" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-31008", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2022-31008" }, { "cve": "CVE-2021-46784", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2021-46784" }, { "cve": "CVE-2021-44917", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2021-44917" }, { "cve": "CVE-2018-3639", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2018-3639" }, { "cve": "CVE-2017-5715", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053", "T015632", "T002977", "T015631", "T031383" ] }, "release_date": "2023-11-14T23:00:00Z", "title": "CVE-2017-5715" } ] }
cve-2023-29402
Vulnerability from cvelistv5
Published
2023-06-08 20:19
Modified
2024-12-13 13:09
Severity ?
EPSS score ?
Summary
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via "go get", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go toolchain | cmd/go |
Version: 0 ≤ Version: 1.20.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-12-13T13:09:24.218Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/60167" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/501226" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-1839" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "url": "https://security.netapp.com/advisory/ntap-20241213-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "cmd/go", "product": "cmd/go", "vendor": "Go toolchain", "versions": [ { "lessThan": "1.19.10", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.5", "status": "affected", "version": "1.20.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Juho Nurminen of Mattermost" } ], "descriptions": [ { "lang": "en", "value": "The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go command, i.e. via \"go get\", are not affected (modules retrieved using GOPATH-mode, i.e. GO111MODULE=off, may be affected)." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:08:33.331Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/60167" }, { "url": "https://go.dev/cl/501226" }, { "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2023-1839" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Code injection via go command with cgo in cmd/go" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-29402", "datePublished": "2023-06-08T20:19:04.483Z", "dateReserved": "2023-04-05T19:36:35.042Z", "dateUpdated": "2024-12-13T13:09:24.218Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32763
Vulnerability from cvelistv5
Published
2023-05-28 00:00
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:36.992Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://codereview.qt-project.org/c/qt/qtbase/+/476125" }, { "tags": [ "x_transferred" ], "url": "https://lists.qt-project.org/pipermail/announce/2023-May/000413.html" }, { "name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html" }, { "name": "GLSA-202402-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-03" }, { "name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-01T00:06:20.172374", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://codereview.qt-project.org/c/qt/qtbase/+/476125" }, { "url": "https://lists.qt-project.org/pipermail/announce/2023-May/000413.html" }, { "name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html" }, { "name": "GLSA-202402-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202402-03" }, { "name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-32763", "datePublished": "2023-05-28T00:00:00", "dateReserved": "2023-05-15T00:00:00", "dateUpdated": "2024-08-02T15:25:36.992Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-41081
Vulnerability from cvelistv5
Published
2023-09-13 09:30
Modified
2024-09-25 17:21
Severity ?
EPSS score ?
Summary
Important: Authentication Bypass CVE-2023-41081
The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, mod_jk would use an implicit mapping and map the request to the first defined worker. Such an implicit mapping could result in the unintended exposure of the status worker and/or bypass security constraints configured in httpd. As of JK 1.2.49, the implicit mapping functionality has been removed and all mappings must now be via explicit configuration. Only mod_jk is affected by this issue. The ISAPI redirector is not affected.
This issue affects Apache Tomcat Connectors (mod_jk only): from 1.2.0 through 1.2.48.
Users are recommended to upgrade to version 1.2.49, which fixes the issue.
History
2023-09-13 Original advisory
2023-09-28 Updated summary
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Tomcat Connectors |
Version: 1.2.0 ≤ 1.2.48 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:46:11.826Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.apache.org/thread/rd1r26w7271jyqgzr4492tooyt583d8b" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/09/13/2" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00027.html" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/7" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:apache:tomcat_connectors:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "tomcat_connectors", "vendor": "apache", "versions": [ { "lessThanOrEqual": "1.2.48", "status": "affected", "version": "1.2.0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-41081", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-25T17:18:39.972078Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-25T17:21:30.509Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Tomcat Connectors", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "1.2.48", "status": "affected", "version": "1.2.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Karl von Randow" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003e\u003cp\u003eImportant: Authentication Bypass CVE-2023-41081\n\u003cbr\u003e\n\u003c/p\u003e\u003cp\u003eThe mod_jk component of \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eApache Tomcat Connectors\u0026nbsp;\u003c/span\u003ein some circumstances, such as when a configuration included\u0026nbsp;\"JkOptions +ForwardDirectories\" but the configuration did not provide explicit mounts for all possible proxied requests, mod_jk would use an implicit mapping and map the request to the first defined worker.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eSuch an implicit mapping could result in the unintended exposure of the\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003estatus worker and/or bypass security constraints configured in httpd. As\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eof JK 1.2.49, the implicit mapping functionality has been removed and all\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003emappings must now be via explicit configuration.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eOnly mod_jk is affected\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eby this issue. The ISAPI redirector is not affected.\u003c/span\u003e\u003c/p\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Apache Tomcat Connectors \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e(mod_jk only)\u003c/span\u003e: from 1.2.0 through 1.2.48.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.2.49, which fixes the issue.\u003c/p\u003e\u003ch2\u003eHistory\u003cbr\u003e\u003c/h2\u003e\u003ch2\u003e\u003c/h2\u003e\u003cp\u003e2023-09-13 Original advisory\n\u003cbr\u003e2023-09-28 Updated summary\u003cbr\u003e\u003c/p\u003e" } ], "value": "Important: Authentication Bypass CVE-2023-41081\n\nThe mod_jk component of Apache Tomcat Connectors\u00a0in some circumstances, such as when a configuration included\u00a0\"JkOptions +ForwardDirectories\" but the configuration did not provide explicit mounts for all possible proxied requests, mod_jk would use an implicit mapping and map the request to the first defined worker.\u00a0Such an implicit mapping could result in the unintended exposure of the\u00a0status worker and/or bypass security constraints configured in httpd. As\u00a0of JK 1.2.49, the implicit mapping functionality has been removed and all\u00a0mappings must now be via explicit configuration.\u00a0Only mod_jk is affected\u00a0by this issue. The ISAPI redirector is not affected.\n\nThis issue affects Apache Tomcat Connectors (mod_jk only): from 1.2.0 through 1.2.48.\n\nUsers are recommended to upgrade to version 1.2.49, which fixes the issue.\n\nHistory\n2023-09-13 Original advisory\n\n2023-09-28 Updated summary\n\n" } ], "metrics": [ { "other": { "content": { "text": "important" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "description": "Unexpected default behaviour", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-28T21:30:57.072Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/rd1r26w7271jyqgzr4492tooyt583d8b" }, { "url": "https://www.openwall.com/lists/oss-security/2023/09/13/2" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00027.html" }, { "url": "http://www.openwall.com/lists/oss-security/2023/09/28/7" } ], "source": { "discovery": "UNKNOWN" }, "title": "Apache Tomcat Connectors: Unexpected use of first declared worker in mod_jk for unmapped request", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-41081", "datePublished": "2023-09-13T09:30:05.584Z", "dateReserved": "2023-08-22T18:35:12.615Z", "dateUpdated": "2024-09-25T17:21:30.509Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-23915
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-08-02 10:42
Severity ?
EPSS score ?
Summary
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.88.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T10:42:27.101Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1826048" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.88.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "Cleartext Transmission of Sensitive Information (CWE-319)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:31.422007", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1826048" }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-23915", "datePublished": "2023-02-23T00:00:00", "dateReserved": "2023-01-19T00:00:00", "dateUpdated": "2024-08-02T10:42:27.101Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31484
Vulnerability from cvelistv5
Published
2023-04-28 00:00
Modified
2024-08-02 14:53
Severity ?
EPSS score ?
Summary
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:cpanpm_project:cpanpm:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "cpanpm", "vendor": "cpanpm_project", "versions": [ { "lessThan": "2.35", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-31484", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-12T15:22:37.772694Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-12T15:24:40.047Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T14:53:30.804Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/04/18/14" }, { "tags": [ "x_transferred" ], "url": "https://github.com/andk/cpanpm/pull/175" }, { "tags": [ "x_transferred" ], "url": "https://metacpan.org/dist/CPAN/changes" }, { "name": "[oss-security] 20230429 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/29/1" }, { "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/03/3" }, { "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5" }, { "name": "[oss-security] 20230507 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2" }, { "name": "FEDORA-2023-1e5af38524", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/" }, { "name": "FEDORA-2023-46924e402a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:08:14.922685", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/" }, { "url": "https://www.openwall.com/lists/oss-security/2023/04/18/14" }, { "url": "https://github.com/andk/cpanpm/pull/175" }, { "url": "https://metacpan.org/dist/CPAN/changes" }, { "name": "[oss-security] 20230429 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/29/1" }, { "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/03/3" }, { "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5" }, { "name": "[oss-security] 20230507 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2" }, { "name": "FEDORA-2023-1e5af38524", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/" }, { "name": "FEDORA-2023-46924e402a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-31484", "datePublished": "2023-04-28T00:00:00", "dateReserved": "2023-04-28T00:00:00", "dateUpdated": "2024-08-02T14:53:30.804Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0466
Vulnerability from cvelistv5
Published
2023-03-28 14:30
Modified
2024-08-02 05:10
Severity ?
EPSS score ?
Summary
The function X509_VERIFY_PARAM_add0_policy() is documented to
implicitly enable the certificate policy check when doing certificate
verification. However the implementation of the function does not
enable the check which allows certificates with invalid or incorrect
policies to pass the certificate verification.
As suddenly enabling the policy check could break existing deployments it was
decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()
function.
Instead the applications that require OpenSSL to perform certificate
policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly
enable the policy check by calling X509_VERIFY_PARAM_set_flags() with
the X509_V_FLAG_POLICY_CHECK flag argument.
Certificate policy checks are disabled by default in OpenSSL and are not
commonly used by applications.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:10:56.167Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20230328.txt" }, { "name": "3.1.1 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061" }, { "name": "3.0.9 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908" }, { "name": "1.1.1u git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a" }, { "name": "1.0.2zh patch (premium)", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230414-0001/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5417" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/4" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-08" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "lessThan": "3.1.1", "status": "affected", "version": "3.1.0", "versionType": "semver" }, { "lessThan": "3.0.9", "status": "affected", "version": "3.0.0", "versionType": "semver" }, { "lessThan": "1.1.1u", "status": "affected", "version": "1.1.1", "versionType": "custom" }, { "lessThan": "1.0.2zh", "status": "affected", "version": "1.0.2", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "David Benjamin (Google)" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": "Tomas Mraz" } ], "datePublic": "2023-03-21T00:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does notenable the check which allows certificates with invalid or incorrect policies to pass the certificate verification.\u003cbr\u003eAs suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function.\u003cbr\u003eInstead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument.\u003cbr\u003eCertificate policy checks are disabled by default in OpenSSL and are not commonly used by applications." } ], "value": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications." } ], "metrics": [ { "format": "other", "other": { "content": { "text": "Low" }, "type": "https://www.openssl.org/policies/secpolicy.html" } } ], "problemTypes": [ { "descriptions": [ { "description": "improper certificate validation", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-28T14:30:49.595Z", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.openssl.org/news/secadv/20230328.txt" }, { "name": "3.1.1 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061" }, { "name": "3.0.9 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908" }, { "name": "1.1.1u git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a" }, { "name": "1.0.2zh patch (premium)", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72" }, { "url": "https://security.netapp.com/advisory/ntap-20230414-0001/" }, { "url": "https://www.debian.org/security/2023/dsa-5417" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "url": "http://www.openwall.com/lists/oss-security/2023/09/28/4" }, { "url": "https://security.gentoo.org/glsa/202402-08" } ], "source": { "discovery": "UNKNOWN" }, "title": "Certificate policy check not enabled", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2023-0466", "datePublished": "2023-03-28T14:30:49.595Z", "dateReserved": "2023-01-24T13:52:42.631Z", "dateUpdated": "2024-08-02T05:10:56.167Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0051
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-02 04:54
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T04:54:32.840Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/1c8686db-baa6-42dc-ba45-aed322802de9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c32949b0779106ed5710ae3bffc5053e49083ab4" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1144", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/1c8686db-baa6-42dc-ba45-aed322802de9" }, { "url": "https://github.com/vim/vim/commit/c32949b0779106ed5710ae3bffc5053e49083ab4" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "1c8686db-baa6-42dc-ba45-aed322802de9", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0051", "datePublished": "2023-01-04T00:00:00", "dateReserved": "2023-01-04T00:00:00", "dateUpdated": "2024-08-02T04:54:32.840Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4504
Vulnerability from cvelistv5
Published
2023-09-21 22:47
Modified
2024-08-02 07:31
Severity ?
EPSS score ?
Summary
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | OpenPrinting | CUPS |
Version: 0 ≤ |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:05.906Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "technical-description", "third-party-advisory", "x_transferred" ], "url": "https://takeonme.org/cves/CVE-2023-4504.html" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h" }, { "tags": [ "release-notes", "x_transferred" ], "url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "CUPS", "vendor": "OpenPrinting", "versions": [ { "lessThan": "2.4.6", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "libppd", "vendor": "OpenPrinting", "versions": [ { "lessThan": "d09348b", "status": "affected", "version": "0", "versionType": "git" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "zenofex" }, { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "WanderingGlitch" }, { "lang": "en", "type": "coordinator", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!" } ], "datePublic": "2023-09-20T12:35:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\u003c/span\u003e\u003cbr\u003e" } ], "value": "Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.\n" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": " CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-23T15:02:59.759Z", "orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA" }, "references": [ { "tags": [ "technical-description", "third-party-advisory" ], "url": "https://takeonme.org/cves/CVE-2023-4504.html" }, { "tags": [ "vendor-advisory" ], "url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6" }, { "tags": [ "vendor-advisory" ], "url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h" }, { "tags": [ "release-notes" ], "url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.7" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/" } ], "source": { "discovery": "EXTERNAL" }, "title": "OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "assignerShortName": "AHA", "cveId": "CVE-2023-4504", "datePublished": "2023-09-21T22:47:41.879Z", "dateReserved": "2023-08-23T21:14:04.183Z", "dateUpdated": "2024-08-02T07:31:05.906Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-31008
Vulnerability from cvelistv5
Published
2022-10-06 00:00
Modified
2024-08-03 07:03
Severity ?
EPSS score ?
Summary
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. Patched versions correctly use a cluster-wide secret for that purpose. This issue has been addressed and Patched versions: `3.10.2`, `3.9.18`, `3.8.32` are available. Users unable to upgrade should disable the Shovel and Federation plugins.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | rabbitmq | rabbitmq-server |
Version: < 3.8.32 Version: >= 3.9.0, < 3.9.18 Version: >= 3.10.0, < 3.10.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:03:40.269Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-v9gv-xp36-jgj8" }, { "tags": [ "x_transferred" ], "url": "https://github.com/rabbitmq/rabbitmq-server/pull/4841" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "rabbitmq-server", "vendor": "rabbitmq", "versions": [ { "status": "affected", "version": "\u003c 3.8.32" }, { "status": "affected", "version": "\u003e= 3.9.0, \u003c 3.9.18" }, { "status": "affected", "version": "\u003e= 3.10.0, \u003c 3.10.2" } ] } ], "descriptions": [ { "lang": "en", "value": "RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. Patched versions correctly use a cluster-wide secret for that purpose. This issue has been addressed and Patched versions: `3.10.2`, `3.9.18`, `3.8.32` are available. Users unable to upgrade should disable the Shovel and Federation plugins." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-330", "description": "CWE-330: Use of Insufficiently Random Values", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-11T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-v9gv-xp36-jgj8" }, { "url": "https://github.com/rabbitmq/rabbitmq-server/pull/4841" } ], "source": { "advisory": "GHSA-v9gv-xp36-jgj8", "discovery": "UNKNOWN" }, "title": "Predictable credential obfuscation seed value used in rabbitmq-server" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-31008", "datePublished": "2022-10-06T00:00:00", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2024-08-03T07:03:40.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32002
Vulnerability from cvelistv5
Published
2023-08-21 16:52
Modified
2024-10-04 17:44
Severity ?
EPSS score ?
Summary
The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.
This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x.
Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.656Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1960870" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230915-0009/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "nodejs", "vendor": "nodejs", "versions": [ { "lessThanOrEqual": "16.20.1", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "18.17.0", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "20.5.0", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-32002", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-04T17:40:10.215330Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-04T17:44:59.121Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThanOrEqual": "20.5.0", "status": "affected", "version": "20.5.0", "versionType": "semver" }, { "lessThanOrEqual": "18.17.0", "status": "affected", "version": "18.17.0", "versionType": "semver" }, { "lessThanOrEqual": "16.20.1", "status": "affected", "version": "16.20.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.\n\nThis vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2023-08-21T16:52:42.147Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1960870" }, { "url": "https://security.netapp.com/advisory/ntap-20230915-0009/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-32002", "datePublished": "2023-08-21T16:52:42.147Z", "dateReserved": "2023-05-01T01:00:12.220Z", "dateUpdated": "2024-10-04T17:44:59.121Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3195
Vulnerability from cvelistv5
Published
2023-06-16 00:00
Modified
2024-12-03 16:24
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | ImageMagick |
Version: Fixed in ImageMagick 6.9.12-26, ImageMagick 7.1.0-11 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:48:08.287Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214141" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/05/29/1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-3195" }, { "name": "FEDORA-2023-27548af422", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/" }, { "name": "FEDORA-2023-edbdccae2a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-3195", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-03T16:23:59.631518Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-03T16:24:31.268Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ImageMagick", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in ImageMagick 6.9.12-26, ImageMagick 7.1.0-11" } ] } ], "descriptions": [ { "lang": "en", "value": "A stack-based buffer overflow issue was found in ImageMagick\u0027s coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 - Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-31T02:07:15.420160", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214141" }, { "url": "https://www.openwall.com/lists/oss-security/2023/05/29/1" }, { "url": "https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023" }, { "url": "https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-3195" }, { "name": "FEDORA-2023-27548af422", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/" }, { "name": "FEDORA-2023-edbdccae2a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-3195", "datePublished": "2023-06-16T00:00:00", "dateReserved": "2023-06-12T00:00:00", "dateUpdated": "2024-12-03T16:24:31.268Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-43622
Vulnerability from cvelistv5
Published
2023-10-23 06:50
Modified
2024-09-17 14:19
Severity ?
EPSS score ?
Summary
An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern.
This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.
This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.
Users are recommended to upgrade to version 2.4.58, which fixes the issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 2.4.55 ≤ 2.4.57 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:44:43.773Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-43622", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-11T16:02:28.689513Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T14:19:24.281Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.57", "status": "affected", "version": "2.4.55", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Prof. Sven Dietrich (City University of New York)" }, { "lang": "en", "type": "finder", "value": "Isa Jafarov (City University of New York)" }, { "lang": "en", "type": "finder", "value": "Prof. Heejo Lee (Korea University)" }, { "lang": "en", "type": "finder", "value": "Choongin Lee (Korea University)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\u003cbr\u003e\u003cp\u003eThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\u003c/p\u003e" } ], "value": "An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\n\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\n\n" } ], "metrics": [ { "other": { "content": { "text": "low" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-23T06:50:51.555Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" } ], "source": { "discovery": "EXTERNAL" }, "timeline": [ { "lang": "en", "time": "2023-09-15T09:51:00.000Z", "value": "reported" } ], "title": "Apache HTTP Server: DoS in HTTP/2 with initial windows size 0", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-43622", "datePublished": "2023-10-23T06:50:51.555Z", "dateReserved": "2023-09-20T07:45:21.299Z", "dateUpdated": "2024-09-17T14:19:24.281Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-5715
Vulnerability from cvelistv5
Published
2018-01-04 13:00
Modified
2024-09-17 03:28
Severity ?
EPSS score ?
Summary
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Intel Corporation | Microprocessors with Speculative Execution |
Version: All |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T15:11:48.456Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609" }, { "name": "USN-3560-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3560-1/" }, { "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html" }, { "name": "DSA-4187", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4187" }, { "name": "USN-3542-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3542-2/" }, { "name": "GLSA-201810-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201810-06" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "USN-3540-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3540-2/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002" }, { "name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" }, { "name": "USN-3597-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3597-1/" }, { "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html" }, { "name": "SUSE-SU-2018:0012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html" }, { "name": "SUSE-SU-2018:0011", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html" }, { "name": "DSA-4213", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4213" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert.vde.com/en-us/advisories/vde-2018-002" }, { "name": "DSA-4120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4120" }, { "name": "openSUSE-SU-2018:0013", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html" }, { "name": "USN-3580-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3580-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/csp/article/K91229003" }, { "name": "USN-3531-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3531-3/" }, { "name": "USN-3620-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3620-2/" }, { "name": "openSUSE-SU-2018:0022", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html" }, { "name": "USN-3582-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3582-1/" }, { "name": "DSA-4188", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4188" }, { "name": "RHSA-2018:0292", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0292" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://xenbits.xen.org/xsa/advisory-254.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20180104-0001/" }, { "name": "SUSE-SU-2018:0019", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.synology.com/support/security/Synology_SA_18_01" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt" }, { "name": "102376", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102376" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability" }, { "name": "USN-3594-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3594-1/" }, { "name": "VU#584653", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/584653" }, { "name": "VU#180049", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/180049" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert.vde.com/en-us/advisories/vde-2018-003" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "SUSE-SU-2018:0009", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html" }, { "name": "USN-3690-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3690-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html" }, { "name": "USN-3549-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3549-1/" }, { "name": "SUSE-SU-2018:0007", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX231399" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://spectreattack.com/" }, { "name": "USN-3531-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3531-1/" }, { "name": "FreeBSD-SA-18:03", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/" }, { "name": "SUSE-SU-2018:0006", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html" }, { "name": "USN-3581-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3581-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/" }, { "name": "1040071", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040071" }, { "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr" }, { "name": "USN-3597-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3597-2/" }, { "name": "USN-3581-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3581-2/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614" }, { "name": "SUSE-SU-2018:0010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html" }, { "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html" }, { "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel" }, { "name": "USN-3516-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/usn/usn-3516-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html" }, { "name": "43427", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/43427/" }, { "name": "SUSE-SU-2018:0020", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html" }, { "name": "USN-3541-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3541-2/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.lenovo.com/us/en/solutions/LEN-18282" }, { "name": "USN-3777-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3777-3/" }, { "name": "openSUSE-SU-2018:0023", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html" }, { "name": "SUSE-SU-2018:0008", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613" }, { "name": "USN-3561-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3561-1/" }, { "name": "USN-3582-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3582-2/" }, { "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/36" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf" }, { "name": "FreeBSD-SA-19:26", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc" }, { "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Nov/16" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.paloaltonetworks.com/CVE-2017-5715" }, { "name": "[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html" }, { "name": "[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Microprocessors with Speculative Execution", "vendor": "Intel Corporation", "versions": [ { "status": "affected", "version": "All" } ] } ], "datePublic": "2018-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-16T08:06:27", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609" }, { "name": "USN-3560-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3560-1/" }, { "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html" }, { "name": "DSA-4187", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4187" }, { "name": "USN-3542-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3542-2/" }, { "name": "GLSA-201810-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201810-06" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "USN-3540-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3540-2/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002" }, { "name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" }, { "name": "USN-3597-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3597-1/" }, { "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html" }, { "name": "SUSE-SU-2018:0012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html" }, { "name": "SUSE-SU-2018:0011", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611" }, { "tags": [ "x_refsource_MISC" ], "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html" }, { "name": "DSA-4213", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4213" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert.vde.com/en-us/advisories/vde-2018-002" }, { "name": "DSA-4120", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4120" }, { "name": "openSUSE-SU-2018:0013", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html" }, { "name": "USN-3580-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3580-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/csp/article/K91229003" }, { "name": "USN-3531-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3531-3/" }, { "name": "USN-3620-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3620-2/" }, { "name": "openSUSE-SU-2018:0022", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html" }, { "name": "USN-3582-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3582-1/" }, { "name": "DSA-4188", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4188" }, { "name": "RHSA-2018:0292", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0292" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://xenbits.xen.org/xsa/advisory-254.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20180104-0001/" }, { "name": "SUSE-SU-2018:0019", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.synology.com/support/security/Synology_SA_18_01" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt" }, { "name": "102376", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102376" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability" }, { "name": "USN-3594-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3594-1/" }, { "name": "VU#584653", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/584653" }, { "name": "VU#180049", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/180049" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert.vde.com/en-us/advisories/vde-2018-003" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "SUSE-SU-2018:0009", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html" }, { "name": "USN-3690-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3690-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html" }, { "name": "USN-3549-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3549-1/" }, { "name": "SUSE-SU-2018:0007", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX231399" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://spectreattack.com/" }, { "name": "USN-3531-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3531-1/" }, { "name": "FreeBSD-SA-18:03", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/" }, { "name": "SUSE-SU-2018:0006", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html" }, { "name": "USN-3581-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3581-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/" }, { "name": "1040071", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040071" }, { "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr" }, { "name": "USN-3597-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3597-2/" }, { "name": "USN-3581-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3581-2/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614" }, { "name": "SUSE-SU-2018:0010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html" }, { "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html" }, { "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel" }, { "name": "USN-3516-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/usn/usn-3516-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html" }, { "name": "43427", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/43427/" }, { "name": "SUSE-SU-2018:0020", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html" }, { "name": "USN-3541-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3541-2/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.lenovo.com/us/en/solutions/LEN-18282" }, { "name": "USN-3777-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3777-3/" }, { "name": "openSUSE-SU-2018:0023", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html" }, { "name": "SUSE-SU-2018:0008", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613" }, { "name": "USN-3561-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3561-1/" }, { "name": "USN-3582-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3582-2/" }, { "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/36" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf" }, { "name": "FreeBSD-SA-19:26", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc" }, { "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Nov/16" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.paloaltonetworks.com/CVE-2017-5715" }, { "name": "[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html" }, { "name": "[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "DATE_PUBLIC": "2018-01-03T00:00:00", "ID": "CVE-2017-5715", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microprocessors with Speculative Execution", "version": { "version_data": [ { "version_value": "All" } ] } } ] }, "vendor_name": "Intel Corporation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609" }, { "name": "USN-3560-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3560-1/" }, { "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html" }, { "name": "DSA-4187", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4187" }, { "name": "USN-3542-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3542-2/" }, { "name": "GLSA-201810-06", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201810-06" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "USN-3540-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3540-2/" }, { "name": "https://access.redhat.com/security/vulnerabilities/speculativeexecution", "refsource": "CONFIRM", "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution" }, { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002" }, { "name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" }, { "name": "USN-3597-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3597-1/" }, { "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html" }, { "name": "SUSE-SU-2018:0012", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html" }, { "name": "SUSE-SU-2018:0011", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html" }, { "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611" }, { "name": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "refsource": "MISC", "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html" }, { "name": "DSA-4213", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4213" }, { "name": "https://cert.vde.com/en-us/advisories/vde-2018-002", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2018-002" }, { "name": "DSA-4120", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4120" }, { "name": "openSUSE-SU-2018:0013", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html" }, { "name": "USN-3580-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3580-1/" }, { "name": "https://support.f5.com/csp/article/K91229003", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K91229003" }, { "name": "USN-3531-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3531-3/" }, { "name": "USN-3620-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3620-2/" }, { "name": "openSUSE-SU-2018:0022", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html" }, { "name": "USN-3582-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3582-1/" }, { "name": "DSA-4188", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4188" }, { "name": "RHSA-2018:0292", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0292" }, { "name": "http://xenbits.xen.org/xsa/advisory-254.html", "refsource": "CONFIRM", "url": "http://xenbits.xen.org/xsa/advisory-254.html" }, { "name": "https://security.netapp.com/advisory/ntap-20180104-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180104-0001/" }, { "name": "SUSE-SU-2018:0019", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html" }, { "name": "https://www.synology.com/support/security/Synology_SA_18_01", "refsource": "CONFIRM", "url": "https://www.synology.com/support/security/Synology_SA_18_01" }, { "name": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html" }, { "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt", "refsource": "CONFIRM", "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt" }, { "name": "102376", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102376" }, { "name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", "refsource": "CONFIRM", "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability" }, { "name": "USN-3594-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3594-1/" }, { "name": "VU#584653", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/584653" }, { "name": "VU#180049", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/180049" }, { "name": "https://cert.vde.com/en-us/advisories/vde-2018-003", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2018-003" }, { "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" }, { "name": "SUSE-SU-2018:0009", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html" }, { "name": "USN-3690-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3690-1/" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us" }, { "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001", "refsource": "CONFIRM", "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us" }, { "name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html", "refsource": "CONFIRM", "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html" }, { "name": "USN-3549-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3549-1/" }, { "name": "SUSE-SU-2018:0007", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html" }, { "name": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/", "refsource": "CONFIRM", "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/" }, { "name": "https://support.citrix.com/article/CTX231399", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX231399" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "name": "https://spectreattack.com/", "refsource": "MISC", "url": "https://spectreattack.com/" }, { "name": "USN-3531-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3531-1/" }, { "name": "FreeBSD-SA-18:03", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc" }, { "name": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/", "refsource": "CONFIRM", "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/" }, { "name": "SUSE-SU-2018:0006", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html" }, { "name": "USN-3581-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3581-1/" }, { "name": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/", "refsource": "CONFIRM", "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/" }, { "name": "1040071", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040071" }, { "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html" }, { "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr", "refsource": "CONFIRM", "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr" }, { "name": "USN-3597-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3597-2/" }, { "name": "USN-3581-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3581-2/" }, { "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614" }, { "name": "SUSE-SU-2018:0010", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html" }, { "name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html" }, { "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel" }, { "name": "USN-3516-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/usn/usn-3516-1/" }, { "name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html", "refsource": "CONFIRM", "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html" }, { "name": "43427", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/43427/" }, { "name": "SUSE-SU-2018:0020", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html" }, { "name": "USN-3541-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3541-2/" }, { "name": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "refsource": "MISC", "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html" }, { "name": "https://support.lenovo.com/us/en/solutions/LEN-18282", "refsource": "CONFIRM", "url": "https://support.lenovo.com/us/en/solutions/LEN-18282" }, { "name": "USN-3777-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3777-3/" }, { "name": "openSUSE-SU-2018:0023", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html" }, { "name": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html", "refsource": "CONFIRM", "url": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html" }, { "name": "SUSE-SU-2018:0008", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html" }, { "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613" }, { "name": "USN-3561-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3561-1/" }, { "name": "USN-3582-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3582-2/" }, { "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jun/36" }, { "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt", "refsource": "CONFIRM", "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf" }, { "name": "FreeBSD-SA-19:26", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc" }, { "name": "20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Nov/16" }, { "name": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html" }, { "name": "https://security.paloaltonetworks.com/CVE-2017-5715", "refsource": "CONFIRM", "url": "https://security.paloaltonetworks.com/CVE-2017-5715" }, { "name": "[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html" }, { "name": "[debian-lts-announce] 20210816 [SECURITY] [DLA 2743-1] amd64-microcode security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2017-5715", "datePublished": "2018-01-04T13:00:00Z", "dateReserved": "2017-02-01T00:00:00", "dateUpdated": "2024-09-17T03:28:57.728Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30584
Vulnerability from cvelistv5
Published
2024-09-07 16:00
Modified
2024-11-08 15:02
Severity ?
EPSS score ?
Summary
A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of path traversal bypass when verifying file permissions.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "nodejs", "vendor": "nodejs", "versions": [ { "lessThan": "20.3.1", "status": "affected", "version": "20.0", "versionType": "semver" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-30584", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-09T18:33:59.599744Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-09T18:35:30.116Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-11-08T15:02:45.393Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20241108-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThan": "20.3.1", "status": "affected", "version": "20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of path traversal bypass when verifying file permissions.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2024-09-07T16:00:35.915Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30584", "datePublished": "2024-09-07T16:00:35.915Z", "dateReserved": "2023-04-13T01:00:12.085Z", "dateUpdated": "2024-11-08T15:02:45.393Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4899
Vulnerability from cvelistv5
Published
2023-03-31 00:00
Modified
2024-08-03 01:55
Severity ?
EPSS score ?
Summary
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:55:46.209Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/facebook/zstd/issues/3200" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230725-0005/" }, { "name": "FEDORA-2023-9ccff0b1b7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/" }, { "name": "FEDORA-2023-492105ed08", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/" }, { "name": "FEDORA-2023-a9283d639f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "zstd", "vendor": "n/a", "versions": [ { "status": "affected", "version": "zstd 1.5.4" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-16T03:06:48.479011", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://github.com/facebook/zstd/issues/3200" }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0005/" }, { "name": "FEDORA-2023-9ccff0b1b7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/" }, { "name": "FEDORA-2023-492105ed08", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/" }, { "name": "FEDORA-2023-a9283d639f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-4899", "datePublished": "2023-03-31T00:00:00", "dateReserved": "2023-01-31T00:00:00", "dateUpdated": "2024-08-03T01:55:46.209Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28321
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.1.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:24.939Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1950627" }, { "name": "FEDORA-2023-37eac50e9b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "name": "FEDORA-2023-8ed627bb04", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213843" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" }, { "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "name": "[debian-lts-announce] 20231011 [SECURITY] [DLA 3613-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.1.0" } ] } ], "descriptions": [ { "lang": "en", "value": "An improper certificate validation vulnerability exists in curl \u003cv8.1.0 in the way it supports matching of wildcard patterns when listed as \"Subject Alternative Name\" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-295", "description": "Improper Certificate Validation (CWE-295)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T14:06:17.325081", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1950627" }, { "name": "FEDORA-2023-37eac50e9b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "name": "FEDORA-2023-8ed627bb04", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" }, { "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "name": "[debian-lts-announce] 20231011 [SECURITY] [DLA 3613-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-28321", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-03-14T00:00:00", "dateUpdated": "2024-08-02T12:38:24.939Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2650
Vulnerability from cvelistv5
Published
2023-05-30 13:40
Modified
2024-08-02 06:26
Severity ?
EPSS score ?
Summary
Issue summary: Processing some specially crafted ASN.1 object identifiers or
data containing them may be very slow.
Impact summary: Applications that use OBJ_obj2txt() directly, or use any of
the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message
size limit may experience notable to very long delays when processing those
messages, which may lead to a Denial of Service.
An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -
most of which have no size limit. OBJ_obj2txt() may be used to translate
an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL
type ASN1_OBJECT) to its canonical numeric text form, which are the
sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by
periods.
When one of the sub-identifiers in the OBJECT IDENTIFIER is very large
(these are sizes that are seen as absurdly large, taking up tens or hundreds
of KiBs), the translation to a decimal number in text may take a very long
time. The time complexity is O(n^2) with 'n' being the size of the
sub-identifiers in bytes (*).
With OpenSSL 3.0, support to fetch cryptographic algorithms using names /
identifiers in string form was introduced. This includes using OBJECT
IDENTIFIERs in canonical numeric text form as identifiers for fetching
algorithms.
Such OBJECT IDENTIFIERs may be received through the ASN.1 structure
AlgorithmIdentifier, which is commonly used in multiple protocols to specify
what cryptographic algorithm should be used to sign or verify, encrypt or
decrypt, or digest passed data.
Applications that call OBJ_obj2txt() directly with untrusted data are
affected, with any version of OpenSSL. If the use is for the mere purpose
of display, the severity is considered low.
In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,
CMS, CMP/CRMF or TS. It also impacts anything that processes X.509
certificates, including simple things like verifying its signature.
The impact on TLS is relatively low, because all versions of OpenSSL have a
100KiB limit on the peer's certificate chain. Additionally, this only
impacts clients, or servers that have explicitly enabled client
authentication.
In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,
such as X.509 certificates. This is assumed to not happen in such a way
that it would cause a Denial of Service, so these versions are considered
not affected by this issue in such a way that it would be cause for concern,
and the severity is therefore considered low.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:26:09.899Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20230530.txt" }, { "name": "3.1.1 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a" }, { "name": "3.0.9 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b" }, { "name": "1.1.1u git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098" }, { "name": "1.0.2zh patch (premium)", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/30/1" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5417" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "tags": [ "x_transferred" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230703-0001/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0009/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-08" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "lessThan": "3.1.1", "status": "affected", "version": "3.1.1", "versionType": "semver" }, { "lessThan": "3.0.9", "status": "affected", "version": "3.0.0", "versionType": "semver" }, { "lessThan": "1.1.1u", "status": "affected", "version": "1.1.1", "versionType": "custom" }, { "lessThan": "1.0.2zh", "status": "affected", "version": "1.0.2", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "OSSFuzz" }, { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Matt Caswell" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": "Richard Levitte" } ], "datePublic": "2023-05-30T00:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\u003cbr\u003edata containing them may be very slow.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\u003cbr\u003ethe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\u003cbr\u003esize limit may experience notable to very long delays when processing those\u003cbr\u003emessages, which may lead to a Denial of Service.\u003cbr\u003e\u003cbr\u003eAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\u003cbr\u003emost of which have no size limit. OBJ_obj2txt() may be used to translate\u003cbr\u003ean ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\u003cbr\u003etype ASN1_OBJECT) to its canonical numeric text form, which are the\u003cbr\u003esub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\u003cbr\u003eperiods.\u003cbr\u003e\u003cbr\u003eWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\u003cbr\u003e(these are sizes that are seen as absurdly large, taking up tens or hundreds\u003cbr\u003eof KiBs), the translation to a decimal number in text may take a very long\u003cbr\u003etime. The time complexity is O(n^2) with \u0027n\u0027 being the size of the\u003cbr\u003esub-identifiers in bytes (*).\u003cbr\u003e\u003cbr\u003eWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\u003cbr\u003eidentifiers in string form was introduced. This includes using OBJECT\u003cbr\u003eIDENTIFIERs in canonical numeric text form as identifiers for fetching\u003cbr\u003ealgorithms.\u003cbr\u003e\u003cbr\u003eSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\u003cbr\u003eAlgorithmIdentifier, which is commonly used in multiple protocols to specify\u003cbr\u003ewhat cryptographic algorithm should be used to sign or verify, encrypt or\u003cbr\u003edecrypt, or digest passed data.\u003cbr\u003e\u003cbr\u003eApplications that call OBJ_obj2txt() directly with untrusted data are\u003cbr\u003eaffected, with any version of OpenSSL. If the use is for the mere purpose\u003cbr\u003eof display, the severity is considered low.\u003cbr\u003e\u003cbr\u003eIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\u003cbr\u003eCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\u003cbr\u003ecertificates, including simple things like verifying its signature.\u003cbr\u003e\u003cbr\u003eThe impact on TLS is relatively low, because all versions of OpenSSL have a\u003cbr\u003e100KiB limit on the peer\u0027s certificate chain. Additionally, this only\u003cbr\u003eimpacts clients, or servers that have explicitly enabled client\u003cbr\u003eauthentication.\u003cbr\u003e\u003cbr\u003eIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\u003cbr\u003esuch as X.509 certificates. This is assumed to not happen in such a way\u003cbr\u003ethat it would cause a Denial of Service, so these versions are considered\u003cbr\u003enot affected by this issue in such a way that it would be cause for concern,\u003cbr\u003eand the severity is therefore considered low." } ], "value": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit. OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime. The time complexity is O(n^2) with \u0027n\u0027 being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced. This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL. If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer\u0027s certificate chain. Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates. This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low." } ], "metrics": [ { "format": "other", "other": { "content": { "text": "Moderate" }, "type": "https://www.openssl.org/policies/general/security-policy.html" } } ], "problemTypes": [ { "descriptions": [ { "description": "inefficient algorithmic complexity", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-30T13:40:11.963Z", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.openssl.org/news/secadv/20230530.txt" }, { "name": "3.1.1 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a" }, { "name": "3.0.9 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b" }, { "name": "1.1.1u git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098" }, { "name": "1.0.2zh patch (premium)", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c" }, { "url": "http://www.openwall.com/lists/oss-security/2023/05/30/1" }, { "url": "https://www.debian.org/security/2023/dsa-5417" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009" }, { "url": "https://security.netapp.com/advisory/ntap-20230703-0001/" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0009/" }, { "url": "https://security.gentoo.org/glsa/202402-08" } ], "source": { "discovery": "UNKNOWN" }, "title": "Possible DoS translating ASN.1 object identifiers", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2023-2650", "datePublished": "2023-05-30T13:40:11.963Z", "dateReserved": "2023-05-11T06:09:26.543Z", "dateUpdated": "2024-08-02T06:26:09.899Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0668
Vulnerability from cvelistv5
Published
2023-06-07 02:32
Modified
2024-08-02 05:17
Severity ?
EPSS score ?
Summary
Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
References
▼ | URL | Tags |
---|---|---|
https://takeonme.org/cves/CVE-2023-0668.html | third-party-advisory | |
https://gitlab.com/wireshark/wireshark/-/issues/19087 | issue-tracking | |
https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html | release-notes | |
https://www.wireshark.org/security/wnpa-sec-2023-19.html | vendor-advisory | |
https://www.debian.org/security/2023/dsa-5429 | ||
https://security.gentoo.org/glsa/202309-02 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Wireshark Foundation | Wireshark |
Version: 4.0.0 ≤ 4.0.5 Version: 3.6.0 ≤ 3.6.13 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:17:50.341Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://takeonme.org/cves/CVE-2023-0668.html" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19087" }, { "tags": [ "release-notes", "x_transferred" ], "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-19.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [ { "lessThanOrEqual": "4.0.5", "status": "affected", "version": "4.0.0", "versionType": "semver" }, { "status": "unaffected", "version": "4.0.6" }, { "lessThanOrEqual": "3.6.13", "status": "affected", "version": "3.6.0", "versionType": "semver" }, { "status": "unaffected", "version": "3.6.14" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "zenofex" }, { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "WanderingGlitch" }, { "lang": "en", "type": "coordinator", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!" } ], "datePublic": "2023-05-22T19:04:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark." } ], "value": "Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark." } ], "impacts": [ { "capecId": "CAPEC-540", "descriptions": [ { "lang": "en", "value": "CAPEC-540 Overread Buffers" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-08T13:00:53.650Z", "orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://takeonme.org/cves/CVE-2023-0668.html" }, { "tags": [ "issue-tracking" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19087" }, { "tags": [ "release-notes" ], "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html" }, { "tags": [ "vendor-advisory" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-19.html" }, { "url": "https://www.debian.org/security/2023/dsa-5429" }, { "url": "https://security.gentoo.org/glsa/202309-02" } ], "source": { "discovery": "EXTERNAL" }, "title": "Wireshark IEEE-C37.118 parsing buffer overflow", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "assignerShortName": "AHA", "cveId": "CVE-2023-0668", "datePublished": "2023-06-07T02:32:45.095Z", "dateReserved": "2023-02-03T22:08:47.155Z", "dateUpdated": "2024-08-02T05:17:50.341Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4046
Vulnerability from cvelistv5
Published
2023-08-01 14:57
Modified
2024-10-22 15:29
Severity ?
EPSS score ?
Summary
In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:11.628Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1837686" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5464" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5469" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4046", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T15:25:12.959875Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-22T15:29:04.164Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Alexander Guryanov" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "value": "In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Incorrect value used during WASM compilation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-01T14:57:07.564Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1837686" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.debian.org/security/2023/dsa-5464" }, { "url": "https://www.debian.org/security/2023/dsa-5469" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4046", "datePublished": "2023-08-01T14:57:07.564Z", "dateReserved": "2023-08-01T14:56:56.562Z", "dateUpdated": "2024-10-22T15:29:04.164Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28320
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.1.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:24.752Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1929597" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213843" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" }, { "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.1.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability exists in curl \u003cv8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "Denial of Service (CWE-400)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:23.211995", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1929597" }, { "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-28320", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-03-14T00:00:00", "dateUpdated": "2024-08-02T12:38:24.752Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-23916
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-08-02 10:42
Severity ?
EPSS score ?
Summary
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.88.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T10:42:26.847Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1826048" }, { "name": "[debian-lts-announce] 20230224 [SECURITY] [DLA 3341-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" }, { "name": "FEDORA-2023-94df30cbec", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/" }, { "name": "DSA-5365", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5365" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.88.0" } ] } ], "descriptions": [ { "lang": "en", "value": "An allocation of resources without limits or throttling vulnerability exists in curl \u003cv7.88.0 based on the \"chained\" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable \"links\" in this \"decompression chain\" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a \"malloc bomb\", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling (CWE-770)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:40.617377", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1826048" }, { "name": "[debian-lts-announce] 20230224 [SECURITY] [DLA 3341-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" }, { "name": "FEDORA-2023-94df30cbec", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/" }, { "name": "DSA-5365", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5365" }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-23916", "datePublished": "2023-02-23T00:00:00", "dateReserved": "2023-01-19T00:00:00", "dateUpdated": "2024-08-02T10:42:26.847Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-22043
Vulnerability from cvelistv5
Published
2023-07-18 20:18
Modified
2024-09-13 16:43
Severity ?
EPSS score ?
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u371 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:59:28.669Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-22043", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-13T16:29:03.333200Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-13T16:43:55.937Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u371" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in Oracle Java SE (component: JavaFX). The supported version that is affected is Oracle Java SE: 8u371. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE accessible data.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-18T20:18:26.769Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-22043", "datePublished": "2023-07-18T20:18:26.769Z", "dateReserved": "2022-12-17T19:26:00.754Z", "dateUpdated": "2024-09-13T16:43:55.937Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28879
Vulnerability from cvelistv5
Published
2023-03-31 00:00
Modified
2024-08-02 13:51
Severity ?
EPSS score ?
Summary
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:51:38.670Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706494" }, { "tags": [ "x_transferred" ], "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=37ed5022cecd584de868933b5b60da2e995b3179" }, { "tags": [ "x_transferred" ], "url": "https://ghostscript.readthedocs.io/en/latest/News.html" }, { "name": "[debian-lts-announce] 20230404 [SECURITY] [DLA 3381-1] ghostscript security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00003.html" }, { "name": "DSA-5383", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5383" }, { "name": "FEDORA-2023-f51bc947bb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CI6UCKM3XMK7PYNIRGAVDJ5VKN6XYZOE/" }, { "name": "[oss-security] 20230412 Ghostscript CVE-2023-28879: \"Shell in the Ghost\"", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/12/4" }, { "name": "FEDORA-2023-fbf86d8916", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHJX62KSRIOBZA6FKONMJP7MEFY7LTH2/" }, { "name": "FEDORA-2023-366850fc87", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MADLP3GWJFLLFVNZGEDNPMDQR6CCXAHN/" }, { "name": "GLSA-202309-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-03" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-17T06:06:38.404811", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706494" }, { "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=37ed5022cecd584de868933b5b60da2e995b3179" }, { "url": "https://ghostscript.readthedocs.io/en/latest/News.html" }, { "name": "[debian-lts-announce] 20230404 [SECURITY] [DLA 3381-1] ghostscript security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00003.html" }, { "name": "DSA-5383", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5383" }, { "name": "FEDORA-2023-f51bc947bb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CI6UCKM3XMK7PYNIRGAVDJ5VKN6XYZOE/" }, { "name": "[oss-security] 20230412 Ghostscript CVE-2023-28879: \"Shell in the Ghost\"", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/12/4" }, { "name": "FEDORA-2023-fbf86d8916", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHJX62KSRIOBZA6FKONMJP7MEFY7LTH2/" }, { "name": "FEDORA-2023-366850fc87", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MADLP3GWJFLLFVNZGEDNPMDQR6CCXAHN/" }, { "name": "GLSA-202309-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202309-03" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-28879", "datePublished": "2023-03-31T00:00:00", "dateReserved": "2023-03-27T00:00:00", "dateUpdated": "2024-08-02T13:51:38.670Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30588
Vulnerability from cvelistv5
Published
2023-11-28 19:15
Modified
2024-08-02 14:28
Severity ?
EPSS score ?
Summary
When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario. This vulnerability affects all active Node.js versions v16, v18, and, v20.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:28:51.603Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThan": "16.20.1", "status": "affected", "version": "16.20.1", "versionType": "semver" }, { "lessThan": "18.16.1", "status": "affected", "version": "18.16.1", "versionType": "semver" }, { "lessThan": "20.3.1", "status": "affected", "version": "20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario. This vulnerability affects all active Node.js versions v16, v18, and, v20." } ], "providerMetadata": { "dateUpdated": "2023-11-28T19:15:19.430Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30588", "datePublished": "2023-11-28T19:15:19.430Z", "dateReserved": "2023-04-13T01:00:12.086Z", "dateUpdated": "2024-08-02T14:28:51.603Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-24329
Vulnerability from cvelistv5
Published
2023-02-17 00:00
Modified
2024-08-02 10:56
Severity ?
EPSS score ?
Summary
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T10:56:03.505Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://pointernull.com/security/python-url-parse-problem.html" }, { "tags": [ "x_transferred" ], "url": "https://github.com/python/cpython/pull/99421" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230324-0004/" }, { "name": "FEDORA-2023-b3a3df39dd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/" }, { "name": "FEDORA-2023-406c1c6ed7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/" }, { "name": "FEDORA-2023-1092538441", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/" }, { "name": "FEDORA-2023-63c69aa712", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/" }, { "name": "FEDORA-2023-96aa33f0d3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/" }, { "name": "FEDORA-2023-953c2607d8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/" }, { "name": "FEDORA-2023-2b25dd2a11", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/" }, { "name": "FEDORA-2023-994ecd7dbc", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/" }, { "name": "FEDORA-2023-690e150a39", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/" }, { "name": "FEDORA-2023-81bb8e3b99", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/" }, { "name": "FEDORA-2023-d8b0003ecd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/" }, { "name": "FEDORA-2023-56cefa23df", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/python/cpython/issues/102153" }, { "name": "FEDORA-2023-31888c4781", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/" }, { "name": "FEDORA-2023-acdfd145f2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/" }, { "name": "FEDORA-2023-03599274db", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/" }, { "name": "FEDORA-2023-b854908745", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/" }, { "name": "FEDORA-2023-d294ef140e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/" }, { "name": "FEDORA-2023-309cadedc6", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/" }, { "name": "FEDORA-2023-401947eb94", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/" }, { "name": "FEDORA-2023-f52390b9d2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/" }, { "name": "FEDORA-2023-dd526ed2e4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/" }, { "name": "VU#127587", "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/127587" }, { "name": "[debian-lts-announce] 20230920 [SECURITY] [DLA 3575-1] python2.7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-20T21:06:19.477131", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://pointernull.com/security/python-url-parse-problem.html" }, { "url": "https://github.com/python/cpython/pull/99421" }, { "url": "https://security.netapp.com/advisory/ntap-20230324-0004/" }, { "name": "FEDORA-2023-b3a3df39dd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/" }, { "name": "FEDORA-2023-406c1c6ed7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/" }, { "name": "FEDORA-2023-1092538441", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/" }, { "name": "FEDORA-2023-63c69aa712", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/" }, { "name": "FEDORA-2023-96aa33f0d3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/" }, { "name": "FEDORA-2023-953c2607d8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/" }, { "name": "FEDORA-2023-2b25dd2a11", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/" }, { "name": "FEDORA-2023-994ecd7dbc", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/" }, { "name": "FEDORA-2023-690e150a39", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/" }, { "name": "FEDORA-2023-81bb8e3b99", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/" }, { "name": "FEDORA-2023-d8b0003ecd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/" }, { "name": "FEDORA-2023-56cefa23df", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/" }, { "url": "https://github.com/python/cpython/issues/102153" }, { "name": "FEDORA-2023-31888c4781", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/" }, { "name": "FEDORA-2023-acdfd145f2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/" }, { "name": "FEDORA-2023-03599274db", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/" }, { "name": "FEDORA-2023-b854908745", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/" }, { "name": "FEDORA-2023-d294ef140e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/" }, { "name": "FEDORA-2023-309cadedc6", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/" }, { "name": "FEDORA-2023-401947eb94", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/" }, { "name": "FEDORA-2023-f52390b9d2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/" }, { "name": "FEDORA-2023-dd526ed2e4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/" }, { "name": "VU#127587", "tags": [ "third-party-advisory" ], "url": "https://www.kb.cert.org/vuls/id/127587" }, { "name": "[debian-lts-announce] 20230920 [SECURITY] [DLA 3575-1] python2.7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-24329", "datePublished": "2023-02-17T00:00:00", "dateReserved": "2023-01-23T00:00:00", "dateUpdated": "2024-08-02T10:56:03.505Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0512
Vulnerability from cvelistv5
Published
2023-01-26 00:00
Modified
2024-08-02 05:17
Severity ?
EPSS score ?
Summary
Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:17:49.385Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/de83736a-1936-4872-830b-f1e9b0ad2a74" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/870219c58c0804bdc55419b2e455c06ac715a835" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213677" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213675" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/18" }, { "name": "20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/21" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1247", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero in GitHub repository vim/vim prior to 9.0.1247." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/de83736a-1936-4872-830b-f1e9b0ad2a74" }, { "url": "https://github.com/vim/vim/commit/870219c58c0804bdc55419b2e455c06ac715a835" }, { "url": "https://support.apple.com/kb/HT213677" }, { "url": "https://support.apple.com/kb/HT213675" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/18" }, { "name": "20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/21" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "de83736a-1936-4872-830b-f1e9b0ad2a74", "discovery": "EXTERNAL" }, "title": "Divide By Zero in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0512", "datePublished": "2023-01-26T00:00:00", "dateReserved": "2023-01-26T00:00:00", "dateUpdated": "2024-08-02T05:17:49.385Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3824
Vulnerability from cvelistv5
Published
2023-08-11 05:48
Modified
2024-08-02 07:08
Severity ?
EPSS score ?
Summary
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.466Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230825-0001/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "PHP", "vendor": "PHP Group", "versions": [ { "lessThan": "8.0.30", "status": "affected", "version": "8.0.*", "versionType": "semver" }, { "lessThan": "8.1.22", "status": "affected", "version": "8.1.*", "versionType": "semver" }, { "lessThan": "8.2.8", "status": "affected", "version": "8.2.*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Niels Dossche " } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eIn PHP version 8.0.* before 8.0.30,\u0026nbsp; 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.\u0026nbsp;\u003c/p\u003e" } ], "value": "In PHP version 8.0.* before 8.0.30,\u00a0 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.\u00a0\n\n" } ], "impacts": [ { "capecId": "CAPEC-100", "descriptions": [ { "lang": "en", "value": "CAPEC-100 Overflow Buffers" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 9.4, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-11T05:48:34.082Z", "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php" }, "references": [ { "url": "https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/" }, { "url": "https://security.netapp.com/advisory/ntap-20230825-0001/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html" } ], "source": { "advisory": "https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccg", "discovery": "INTERNAL" }, "title": "Buffer overflow and overread in phar_dir_read()", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "assignerShortName": "php", "cveId": "CVE-2023-3824", "datePublished": "2023-08-11T05:48:34.082Z", "dateReserved": "2023-07-21T16:57:23.334Z", "dateUpdated": "2024-08-02T07:08:50.466Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30590
Vulnerability from cvelistv5
Published
2023-11-28 19:15
Modified
2024-08-02 14:28
Severity ?
EPSS score ?
Summary
The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: "Generates private and public Diffie-Hellman key values".
The documented behavior is very different from the actual behavior, and this difference could easily lead to security issues in applications that use these APIs as the DiffieHellman may be used as the basis for application-level security, implications are consequently broad.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:28:51.940Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThan": "16.20.1", "status": "affected", "version": "16.20.1", "versionType": "semver" }, { "lessThan": "18.16.1", "status": "affected", "version": "18.16.1", "versionType": "semver" }, { "lessThan": "20.3.1", "status": "affected", "version": "20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: \"Generates private and public Diffie-Hellman key values\".\n\nThe documented behavior is very different from the actual behavior, and this difference could easily lead to security issues in applications that use these APIs as the DiffieHellman may be used as the basis for application-level security, implications are consequently broad." } ], "providerMetadata": { "dateUpdated": "2023-11-28T19:15:19.447Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30590", "datePublished": "2023-11-28T19:15:19.447Z", "dateReserved": "2023-04-13T01:00:12.086Z", "dateUpdated": "2024-08-02T14:28:51.940Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29499
Vulnerability from cvelistv5
Published
2023-09-14 19:06
Modified
2024-08-02 14:07
Severity ?
EPSS score ?
Summary
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | n/a | glib2 | |||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:46.408Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-29499" }, { "name": "RHBZ#2211828", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211828" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2794" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231103-0001/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-18" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "glib2", "vendor": "n/a" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "glib2", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "glib2", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "affected", "packageName": "glib2", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "glib2", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib", "product": "Extra Packages for Enterprise Linux", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "mingw-glib2", "product": "Fedora 37", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib2", "product": "Fedora 38", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "mingw-glib2", "product": "Fedora 38", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib2", "product": "Fedora 37", "vendor": "Fedora" } ], "credits": [ { "lang": "en", "value": "Upstream acknowledges William Manley as the original reporter." } ], "datePublic": "2022-12-14T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Low" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-14T19:06:17.810Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-29499" }, { "name": "RHBZ#2211828", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211828" }, { "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2794" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231103-0001/" }, { "url": "https://security.gentoo.org/glsa/202311-18" } ], "timeline": [ { "lang": "en", "time": "2023-05-24T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2022-12-14T00:00:00+00:00", "value": "Made public." } ], "title": "Gvariant offset table entry size is not checked in is_normal()", "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-29499", "datePublished": "2023-09-14T19:06:17.810Z", "dateReserved": "2023-05-30T11:48:42.094Z", "dateUpdated": "2024-08-02T14:07:46.408Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41409
Vulnerability from cvelistv5
Published
2023-07-18 00:00
Modified
2024-10-28 18:22
Severity ?
EPSS score ?
Summary
Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:42:46.199Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/PCRE2Project/pcre2/issues/141" }, { "tags": [ "x_transferred" ], "url": "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-41409", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-28T18:22:33.915896Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-28T18:22:42.917Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-18T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/PCRE2Project/pcre2/issues/141" }, { "url": "https://github.com/PCRE2Project/pcre2/commit/94e1c001761373b7d9450768aa15d04c25547a35" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-41409", "datePublished": "2023-07-18T00:00:00", "dateReserved": "2022-09-26T00:00:00", "dateUpdated": "2024-10-28T18:22:42.917Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-25193
Vulnerability from cvelistv5
Published
2023-02-04 00:00
Modified
2024-08-02 11:18
Severity ?
EPSS score ?
Summary
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:18:36.255Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc" }, { "tags": [ "x_transferred" ], "url": "https://chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS#361" }, { "tags": [ "x_transferred" ], "url": "https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh" }, { "name": "FEDORA-2023-4e6353c6f7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/" }, { "name": "FEDORA-2023-a48406ecd2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-25T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc" }, { "url": "https://chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS#361" }, { "url": "https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh" }, { "name": "FEDORA-2023-4e6353c6f7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/" }, { "name": "FEDORA-2023-a48406ecd2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/" }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-25193", "datePublished": "2023-02-04T00:00:00", "dateReserved": "2023-02-04T00:00:00", "dateUpdated": "2024-08-02T11:18:36.255Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32665
Vulnerability from cvelistv5
Published
2023-09-14 19:03
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | n/a | glib2 | |||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-32665", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2023-11-27T17:04:41.563399Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-24T19:16:35.238Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:36.651Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-32665" }, { "name": "RHBZ#2211827", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211827" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2121" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-18" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240426-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "glib2", "vendor": "n/a" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "glib2", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "glib2", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "affected", "packageName": "glib2", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "glib2", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib2", "product": "Fedora 38", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib", "product": "Extra Packages for Enterprise Linux", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib2", "product": "Fedora", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib2", "product": "Fedora 37", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "mingw-glib2", "product": "Fedora 38", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "mingw-glib2", "product": "Fedora 37", "vendor": "Fedora" } ], "credits": [ { "lang": "en", "value": "Upstream acknowledges William Manley as the original reporter." } ], "datePublic": "2022-12-14T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Low" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-14T19:03:58.229Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-32665" }, { "name": "RHBZ#2211827", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211827" }, { "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2121" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html" }, { "url": "https://security.gentoo.org/glsa/202311-18" }, { "url": "https://security.netapp.com/advisory/ntap-20240426-0006/" } ], "timeline": [ { "lang": "en", "time": "2023-05-24T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2022-12-14T00:00:00+00:00", "value": "Made public." } ], "title": "Gvariant deserialisation does not match spec for non-normal data", "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-32665", "datePublished": "2023-09-14T19:03:58.229Z", "dateReserved": "2023-05-30T11:48:42.074Z", "dateUpdated": "2024-08-02T15:25:36.651Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-45802
Vulnerability from cvelistv5
Published
2023-10-23 06:50
Modified
2024-10-14 09:01
Severity ?
EPSS score ?
Summary
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.
This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.
Users are recommended to upgrade to version 2.4.58, which fixes the issue.
References
▼ | URL | Tags |
---|---|---|
https://httpd.apache.org/security/vulnerabilities_24.html | vendor-advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 2.4.17 ≤ 2.4.57 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:29:32.370Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-45802", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-12T18:03:47.419998Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-12T18:04:36.899Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.57", "status": "affected", "version": "2.4.17", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Will Dormann of Vul Labs" }, { "lang": "en", "type": "finder", "value": "David Warren of Vul Labs" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request\u0027s memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\u003cbr\u003e\u003cbr\u003eThis was found by the reporter during testing of\u0026nbsp;CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\u003cbr\u003e" } ], "value": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request\u0027s memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\n\nThis was found by the reporter during testing of\u00a0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue." } ], "metrics": [ { "other": { "content": { "text": "moderate" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-404", "description": "CWE-404 Improper Resource Shutdown or Release", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-14T09:01:44.836Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" } ], "source": { "discovery": "EXTERNAL" }, "timeline": [ { "lang": "en", "time": "2023-10-12T11:47:00.000Z", "value": "reported" } ], "title": "Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-45802", "datePublished": "2023-10-23T06:50:23.991Z", "dateReserved": "2023-10-13T09:44:15.791Z", "dateUpdated": "2024-10-14T09:01:44.836Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38403
Vulnerability from cvelistv5
Published
2023-07-17 00:00
Modified
2024-11-27 14:33
Severity ?
EPSS score ?
Summary
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:39:13.471Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc" }, { "tags": [ "x_transferred" ], "url": "https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9" }, { "tags": [ "x_transferred" ], "url": "https://bugs.debian.org/1040830" }, { "tags": [ "x_transferred" ], "url": "https://github.com/esnet/iperf/issues/1542" }, { "tags": [ "x_transferred" ], "url": "https://cwe.mitre.org/data/definitions/130.html" }, { "name": "[debian-lts-announce] 20230725 [SECURITY] [DLA 3506-1] iperf3 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html" }, { "name": "FEDORA-2023-5f3b4c0b97", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/" }, { "name": "FEDORA-2023-04243a1845", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230818-0016/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213985" }, { "name": "20231025 APPLE-SA-10-25-2023-4 macOS Sonoma 14.1", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" }, { "name": "20231025 APPLE-SA-10-25-2023-5 macOS Ventura 13.6.1", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/26" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-38403", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-01-16T19:39:13.029619Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-27T14:33:27.522Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-25T23:07:43.008593", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc" }, { "url": "https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9" }, { "url": "https://bugs.debian.org/1040830" }, { "url": "https://github.com/esnet/iperf/issues/1542" }, { "url": "https://cwe.mitre.org/data/definitions/130.html" }, { "name": "[debian-lts-announce] 20230725 [SECURITY] [DLA 3506-1] iperf3 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html" }, { "name": "FEDORA-2023-5f3b4c0b97", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/" }, { "name": "FEDORA-2023-04243a1845", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/" }, { "url": "https://security.netapp.com/advisory/ntap-20230818-0016/" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "https://support.apple.com/kb/HT213985" }, { "name": "20231025 APPLE-SA-10-25-2023-4 macOS Sonoma 14.1", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" }, { "name": "20231025 APPLE-SA-10-25-2023-5 macOS Ventura 13.6.1", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/26" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-38403", "datePublished": "2023-07-17T00:00:00", "dateReserved": "2023-07-17T00:00:00", "dateUpdated": "2024-11-27T14:33:27.522Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29405
Vulnerability from cvelistv5
Published
2023-06-08 20:19
Modified
2024-12-06 13:09
Severity ?
EPSS score ?
Summary
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Go toolchain | cmd/go |
Version: 0 ≤ Version: 1.20.0-0 ≤ |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-12-06T13:09:26.090Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/60306" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/501224" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-1842" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "url": "https://security.netapp.com/advisory/ntap-20241206-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "cmd/go", "product": "cmd/go", "vendor": "Go toolchain", "versions": [ { "lessThan": "1.19.10", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.5", "status": "affected", "version": "1.20.0-0", "versionType": "semver" } ] }, { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "cmd/cgo", "product": "cmd/cgo", "vendor": "Go toolchain", "versions": [ { "lessThan": "1.19.10", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.5", "status": "affected", "version": "1.20.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Juho Nurminen of Mattermost" } ], "descriptions": [ { "lang": "en", "value": "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-04T18:09:23.809Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/60306" }, { "url": "https://go.dev/cl/501224" }, { "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2023-1842" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-29405", "datePublished": "2023-06-08T20:19:19.267Z", "dateReserved": "2023-04-05T19:36:35.043Z", "dateUpdated": "2024-12-06T13:09:26.090Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4574
Vulnerability from cvelistv5
Published
2023-09-11 08:00
Modified
2024-09-26 15:07
Severity ?
EPSS score ?
Summary
When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 117 |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.575Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846688" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-4574", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:07:09.438344Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:07:28.548Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "117", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "sonakkbi" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "value": "When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory corruption in IPC ColorPickerShownCallback", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:37:59.910Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846688" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4574", "datePublished": "2023-09-11T08:00:40.693Z", "dateReserved": "2023-08-29T03:36:31.316Z", "dateUpdated": "2024-09-26T15:07:28.548Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-37201
Vulnerability from cvelistv5
Published
2023-07-05 08:51
Modified
2024-11-21 14:30
Severity ?
EPSS score ?
Summary
An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 115 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:09:32.879Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1826002" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5450" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5451" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-37201", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-21T14:30:36.545377Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-21T14:30:51.195Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "115", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Irvan Kurniawan" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "value": "An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "problemTypes": [ { "descriptions": [ { "description": "Use-after-free in WebRTC certificate generation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-05T08:51:01.631Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1826002" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "url": "https://www.debian.org/security/2023/dsa-5450" }, { "url": "https://www.debian.org/security/2023/dsa-5451" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-37201", "datePublished": "2023-07-05T08:51:01.631Z", "dateReserved": "2023-06-28T18:07:02.265Z", "dateUpdated": "2024-11-21T14:30:51.195Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4581
Vulnerability from cvelistv5
Published
2023-09-11 08:01
Modified
2024-09-26 16:04
Severity ?
EPSS score ?
Summary
Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 117 |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.542Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843758" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-4581", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T16:02:47.469373Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T16:04:42.184Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "117", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Umar Farooq (@Puf)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Excel \u003ccode\u003e.xll\u003c/code\u003e add-in files did not have a blocklist entry in Firefox\u0027s executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "value": "Excel `.xll` add-in files did not have a blocklist entry in Firefox\u0027s executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "problemTypes": [ { "descriptions": [ { "description": "XLL file extensions were downloadable without warnings", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:38:12.648Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843758" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4581", "datePublished": "2023-09-11T08:01:45.092Z", "dateReserved": "2023-08-29T03:36:56.674Z", "dateUpdated": "2024-09-26T16:04:42.184Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2004
Vulnerability from cvelistv5
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2023-05-26T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "rejectedReasons": [ { "lang": "en", "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-2004", "dateRejected": "2023-05-26T00:00:00", "dateReserved": "2023-04-12T00:00:00", "dateUpdated": "2023-05-26T00:00:00", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }
cve-2023-31486
Vulnerability from cvelistv5
Published
2023-04-28 00:00
Modified
2024-11-29 12:04
Severity ?
EPSS score ?
Summary
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-29T12:04:38.466Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/04/18/14" }, { "tags": [ "x_transferred" ], "url": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/" }, { "tags": [ "x_transferred" ], "url": "https://hackeriet.github.io/cpan-http-tiny-overview/" }, { "name": "[oss-security] 20230429 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/29/1" }, { "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/03/3" }, { "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/05/03/4" }, { "name": "[oss-security] 20230507 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/chansen/p5-http-tiny/pull/153" }, { "url": "https://security.netapp.com/advisory/ntap-20241129-0011/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-20T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/" }, { "url": "https://www.openwall.com/lists/oss-security/2023/04/18/14" }, { "url": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/" }, { "url": "https://hackeriet.github.io/cpan-http-tiny-overview/" }, { "name": "[oss-security] 20230429 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/29/1" }, { "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/03/3" }, { "name": "[oss-security] 20230503 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5" }, { "url": "https://www.openwall.com/lists/oss-security/2023/05/03/4" }, { "name": "[oss-security] 20230507 Re: Perl\u0027s HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2" }, { "url": "https://github.com/chansen/p5-http-tiny/pull/153" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-31486", "datePublished": "2023-04-28T00:00:00", "dateReserved": "2023-04-28T00:00:00", "dateUpdated": "2024-11-29T12:04:38.466Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4573
Vulnerability from cvelistv5
Published
2023-09-11 07:59
Modified
2024-09-26 15:12
Severity ?
EPSS score ?
Summary
When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 117 |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.518Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846687" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "117", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox_esr", "vendor": "mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "thunderbird", "vendor": "mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4573", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:08:18.378453Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:12:39.082Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "117", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "sonakkbi" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When receiving rendering data over IPC \u003ccode\u003emStream\u003c/code\u003e could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "value": "When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory corruption in IPC CanvasTranslator", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:37:51.262Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846687" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4573", "datePublished": "2023-09-11T07:59:57.732Z", "dateReserved": "2023-08-29T03:35:59.311Z", "dateUpdated": "2024-09-26T15:12:39.082Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-22025
Vulnerability from cvelistv5
Published
2023-10-17 21:02
Modified
2024-09-13 16:36
Severity ?
EPSS score ?
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u381-perf Version: Oracle Java SE:17.0.8 Version: Oracle Java SE:21 Version: Oracle GraalVM for JDK:17.0.8 Version: Oracle GraalVM for JDK:21 Version: Oracle GraalVM Enterprise Edition:21.3.7 Version: Oracle GraalVM Enterprise Edition:22.3.3 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:59:28.998Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5548" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-22025", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-13T16:28:29.558794Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-13T16:36:38.444Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u381-perf" }, { "status": "affected", "version": "Oracle Java SE:17.0.8" }, { "status": "affected", "version": "Oracle Java SE:21" }, { "status": "affected", "version": "Oracle GraalVM for JDK:17.0.8" }, { "status": "affected", "version": "Oracle GraalVM for JDK:21" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.7" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:22.3.3" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 21.3.7 and 22.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition,. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition,. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, accessible data.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-08T04:14:29.313Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "url": "https://www.debian.org/security/2023/dsa-5548" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-22025", "datePublished": "2023-10-17T21:02:47.615Z", "dateReserved": "2022-12-17T19:26:00.752Z", "dateUpdated": "2024-09-13T16:36:38.444Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48339
Vulnerability from cvelistv5
Published
2023-02-20 00:00
Modified
2024-08-03 15:10
Severity ?
EPSS score ?
Summary
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:10:59.748Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c" }, { "name": "DSA-5360", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5360" }, { "name": "[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html" }, { "name": "FEDORA-2023-5763445abe", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/" }, { "name": "FEDORA-2023-29df561f1d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-14T02:06:12.105856", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c" }, { "name": "DSA-5360", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5360" }, { "name": "[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html" }, { "name": "FEDORA-2023-5763445abe", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/" }, { "name": "FEDORA-2023-29df561f1d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-48339", "datePublished": "2023-02-20T00:00:00", "dateReserved": "2023-02-20T00:00:00", "dateUpdated": "2024-08-03T15:10:59.748Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4575
Vulnerability from cvelistv5
Published
2023-09-11 08:00
Modified
2024-09-26 15:05
Severity ?
EPSS score ?
Summary
When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 117 |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.529Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846689" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-4575", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:05:40.293002Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:05:57.551Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "117", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "sonakkbi" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "value": "When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory corruption in IPC FilePickerShownCallback", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:38:05.650Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846689" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4575", "datePublished": "2023-09-11T08:00:45.746Z", "dateReserved": "2023-08-29T03:36:32.817Z", "dateUpdated": "2024-09-26T15:05:57.551Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32762
Vulnerability from cvelistv5
Published
2023-05-28 00:00
Modified
2024-08-19 16:42
Severity ?
EPSS score ?
Summary
An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:37.052Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://codereview.qt-project.org/c/qt/qtbase/+/476140" }, { "tags": [ "x_transferred" ], "url": "https://github.com/qt/qtbase/commit/1b736a815be0222f4b24289cf17575fc15707305" }, { "tags": [ "x_transferred" ], "url": "https://lists.qt-project.org/pipermail/announce/2023-May/000414.html" }, { "name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:qt:qtbase:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qtbase", "vendor": "qt", "versions": [ { "lessThan": "5.15.14", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:qt:qtbase:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qtbase", "vendor": "qt", "versions": [ { "lessThan": "6.2.9", "status": "affected", "version": "6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:qt:qtbase:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "qtbase", "vendor": "qt", "versions": [ { "lessThan": "6.5.1", "status": "affected", "version": "6.3.0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-32762", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-01T14:17:39.605223Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-19T16:42:12.680Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-01T00:06:23.176268", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://codereview.qt-project.org/c/qt/qtbase/+/476140" }, { "url": "https://github.com/qt/qtbase/commit/1b736a815be0222f4b24289cf17575fc15707305" }, { "url": "https://lists.qt-project.org/pipermail/announce/2023-May/000414.html" }, { "name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00027.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-32762", "datePublished": "2023-05-28T00:00:00", "dateReserved": "2023-05-15T00:00:00", "dateUpdated": "2024-08-19T16:42:12.680Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2828
Vulnerability from cvelistv5
Published
2023-06-21 16:26
Modified
2024-12-06 18:36
Severity ?
EPSS score ?
Summary
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit.
It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded.
This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:33:05.796Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CVE-2023-2828", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://kb.isc.org/docs/cve-2023-2828" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/06/21/6" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5439" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230703-0010/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-2828", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-06T18:36:28.183787Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-06T18:36:35.647Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "BIND 9", "vendor": "ISC", "versions": [ { "lessThanOrEqual": "9.16.41", "status": "affected", "version": "9.11.0", "versionType": "custom" }, { "lessThanOrEqual": "9.18.15", "status": "affected", "version": "9.18.0", "versionType": "custom" }, { "lessThanOrEqual": "9.19.13", "status": "affected", "version": "9.19.0", "versionType": "custom" }, { "lessThanOrEqual": "9.16.41-S1", "status": "affected", "version": "9.11.3-S1", "versionType": "custom" }, { "lessThanOrEqual": "9.18.15-S1", "status": "affected", "version": "9.18.11-S1", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "ISC would like to thank Shoham Danino from Reichman University, Anat Bremler-Barr from Tel-Aviv University, Yehuda Afek from Tel-Aviv University, and Yuval Shavitt from Tel-Aviv University for bringing this vulnerability to our attention." } ], "datePublic": "2023-06-21T00:00:00Z", "descriptions": [ { "lang": "en", "value": "Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit.\n\nIt has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded.\nThis issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1." } ], "exploits": [ { "lang": "en", "value": "We are not aware of any active exploits." } ], "impacts": [ { "descriptions": [ { "lang": "en", "value": "By exploiting this flaw, an attacker can cause the amount of memory used by a `named` resolver to go well beyond the configured `max-cache-size` limit. The effectiveness of the attack depends on a number of factors (e.g. query load, query patterns), but since the default value of the `max-cache-size` statement is `90%`, in the worst case the attacker can exhaust all available memory on the host running `named`, leading to a denial-of-service condition." } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "providerMetadata": { "dateUpdated": "2023-06-21T16:26:07.096Z", "orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc" }, "references": [ { "name": "CVE-2023-2828", "tags": [ "vendor-advisory" ], "url": "https://kb.isc.org/docs/cve-2023-2828" }, { "url": "http://www.openwall.com/lists/oss-security/2023/06/21/6" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/" }, { "url": "https://www.debian.org/security/2023/dsa-5439" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/" }, { "url": "https://security.netapp.com/advisory/ntap-20230703-0010/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html" } ], "solutions": [ { "lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.42, 9.18.16, 9.19.14, 9.16.42-S1, or 9.18.16-S1." } ], "source": { "discovery": "EXTERNAL" }, "title": "named\u0027s configured cache size limit can be significantly exceeded", "workarounds": [ { "lang": "en", "value": "No workarounds known." } ] } }, "cveMetadata": { "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "cveId": "CVE-2023-2828", "datePublished": "2023-06-21T16:26:07.096Z", "dateReserved": "2023-05-22T07:57:41.362Z", "dateUpdated": "2024-12-06T18:36:35.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31147
Vulnerability from cvelistv5
Published
2023-05-25 21:55
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:25.630Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2" }, { "name": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "c-ares", "vendor": "c-ares", "versions": [ { "status": "affected", "version": "\u003c 1.19.1" } ] } ], "descriptions": [ { "lang": "en", "value": "c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-330", "description": "CWE-330: Use of Insufficiently Random Values", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-25T21:55:47.585Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2" }, { "name": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/" }, { "url": "https://security.gentoo.org/glsa/202310-09" } ], "source": { "advisory": "GHSA-8r8p-23f3-64c2", "discovery": "UNKNOWN" }, "title": "Insufficient randomness in generation of DNS query IDs in c-ares" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-31147", "datePublished": "2023-05-25T21:55:47.585Z", "dateReserved": "2023-04-24T21:44:10.418Z", "dateUpdated": "2024-08-02T14:45:25.630Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48338
Vulnerability from cvelistv5
Published
2023-02-20 00:00
Modified
2024-08-03 15:10
Severity ?
EPSS score ?
Summary
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:10:59.720Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c" }, { "name": "DSA-5360", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5360" }, { "name": "FEDORA-2023-5763445abe", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/" }, { "name": "FEDORA-2023-29df561f1d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-14T02:06:10.519444", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c" }, { "name": "DSA-5360", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5360" }, { "name": "FEDORA-2023-5763445abe", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/" }, { "name": "FEDORA-2023-29df561f1d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-48338", "datePublished": "2023-02-20T00:00:00", "dateReserved": "2023-02-20T00:00:00", "dateUpdated": "2024-08-03T15:10:59.720Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32004
Vulnerability from cvelistv5
Published
2023-08-15 15:10
Modified
2024-10-08 20:19
Severity ?
EPSS score ?
Summary
A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions.
This vulnerability affects all users using the experimental permission model in Node.js 20.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.645Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/2038134" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230915-0009/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-32004", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T20:19:44.419613Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T20:19:54.917Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThanOrEqual": "20.5.0", "status": "affected", "version": "20.5.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2023-08-15T15:10:19.152Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/2038134" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/" }, { "url": "https://security.netapp.com/advisory/ntap-20230915-0009/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-32004", "datePublished": "2023-08-15T15:10:19.152Z", "dateReserved": "2023-05-01T01:00:12.220Z", "dateUpdated": "2024-10-08T20:19:54.917Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0288
Vulnerability from cvelistv5
Published
2023-01-13 00:00
Modified
2024-08-02 05:02
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:02:44.119Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/232bdaaca98c34a99ffadf27bf6ee08be6cc8f6a" }, { "name": "FEDORA-2023-340f1d6ab9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1189", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-28T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3" }, { "url": "https://github.com/vim/vim/commit/232bdaaca98c34a99ffadf27bf6ee08be6cc8f6a" }, { "name": "FEDORA-2023-340f1d6ab9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" } ], "source": { "advisory": "550a0852-9be0-4abe-906c-f803b34e41d3", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0288", "datePublished": "2023-01-13T00:00:00", "dateReserved": "2023-01-13T00:00:00", "dateUpdated": "2024-08-02T05:02:44.119Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3138
Vulnerability from cvelistv5
Published
2023-06-28 00:00
Modified
2024-08-02 06:48
Severity ?
EPSS score ?
Summary
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:48:07.359Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-3138" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c" }, { "tags": [ "x_transferred" ], "url": "https://lists.x.org/archives/xorg-announce/2023-June/003406.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.x.org/archives/xorg-announce/2023-June/003407.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231208-0008/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libX11", "vendor": "n/a", "versions": [ { "status": "affected", "version": "libX11 1.8.6" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-08T19:06:17.298140", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-3138" }, { "url": "https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c" }, { "url": "https://lists.x.org/archives/xorg-announce/2023-June/003406.html" }, { "url": "https://lists.x.org/archives/xorg-announce/2023-June/003407.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231208-0008/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-3138", "datePublished": "2023-06-28T00:00:00", "dateReserved": "2023-06-07T00:00:00", "dateUpdated": "2024-08-02T06:48:07.359Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32221
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.86.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.010Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1704017" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213604" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "name": "DSA-5330", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5330" }, { "name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "name": "[oss-security] 20230517 curl: CVE-2023-28322: more POST-after-PUT confusion", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.86.0" } ] } ], "descriptions": [ { "lang": "en", "value": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-17T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1704017" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0006/" }, { "url": "https://support.apple.com/kb/HT213604" }, { "url": "https://support.apple.com/kb/HT213605" }, { "name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/20" }, { "name": "20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jan/19" }, { "name": "DSA-5330", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5330" }, { "name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html" }, { "url": "https://security.netapp.com/advisory/ntap-20230208-0002/" }, { "name": "[oss-security] 20230517 curl: CVE-2023-28322: more POST-after-PUT confusion", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32221", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.010Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0465
Vulnerability from cvelistv5
Published
2023-03-28 14:30
Modified
2024-08-02 05:10
Severity ?
EPSS score ?
Summary
Applications that use a non-default option when verifying certificates may be
vulnerable to an attack from a malicious CA to circumvent certain checks.
Invalid certificate policies in leaf certificates are silently ignored by
OpenSSL and other certificate policy checks are skipped for that certificate.
A malicious CA could use this to deliberately assert invalid certificate policies
in order to circumvent policy checking on the certificate altogether.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:10:56.368Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20230328.txt" }, { "name": "3.1.1 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c" }, { "name": "3.0.9 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb" }, { "name": "1.1.1u git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95" }, { "name": "1.0.2zh patch (premium)", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230414-0001/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5417" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-08" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "lessThan": "3.1.1", "status": "affected", "version": "3.1.0", "versionType": "semver" }, { "lessThan": "3.0.9", "status": "affected", "version": "3.0.0", "versionType": "semver" }, { "lessThan": "1.1.1u", "status": "affected", "version": "1.1.1", "versionType": "custom" }, { "lessThan": "1.0.2zh", "status": "affected", "version": "1.0.2", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "David Benjamin (Google)" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": "Matt Caswell" } ], "datePublic": "2023-03-23T00:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Applications that use a non-default option when verifying certificates may be\u003cbr\u003evulnerable to an attack from a malicious CA to circumvent certain checks.\u003cbr\u003e\u003cbr\u003eInvalid certificate policies in leaf certificates are silently ignored by\u003cbr\u003eOpenSSL and other certificate policy checks are skipped for that certificate.\u003cbr\u003eA malicious CA could use this to deliberately assert invalid certificate policies\u003cbr\u003ein order to circumvent policy checking on the certificate altogether.\u003cbr\u003e\u003cbr\u003ePolicy processing is disabled by default but can be enabled by passing\u003cbr\u003ethe `-policy\u0027 argument to the command line utilities or by calling the\u003cbr\u003e`X509_VERIFY_PARAM_set1_policies()\u0027 function." } ], "value": "Applications that use a non-default option when verifying certificates may be\nvulnerable to an attack from a malicious CA to circumvent certain checks.\n\nInvalid certificate policies in leaf certificates are silently ignored by\nOpenSSL and other certificate policy checks are skipped for that certificate.\nA malicious CA could use this to deliberately assert invalid certificate policies\nin order to circumvent policy checking on the certificate altogether.\n\nPolicy processing is disabled by default but can be enabled by passing\nthe `-policy\u0027 argument to the command line utilities or by calling the\n`X509_VERIFY_PARAM_set1_policies()\u0027 function." } ], "metrics": [ { "format": "other", "other": { "content": { "text": "Low" }, "type": "https://www.openssl.org/policies/secpolicy.html" } } ], "problemTypes": [ { "descriptions": [ { "description": "improper certificate validation", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-28T14:30:39.707Z", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.openssl.org/news/secadv/20230328.txt" }, { "name": "3.1.1 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c" }, { "name": "3.0.9 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb" }, { "name": "1.1.1u git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95" }, { "name": "1.0.2zh patch (premium)", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a" }, { "url": "https://security.netapp.com/advisory/ntap-20230414-0001/" }, { "url": "https://www.debian.org/security/2023/dsa-5417" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html" }, { "url": "https://security.gentoo.org/glsa/202402-08" } ], "source": { "discovery": "UNKNOWN" }, "title": "Invalid certificate policies in leaf certificates are silently ignored", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2023-0465", "datePublished": "2023-03-28T14:30:39.707Z", "dateReserved": "2023-01-24T13:51:42.650Z", "dateUpdated": "2024-08-02T05:10:56.368Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3823
Vulnerability from cvelistv5
Published
2023-08-11 05:42
Modified
2024-08-02 07:08
Severity ?
EPSS score ?
Summary
In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.269Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230825-0001/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "PHP", "vendor": "PHP Group", "versions": [ { "lessThan": "8.0.30", "status": "affected", "version": "8.0.*", "versionType": "semver" }, { "lessThan": "8.1.22", "status": "affected", "version": "8.1.*", "versionType": "semver" }, { "lessThan": "8.2.8", "status": "affected", "version": "8.2.*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Joas Schilling" } ], "datePublic": "2023-08-05T04:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eIn PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e" } ], "value": "In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as\u00a0ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.\u00a0\n\n" } ], "impacts": [ { "capecId": "CAPEC-197", "descriptions": [ { "lang": "en", "value": "CAPEC-197 XML Entity Expansion" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-11T05:42:25.771Z", "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php" }, "references": [ { "url": "https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/" }, { "url": "https://security.netapp.com/advisory/ntap-20230825-0001/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html" } ], "source": { "advisory": "https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j", "discovery": "EXTERNAL" }, "title": "Security issue with external entity loading in XML without enabling it", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Disable external entity loader, e.g. like this:\u0026nbsp;\u003cpre\u003elibxml_set_external_entity_loader(function () { return null; });\u003c/pre\u003e\u003cbr\u003e" } ], "value": "Disable external entity loader, e.g. like this:\u00a0libxml_set_external_entity_loader(function () { return null; });\n\n\n" } ], "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "assignerShortName": "php", "cveId": "CVE-2023-3823", "datePublished": "2023-08-11T05:42:25.771Z", "dateReserved": "2023-07-21T16:16:57.133Z", "dateUpdated": "2024-08-02T07:08:50.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32006
Vulnerability from cvelistv5
Published
2023-08-15 15:10
Modified
2024-10-08 20:21
Severity ?
EPSS score ?
Summary
The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.
This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x.
Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.787Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/2043807" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230915-0009/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-32006", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T20:20:48.763469Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T20:21:00.388Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThanOrEqual": "20.5.0", "status": "affected", "version": "20.5.0", "versionType": "semver" }, { "lessThanOrEqual": "18.17.0", "status": "affected", "version": "18.17.0", "versionType": "semver" }, { "lessThanOrEqual": "16.20.1", "status": "affected", "version": "16.20.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.\n\nThis vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2023-08-15T15:10:09.447Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/2043807" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/" }, { "url": "https://security.netapp.com/advisory/ntap-20230915-0009/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-32006", "datePublished": "2023-08-15T15:10:09.447Z", "dateReserved": "2023-05-01T01:00:12.220Z", "dateUpdated": "2024-10-08T20:21:00.388Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29403
Vulnerability from cvelistv5
Published
2023-06-08 20:19
Modified
2024-12-20 13:06
Severity ?
EPSS score ?
Summary
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | runtime |
Version: 0 ≤ Version: 1.20.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-12-20T13:06:40.480Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/60272" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/501223" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-1840" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "url": "https://security.netapp.com/advisory/ntap-20241220-0009/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "runtime", "product": "runtime", "vendor": "Go standard library", "versions": [ { "lessThan": "1.19.10", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.5", "status": "affected", "version": "1.20.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Vincent Dehors from Synacktiv" } ], "descriptions": [ { "lang": "en", "value": "On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-642: External Control of Critical State Data", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:08:37.846Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/60272" }, { "url": "https://go.dev/cl/501223" }, { "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2023-1840" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Unsafe behavior in setuid/setgid binaries in runtime" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-29403", "datePublished": "2023-06-08T20:19:13.222Z", "dateReserved": "2023-04-05T19:36:35.042Z", "dateUpdated": "2024-12-20T13:06:40.480Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3924
Vulnerability from cvelistv5
Published
2023-01-25 21:39
Modified
2024-08-03 01:20
Severity ?
EPSS score ?
Summary
This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero.
If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure.
This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.
References
▼ | URL | Tags |
---|---|---|
https://kb.isc.org/docs/cve-2022-3924 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:20:58.777Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CVE-2022-3924", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://kb.isc.org/docs/cve-2022-3924" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "BIND 9", "vendor": "ISC", "versions": [ { "lessThanOrEqual": "9.16.36", "status": "affected", "version": "9.16.12", "versionType": "custom" }, { "lessThanOrEqual": "9.18.10", "status": "affected", "version": "9.18.0", "versionType": "custom" }, { "lessThanOrEqual": "9.19.8", "status": "affected", "version": "9.19.0", "versionType": "custom" }, { "lessThanOrEqual": "9.16.36-S1", "status": "affected", "version": "9.16.12-S1", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "ISC would like to thank Maksym Odinintsev from AWS for bringing this vulnerability to our attention." } ], "datePublic": "2023-01-25T00:00:00Z", "descriptions": [ { "lang": "en", "value": "This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero.\n\nIf the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure.\nThis issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1." } ], "exploits": [ { "lang": "en", "value": "We are not aware of any active exploits." } ], "impacts": [ { "descriptions": [ { "lang": "en", "value": "By sending specific queries to the resolver, an attacker can cause `named` to crash." } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-26T06:03:10.975661Z", "orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc" }, "references": [ { "name": "CVE-2022-3924", "tags": [ "vendor-advisory" ], "url": "https://kb.isc.org/docs/cve-2022-3924" } ], "solutions": [ { "lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.37, 9.18.11, 9.19.9, or 9.16.37-S1." } ], "source": { "discovery": "EXTERNAL" }, "title": "named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota", "workarounds": [ { "lang": "en", "value": "Disabling `stale-answer-client-timeout` entirely or setting the timeout value to zero prevents the problem.\n\nIt is not possible to disable the limit on `recursive-clients`, though it could be set to a very high value in order to reduce the likelihood of encountering this scenario. However, this is not recommended as the limit on recursive clients is important for preventing exhaustion of server resources." } ] } }, "cveMetadata": { "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "cveId": "CVE-2022-3924", "datePublished": "2023-01-25T21:39:49.110Z", "dateReserved": "2022-11-10T09:07:37.642Z", "dateUpdated": "2024-08-03T01:20:58.777Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1127
Vulnerability from cvelistv5
Published
2023-03-01 00:00
Modified
2024-08-02 05:32
Severity ?
EPSS score ?
Summary
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:32:46.417Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2d4d309e-4c96-415f-9070-36d0815f1beb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e0f869196930ef5f25a0ac41c9215b09c9ce2d3c" }, { "name": "FEDORA-2023-27958e9307", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/" }, { "name": "FEDORA-2023-ccf283d7e1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJ6TMKKBXHGVUHWFGM4X46VIJO7ZAG2W/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1367", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero in GitHub repository vim/vim prior to 9.0.1367." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2d4d309e-4c96-415f-9070-36d0815f1beb" }, { "url": "https://github.com/vim/vim/commit/e0f869196930ef5f25a0ac41c9215b09c9ce2d3c" }, { "name": "FEDORA-2023-27958e9307", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/" }, { "name": "FEDORA-2023-ccf283d7e1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJ6TMKKBXHGVUHWFGM4X46VIJO7ZAG2W/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "2d4d309e-4c96-415f-9070-36d0815f1beb", "discovery": "EXTERNAL" }, "title": "Divide By Zero in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1127", "datePublished": "2023-03-01T00:00:00", "dateReserved": "2023-03-01T00:00:00", "dateUpdated": "2024-08-02T05:32:46.417Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29404
Vulnerability from cvelistv5
Published
2023-06-08 20:19
Modified
2024-11-15 13:08
Severity ?
EPSS score ?
Summary
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go toolchain | cmd/go |
Version: 0 ≤ Version: 1.20.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-15T13:08:12.758Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/60305" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/501225" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-1841" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "url": "https://security.netapp.com/advisory/ntap-20241115-0009/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "cmd/go", "product": "cmd/go", "vendor": "Go toolchain", "versions": [ { "lessThan": "1.19.10", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.5", "status": "affected", "version": "1.20.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Juho Nurminen of Mattermost" } ], "descriptions": [ { "lang": "en", "value": "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive. The arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-94: Improper Control of Generation of Code (\"Code Injection\")", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-04T18:09:18.646Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/60305" }, { "url": "https://go.dev/cl/501225" }, { "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2023-1841" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-29404", "datePublished": "2023-06-08T20:19:17.548Z", "dateReserved": "2023-04-05T19:36:35.043Z", "dateUpdated": "2024-11-15T13:08:12.758Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30587
Vulnerability from cvelistv5
Published
2024-09-07 16:00
Modified
2024-11-08 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module (node:inspector).
By exploiting the Worker class's ability to create an "internal worker" with the kIsInternal Symbol, attackers can modify the isInternal value when an inspector is attached within the Worker constructor before initializing a new WorkerImpl. This vulnerability exclusively affects Node.js users employing the permission model mechanism.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "nodejs", "vendor": "nodejs", "versions": [ { "lessThan": "20.3.1", "status": "affected", "version": "20.0", "versionType": "semver" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-30587", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-09T18:23:12.423610Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-09T18:26:39.840Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-11-08T15:02:46.346Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20241108-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThan": "20.3.1", "status": "affected", "version": "20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module (node:inspector).\n\nBy exploiting the Worker class\u0027s ability to create an \"internal worker\" with the kIsInternal Symbol, attackers can modify the isInternal value when an inspector is attached within the Worker constructor before initializing a new WorkerImpl. This vulnerability exclusively affects Node.js users employing the permission model mechanism.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2024-09-07T16:00:35.920Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30587", "datePublished": "2024-09-07T16:00:35.920Z", "dateReserved": "2023-04-13T01:00:12.086Z", "dateUpdated": "2024-11-08T15:02:46.346Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4050
Vulnerability from cvelistv5
Published
2023-08-01 14:58
Modified
2024-10-22 15:05
Severity ?
EPSS score ?
Summary
In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:12.069Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843038" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5464" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5469" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox_esr", "vendor": "mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox_esr", "vendor": "mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4050", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T14:46:27.379331Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-22T15:05:33.710Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Mark Brand" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "value": "In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Stack buffer overflow in StorageManager", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-01T14:58:31.812Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843038" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.debian.org/security/2023/dsa-5464" }, { "url": "https://www.debian.org/security/2023/dsa-5469" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4050", "datePublished": "2023-08-01T14:58:31.812Z", "dateReserved": "2023-08-01T14:58:10.910Z", "dateUpdated": "2024-10-22T15:05:33.710Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-23914
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-08-02 10:42
Severity ?
EPSS score ?
Summary
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.88.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T10:42:27.094Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1813864" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.88.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "Cleartext Transmission of Sensitive Information (CWE-319)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:32.942653", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1813864" }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0006/" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-23914", "datePublished": "2023-02-23T00:00:00", "dateReserved": "2023-01-19T00:00:00", "dateUpdated": "2024-08-02T10:42:27.094Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28450
Vulnerability from cvelistv5
Published
2023-03-15 00:00
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:25.359Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://thekelleys.org.uk/dnsmasq/doc.html" }, { "tags": [ "x_transferred" ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5" }, { "tags": [ "x_transferred" ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG" }, { "tags": [ "x_transferred" ], "url": "https://capec.mitre.org/data/definitions/495.html" }, { "name": "FEDORA-2023-828bf01834", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/" }, { "name": "FEDORA-2023-eeca11a4df", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-17T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://thekelleys.org.uk/dnsmasq/doc.html" }, { "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5" }, { "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG" }, { "url": "https://capec.mitre.org/data/definitions/495.html" }, { "name": "FEDORA-2023-828bf01834", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/" }, { "name": "FEDORA-2023-eeca11a4df", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-28450", "datePublished": "2023-03-15T00:00:00", "dateReserved": "2023-03-15T00:00:00", "dateUpdated": "2024-08-02T12:38:25.359Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32636
Vulnerability from cvelistv5
Published
2023-09-14 19:19
Modified
2024-10-11 18:09
Severity ?
EPSS score ?
Summary
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:36.370Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2841" }, { "tags": [ "x_transferred" ], "url": "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231110-0002/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-32636", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-11T17:51:57.659191Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-11T18:09:36.123Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "glib", "vendor": "glib", "versions": [ { "status": "affected", "version": "2.75.1" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499." } ], "value": "A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-14T19:19:21.874Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2841" }, { "url": "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835" }, { "url": "https://security.netapp.com/advisory/ntap-20231110-0002/" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-32636", "datePublished": "2023-09-14T19:19:21.874Z", "dateReserved": "2023-05-30T11:48:42.112Z", "dateUpdated": "2024-10-11T18:09:36.123Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31130
Vulnerability from cvelistv5
Published
2023-05-25 21:45
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:26.018Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v" }, { "name": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5419" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00034.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-09" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240605-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "c-ares", "vendor": "c-ares", "versions": [ { "status": "affected", "version": "\u003c 1.19.1" } ] } ], "descriptions": [ { "lang": "en", "value": "c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular \"0::00:00:00/2\" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-124", "description": "CWE-124: Buffer Underwrite (\u0027Buffer Underflow\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-25T21:45:42.645Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v" }, { "name": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/" }, { "url": "https://www.debian.org/security/2023/dsa-5419" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00034.html" }, { "url": "https://security.gentoo.org/glsa/202310-09" }, { "url": "https://security.netapp.com/advisory/ntap-20240605-0005/" } ], "source": { "advisory": "GHSA-x6mf-cxr9-8q6v", "discovery": "UNKNOWN" }, "title": "Buffer Underwrite in ares_inet_net_pton()" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-31130", "datePublished": "2023-05-25T21:45:42.645Z", "dateReserved": "2023-04-24T21:44:10.416Z", "dateUpdated": "2024-08-02T14:45:26.018Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29491
Vulnerability from cvelistv5
Published
2023-04-14 00:00
Modified
2024-11-27 14:45
Severity ?
EPSS score ?
Summary
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:46.218Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/04/13/4" }, { "tags": [ "x_transferred" ], "url": "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/04/12/5" }, { "name": "[oss-security] 20230419 Re: ncurses fixes upstream", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/19/10" }, { "name": "[oss-security] 20230419 RE: [EXTERNAL] Re: ncurses fixes upstream", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/19/11" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230517-0009/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213843" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" }, { "name": "[debian-lts-announce] 20231203 [SECURITY] [DLA 3682-1] ncurses security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html" }, { "name": "FEDORA-2024-96090dafaf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-29491", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-27T14:44:41.346506Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-27T14:45:38.232Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-31T03:06:18.151995", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.openwall.com/lists/oss-security/2023/04/13/4" }, { "url": "http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56" }, { "url": "https://www.openwall.com/lists/oss-security/2023/04/12/5" }, { "name": "[oss-security] 20230419 Re: ncurses fixes upstream", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/19/10" }, { "name": "[oss-security] 20230419 RE: [EXTERNAL] Re: ncurses fixes upstream", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/04/19/11" }, { "url": "https://security.netapp.com/advisory/ntap-20230517-0009/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "name": "[debian-lts-announce] 20231203 [SECURITY] [DLA 3682-1] ncurses security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html" }, { "name": "FEDORA-2024-96090dafaf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-29491", "datePublished": "2023-04-14T00:00:00", "dateReserved": "2023-04-07T00:00:00", "dateUpdated": "2024-11-27T14:45:38.232Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36053
Vulnerability from cvelistv5
Published
2023-07-03 00:00
Modified
2024-08-02 16:37
Severity ?
EPSS score ?
Summary
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "debian_linux", "vendor": "debian", "versions": [ { "status": "affected", "version": "10.0" } ] }, { "cpes": [ "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fedora", "vendor": "fedoraproject", "versions": [ { "status": "affected", "version": "37" } ] }, { "cpes": [ "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "django", "vendor": "djangoproject", "versions": [ { "status": "affected", "version": "*" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-36053", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-22T16:03:28.124119Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1333", "description": "CWE-1333 Inefficient Regular Expression Complexity", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:25:43.436Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T16:37:41.341Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/forum/#%21forum/django-announce" }, { "tags": [ "x_transferred" ], "url": "https://docs.djangoproject.com/en/4.2/releases/security/" }, { "tags": [ "x_transferred" ], "url": "https://www.djangoproject.com/weblog/2023/jul/03/security-releases/" }, { "name": "[debian-lts-announce] 20230719 [SECURITY] [DLA 3500-1] python-django security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html" }, { "name": "DSA-5465", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5465" }, { "name": "FEDORA-2023-cc023fabb7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS/" }, { "name": "FEDORA-2023-9d36d373f1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A/" }, { "name": "FEDORA-2024-84fbbbb914", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-20T03:05:57.133777", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/forum/#%21forum/django-announce" }, { "url": "https://docs.djangoproject.com/en/4.2/releases/security/" }, { "url": "https://www.djangoproject.com/weblog/2023/jul/03/security-releases/" }, { "name": "[debian-lts-announce] 20230719 [SECURITY] [DLA 3500-1] python-django security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html" }, { "name": "DSA-5465", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5465" }, { "name": "FEDORA-2023-cc023fabb7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS/" }, { "name": "FEDORA-2023-9d36d373f1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A/" }, { "name": "FEDORA-2024-84fbbbb914", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-36053", "datePublished": "2023-07-03T00:00:00", "dateReserved": "2023-06-20T00:00:00", "dateUpdated": "2024-08-02T16:37:41.341Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-22067
Vulnerability from cvelistv5
Published
2023-10-17 21:02
Modified
2024-08-02 09:59
Severity ?
EPSS score ?
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u381 Version: Oracle Java SE:8u381-perf Version: Oracle GraalVM Enterprise Edition:20.3.11 Version: Oracle GraalVM Enterprise Edition:21.3.7 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:59:28.818Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5537" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u381" }, { "status": "affected", "version": "Oracle Java SE:8u381-perf" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.11" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.7" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-08T04:14:08.574Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "url": "https://www.debian.org/security/2023/dsa-5537" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-22067", "datePublished": "2023-10-17T21:02:50.986Z", "dateReserved": "2022-12-17T19:26:00.757Z", "dateUpdated": "2024-08-02T09:59:28.818Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-27986
Vulnerability from cvelistv5
Published
2023-03-09 00:00
Modified
2024-08-02 12:23
Severity ?
EPSS score ?
Summary
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:23:30.840Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/03/08/2" }, { "tags": [ "x_transferred" ], "url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=3c1693d08b0a71d40a77e7b40c0ebc42dca2d2cc" }, { "name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/03/09/1" }, { "tags": [ "x_transferred" ], "url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-09T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.openwall.com/lists/oss-security/2023/03/08/2" }, { "url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=3c1693d08b0a71d40a77e7b40c0ebc42dca2d2cc" }, { "name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/03/09/1" }, { "url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-27986", "datePublished": "2023-03-09T00:00:00", "dateReserved": "2023-03-09T00:00:00", "dateUpdated": "2024-08-02T12:23:30.840Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2857
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 06:33
Severity ?
EPSS score ?
Summary
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Wireshark Foundation | Wireshark |
Version: >=4.0.0, <4.0.6 Version: >=3.6.0, <3.6.14 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:33:05.505Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-13.html" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19063" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2857.json" }, { "name": "DSA-5429", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [ { "status": "affected", "version": "\u003e=4.0.0, \u003c4.0.6" }, { "status": "affected", "version": "\u003e=3.6.0, \u003c3.6.14" } ] } ], "credits": [ { "lang": "en", "value": "Huascar Tejeda" } ], "descriptions": [ { "lang": "en", "value": "BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer over-read in Wireshark", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-17T06:06:26.730710", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://www.wireshark.org/security/wnpa-sec-2023-13.html" }, { "url": "https://gitlab.com/wireshark/wireshark/-/issues/19063" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2857.json" }, { "name": "DSA-5429", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202309-02" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-2857", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-05-24T00:00:00", "dateUpdated": "2024-08-02T06:33:05.505Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-37202
Vulnerability from cvelistv5
Published
2023-07-05 08:52
Modified
2024-11-21 14:17
Severity ?
EPSS score ?
Summary
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 115 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:09:32.923Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1834711" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5450" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5451" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-37202", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-21T14:17:49.931655Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-21T14:17:58.832Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "115", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "zx" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "value": "Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "problemTypes": [ { "descriptions": [ { "description": "Potential use-after-free from compartment mismatch in SpiderMonkey", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-05T08:52:01.098Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1834711" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "url": "https://www.debian.org/security/2023/dsa-5450" }, { "url": "https://www.debian.org/security/2023/dsa-5451" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-37202", "datePublished": "2023-07-05T08:52:01.098Z", "dateReserved": "2023-06-28T18:07:02.265Z", "dateUpdated": "2024-11-21T14:17:58.832Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-40477
Vulnerability from cvelistv5
Published
2024-05-03 02:11
Modified
2024-08-02 18:31
Severity ?
EPSS score ?
Summary
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21233.
References
▼ | URL | Tags |
---|---|---|
https://www.zerodayinitiative.com/advisories/ZDI-23-1152/ | x_research-advisory | |
https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa | vendor-advisory |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:rarlab:winrar:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "winrar", "vendor": "rarlab", "versions": [ { "status": "affected", "version": "6.21" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-40477", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-18T13:35:58.103184Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-18T13:47:35.415Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T18:31:53.902Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ZDI-23-1152", "tags": [ "x_research-advisory", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1152/" }, { "name": "vendor-provided URL", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.win-rar.com/singlenewsview.html?\u0026L=0\u0026tx_ttnews%5Btt_news%5D=232\u0026cHash=c5bf79590657e32554c6683296a8e8aa" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "WinRAR", "vendor": "RARLAB", "versions": [ { "status": "affected", "version": "6.21" } ] } ], "dateAssigned": "2023-08-14T16:14:46.683-05:00", "datePublic": "2023-08-17T14:42:16.400-05:00", "descriptions": [ { "lang": "en", "value": "RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21233." } ], "metrics": [ { "cvssV3_0": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-129", "description": "CWE-129: Improper Validation of Array Index", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-03T02:11:12.905Z", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "name": "ZDI-23-1152", "tags": [ "x_research-advisory" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1152/" }, { "name": "vendor-provided URL", "tags": [ "vendor-advisory" ], "url": "https://www.win-rar.com/singlenewsview.html?\u0026L=0\u0026tx_ttnews%5Btt_news%5D=232\u0026cHash=c5bf79590657e32554c6683296a8e8aa" } ], "source": { "lang": "en", "value": "goodbyeselene" }, "title": "RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2023-40477", "datePublished": "2024-05-03T02:11:12.905Z", "dateReserved": "2023-08-14T21:06:28.913Z", "dateUpdated": "2024-08-02T18:31:53.902Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29409
Vulnerability from cvelistv5
Published
2023-08-02 19:47
Modified
2024-10-22 14:16
Severity ?
EPSS score ?
Summary
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/tls |
Version: 0 ≤ Version: 1.20.0-0 ≤ Version: 1.21.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:46.160Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/61460" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/515257" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-1987" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230831-0010/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-29409", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T14:15:51.334084Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-22T14:16:01.839Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/tls", "product": "crypto/tls", "programRoutines": [ { "name": "Conn.verifyServerCertificate" }, { "name": "Conn.processCertsFromClient" }, { "name": "Conn.Handshake" }, { "name": "Conn.HandshakeContext" }, { "name": "Conn.Read" }, { "name": "Conn.Write" }, { "name": "Dial" }, { "name": "DialWithDialer" }, { "name": "Dialer.Dial" }, { "name": "Dialer.DialContext" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.19.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.7", "status": "affected", "version": "1.20.0-0", "versionType": "semver" }, { "lessThan": "1.21.0-rc.4", "status": "affected", "version": "1.21.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Mateusz Poliwczak" } ], "descriptions": [ { "lang": "en", "value": "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to \u003c= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-02T19:47:23.829Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/61460" }, { "url": "https://go.dev/cl/515257" }, { "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2023-1987" }, { "url": "https://security.netapp.com/advisory/ntap-20230831-0010/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Large RSA keys can cause high CPU usage in crypto/tls" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-29409", "datePublished": "2023-08-02T19:47:23.829Z", "dateReserved": "2023-04-05T19:36:35.043Z", "dateUpdated": "2024-10-22T14:16:01.839Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-3639
Vulnerability from cvelistv5
Published
2018-05-22 12:00
Modified
2024-09-16 22:55
Severity ?
EPSS score ?
Summary
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Intel Corporation | Multiple |
Version: Multiple |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T04:50:30.281Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:1689", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1689" }, { "name": "RHSA-2018:2162", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2162" }, { "name": "RHSA-2018:1641", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1641" }, { "name": "USN-3680-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3680-1/" }, { "name": "RHSA-2018:1997", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1997" }, { "name": "RHSA-2018:1665", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1665" }, { "name": "RHSA-2018:3407", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3407" }, { "name": "RHSA-2018:2164", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2164" }, { "name": "RHSA-2018:2001", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2001" }, { "name": "RHSA-2018:3423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3423" }, { "name": "RHSA-2018:2003", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2003" }, { "name": "USN-3654-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3654-1/" }, { "name": "RHSA-2018:1645", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1645" }, { "name": "RHSA-2018:1643", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1643" }, { "name": "RHSA-2018:1652", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1652" }, { "name": "RHSA-2018:3424", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3424" }, { "name": "RHSA-2018:3402", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3402" }, { "name": "TA18-141A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A" }, { "name": "RHSA-2018:1656", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1656" }, { "name": "RHSA-2018:1664", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1664" }, { "name": "RHSA-2018:2258", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2258" }, { "name": "RHSA-2018:1688", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1688" }, { "name": "RHSA-2018:1658", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1658" }, { "name": "RHSA-2018:1657", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1657" }, { "name": "RHSA-2018:2289", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2289" }, { "name": "RHSA-2018:1666", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1666" }, { "name": "1042004", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1042004" }, { "name": "RHSA-2018:1675", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1675" }, { "name": "RHSA-2018:1660", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1660" }, { "name": "RHSA-2018:1965", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1965" }, { "name": "RHSA-2018:1661", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1661" }, { "name": "RHSA-2018:1633", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1633" }, { "name": "RHSA-2018:1636", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1636" }, { "name": "RHSA-2018:1854", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1854" }, { "name": "RHSA-2018:2006", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2006" }, { "name": "RHSA-2018:2250", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2250" }, { "name": "1040949", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040949" }, { "name": "RHSA-2018:3401", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3401" }, { "name": "RHSA-2018:1737", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1737" }, { "name": "RHSA-2018:1826", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1826" }, { "name": "USN-3651-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3651-1/" }, { "name": "DSA-4210", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4210" }, { "name": "44695", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/44695/" }, { "name": "RHSA-2018:1651", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1651" }, { "name": "RHSA-2018:1638", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1638" }, { "name": "RHSA-2018:1696", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1696" }, { "name": "RHSA-2018:2246", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2246" }, { "name": "RHSA-2018:1644", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1644" }, { "name": "RHSA-2018:1646", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1646" }, { "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html" }, { "name": "RHSA-2018:1639", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1639" }, { "name": "RHSA-2018:1668", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1668" }, { "name": "RHSA-2018:1637", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1637" }, { "name": "RHSA-2018:2948", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2948" }, { "name": "VU#180049", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/180049" }, { "name": "RHSA-2018:1686", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1686" }, { "name": "RHSA-2018:2172", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2172" }, { "name": "RHSA-2018:1663", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1663" }, { "name": "USN-3652-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3652-1/" }, { "name": "RHSA-2018:1629", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1629" }, { "name": "RHSA-2018:1655", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1655" }, { "name": "RHSA-2018:1640", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1640" }, { "name": "RHSA-2018:1669", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1669" }, { "name": "RHSA-2018:1676", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1676" }, { "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel" }, { "name": "RHSA-2018:3425", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3425" }, { "name": "RHSA-2018:2363", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2363" }, { "name": "RHSA-2018:1632", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1632" }, { "name": "RHSA-2018:1650", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1650" }, { "name": "RHSA-2018:2396", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2396" }, { "name": "RHSA-2018:2364", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2364" }, { "name": "USN-3653-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3653-2/" }, { "name": "RHSA-2018:2216", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2216" }, { "name": "USN-3655-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3655-1/" }, { "name": "RHSA-2018:1649", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1649" }, { "name": "RHSA-2018:2309", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2309" }, { "name": "104232", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/104232" }, { "name": "RHSA-2018:1653", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1653" }, { "name": "RHSA-2018:2171", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2171" }, { "name": "RHSA-2018:1635", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1635" }, { "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html" }, { "name": "RHSA-2018:2394", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2394" }, { "name": "RHSA-2018:1710", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1710" }, { "name": "RHSA-2018:1659", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1659" }, { "name": "RHSA-2018:1711", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1711" }, { "name": "DSA-4273", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4273" }, { "name": "RHSA-2018:1738", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1738" }, { "name": "RHSA-2018:1674", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1674" }, { "name": "RHSA-2018:3396", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3396" }, { "name": "RHSA-2018:1667", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1667" }, { "name": "USN-3654-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3654-2/" }, { "name": "RHSA-2018:1662", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1662" }, { "name": "RHSA-2018:1630", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1630" }, { "name": "RHSA-2018:1647", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1647" }, { "name": "RHSA-2018:1967", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1967" }, { "name": "USN-3655-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3655-2/" }, { "name": "RHSA-2018:3399", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3399" }, { "name": "RHSA-2018:2060", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2060" }, { "name": "RHSA-2018:1690", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1690" }, { "name": "USN-3653-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3653-1/" }, { "name": "RHSA-2018:2161", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2161" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html" }, { "name": "RHSA-2018:2328", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2328" }, { "name": "RHSA-2018:1648", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1648" }, { "name": "RHSA-2018:2387", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2387" }, { "name": "RHSA-2019:0148", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:0148" }, { "name": "RHSA-2018:1654", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1654" }, { "name": "USN-3679-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3679-1/" }, { "name": "USN-3777-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3777-3/" }, { "name": "RHSA-2018:1642", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:1642" }, { "name": "RHSA-2018:3397", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3397" }, { "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html" }, { "name": "USN-3756-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3756-1/" }, { "name": "RHSA-2018:3398", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3398" }, { "name": "RHSA-2018:3400", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3400" }, { "name": "RHSA-2018:2228", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2228" }, { "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" }, { "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html" }, { "name": "RHSA-2019:1046", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1046" }, { "name": "openSUSE-SU-2019:1439", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" }, { "name": "openSUSE-SU-2019:1438", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html" }, { "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Jun/36" }, { "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1" }, { "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2" }, { "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.lenovo.com/us/en/solutions/LEN-22133" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX235225" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.synology.com/support/security/Synology_SA_18_23" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://xenbits.xen.org/xsa/advisory-263.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20180521-0001/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html" }, { "name": "openSUSE-SU-2020:1325", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Multiple", "vendor": "Intel Corporation", "versions": [ { "status": "affected", "version": "Multiple" } ] } ], "datePublic": "2018-05-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-02T20:06:27", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "name": "RHSA-2018:1689", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1689" }, { "name": "RHSA-2018:2162", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2162" }, { "name": "RHSA-2018:1641", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1641" }, { "name": "USN-3680-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3680-1/" }, { "name": "RHSA-2018:1997", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1997" }, { "name": "RHSA-2018:1665", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1665" }, { "name": "RHSA-2018:3407", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3407" }, { "name": "RHSA-2018:2164", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2164" }, { "name": "RHSA-2018:2001", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2001" }, { "name": "RHSA-2018:3423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3423" }, { "name": "RHSA-2018:2003", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2003" }, { "name": "USN-3654-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3654-1/" }, { "name": "RHSA-2018:1645", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1645" }, { "name": "RHSA-2018:1643", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1643" }, { "name": "RHSA-2018:1652", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1652" }, { "name": "RHSA-2018:3424", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3424" }, { "name": "RHSA-2018:3402", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3402" }, { "name": "TA18-141A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A" }, { "name": "RHSA-2018:1656", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1656" }, { "name": "RHSA-2018:1664", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1664" }, { "name": "RHSA-2018:2258", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2258" }, { "name": "RHSA-2018:1688", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1688" }, { "name": "RHSA-2018:1658", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1658" }, { "name": "RHSA-2018:1657", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1657" }, { "name": "RHSA-2018:2289", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2289" }, { "name": "RHSA-2018:1666", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1666" }, { "name": "1042004", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1042004" }, { "name": "RHSA-2018:1675", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1675" }, { "name": "RHSA-2018:1660", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1660" }, { "name": "RHSA-2018:1965", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1965" }, { "name": "RHSA-2018:1661", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1661" }, { "name": "RHSA-2018:1633", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1633" }, { "name": "RHSA-2018:1636", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1636" }, { "name": "RHSA-2018:1854", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1854" }, { "name": "RHSA-2018:2006", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2006" }, { "name": "RHSA-2018:2250", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2250" }, { "name": "1040949", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040949" }, { "name": "RHSA-2018:3401", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3401" }, { "name": "RHSA-2018:1737", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1737" }, { "name": "RHSA-2018:1826", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1826" }, { "name": "USN-3651-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3651-1/" }, { "name": "DSA-4210", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4210" }, { "name": "44695", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/44695/" }, { "name": "RHSA-2018:1651", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1651" }, { "name": "RHSA-2018:1638", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1638" }, { "name": "RHSA-2018:1696", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1696" }, { "name": "RHSA-2018:2246", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2246" }, { "name": "RHSA-2018:1644", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1644" }, { "name": "RHSA-2018:1646", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1646" }, { "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html" }, { "name": "RHSA-2018:1639", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1639" }, { "name": "RHSA-2018:1668", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1668" }, { "name": "RHSA-2018:1637", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1637" }, { "name": "RHSA-2018:2948", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2948" }, { "name": "VU#180049", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/180049" }, { "name": "RHSA-2018:1686", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1686" }, { "name": "RHSA-2018:2172", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2172" }, { "name": "RHSA-2018:1663", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1663" }, { "name": "USN-3652-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3652-1/" }, { "name": "RHSA-2018:1629", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1629" }, { "name": "RHSA-2018:1655", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1655" }, { "name": "RHSA-2018:1640", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1640" }, { "name": "RHSA-2018:1669", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1669" }, { "name": "RHSA-2018:1676", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1676" }, { "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel" }, { "name": "RHSA-2018:3425", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3425" }, { "name": "RHSA-2018:2363", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2363" }, { "name": "RHSA-2018:1632", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1632" }, { "name": "RHSA-2018:1650", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1650" }, { "name": "RHSA-2018:2396", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2396" }, { "name": "RHSA-2018:2364", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2364" }, { "name": "USN-3653-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3653-2/" }, { "name": "RHSA-2018:2216", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2216" }, { "name": "USN-3655-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3655-1/" }, { "name": "RHSA-2018:1649", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1649" }, { "name": "RHSA-2018:2309", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2309" }, { "name": "104232", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/104232" }, { "name": "RHSA-2018:1653", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1653" }, { "name": "RHSA-2018:2171", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2171" }, { "name": "RHSA-2018:1635", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1635" }, { "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html" }, { "name": "RHSA-2018:2394", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2394" }, { "name": "RHSA-2018:1710", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1710" }, { "name": "RHSA-2018:1659", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1659" }, { "name": "RHSA-2018:1711", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1711" }, { "name": "DSA-4273", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4273" }, { "name": "RHSA-2018:1738", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1738" }, { "name": "RHSA-2018:1674", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1674" }, { "name": "RHSA-2018:3396", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3396" }, { "name": "RHSA-2018:1667", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1667" }, { "name": "USN-3654-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3654-2/" }, { "name": "RHSA-2018:1662", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1662" }, { "name": "RHSA-2018:1630", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1630" }, { "name": "RHSA-2018:1647", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1647" }, { "name": "RHSA-2018:1967", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1967" }, { "name": "USN-3655-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3655-2/" }, { "name": "RHSA-2018:3399", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3399" }, { "name": "RHSA-2018:2060", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2060" }, { "name": "RHSA-2018:1690", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1690" }, { "name": "USN-3653-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3653-1/" }, { "name": "RHSA-2018:2161", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2161" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html" }, { "name": "RHSA-2018:2328", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2328" }, { "name": "RHSA-2018:1648", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1648" }, { "name": "RHSA-2018:2387", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2387" }, { "name": "RHSA-2019:0148", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:0148" }, { "name": "RHSA-2018:1654", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1654" }, { "name": "USN-3679-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3679-1/" }, { "name": "USN-3777-3", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3777-3/" }, { "name": "RHSA-2018:1642", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:1642" }, { "name": "RHSA-2018:3397", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3397" }, { "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html" }, { "name": "USN-3756-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3756-1/" }, { "name": "RHSA-2018:3398", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3398" }, { "name": "RHSA-2018:3400", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3400" }, { "name": "RHSA-2018:2228", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2228" }, { "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" }, { "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html" }, { "name": "RHSA-2019:1046", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1046" }, { "name": "openSUSE-SU-2019:1439", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" }, { "name": "openSUSE-SU-2019:1438", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html" }, { "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Jun/36" }, { "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1" }, { "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2" }, { "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.lenovo.com/us/en/solutions/LEN-22133" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX235225" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.synology.com/support/security/Synology_SA_18_23" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://xenbits.xen.org/xsa/advisory-263.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20180521-0001/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html" }, { "name": "openSUSE-SU-2020:1325", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "DATE_PUBLIC": "2018-05-21T00:00:00", "ID": "CVE-2018-3639", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Multiple", "version": { "version_data": [ { "version_value": "Multiple" } ] } } ] }, "vendor_name": "Intel Corporation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:1689", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1689" }, { "name": "RHSA-2018:2162", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2162" }, { "name": "RHSA-2018:1641", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1641" }, { "name": "USN-3680-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3680-1/" }, { "name": "RHSA-2018:1997", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1997" }, { "name": "RHSA-2018:1665", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1665" }, { "name": "RHSA-2018:3407", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3407" }, { "name": "RHSA-2018:2164", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2164" }, { "name": "RHSA-2018:2001", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2001" }, { "name": "RHSA-2018:3423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3423" }, { "name": "RHSA-2018:2003", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2003" }, { "name": "USN-3654-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3654-1/" }, { "name": "RHSA-2018:1645", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1645" }, { "name": "RHSA-2018:1643", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1643" }, { "name": "RHSA-2018:1652", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1652" }, { "name": "RHSA-2018:3424", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3424" }, { "name": "RHSA-2018:3402", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3402" }, { "name": "TA18-141A", "refsource": "CERT", "url": "https://www.us-cert.gov/ncas/alerts/TA18-141A" }, { "name": "RHSA-2018:1656", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1656" }, { "name": "RHSA-2018:1664", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1664" }, { "name": "RHSA-2018:2258", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2258" }, { "name": "RHSA-2018:1688", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1688" }, { "name": "RHSA-2018:1658", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1658" }, { "name": "RHSA-2018:1657", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1657" }, { "name": "RHSA-2018:2289", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2289" }, { "name": "RHSA-2018:1666", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1666" }, { "name": "1042004", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1042004" }, { "name": "RHSA-2018:1675", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1675" }, { "name": "RHSA-2018:1660", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1660" }, { "name": "RHSA-2018:1965", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1965" }, { "name": "RHSA-2018:1661", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1661" }, { "name": "RHSA-2018:1633", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1633" }, { "name": "RHSA-2018:1636", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1636" }, { "name": "RHSA-2018:1854", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1854" }, { "name": "RHSA-2018:2006", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2006" }, { "name": "RHSA-2018:2250", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2250" }, { "name": "1040949", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040949" }, { "name": "RHSA-2018:3401", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3401" }, { "name": "RHSA-2018:1737", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1737" }, { "name": "RHSA-2018:1826", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1826" }, { "name": "USN-3651-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3651-1/" }, { "name": "DSA-4210", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4210" }, { "name": "44695", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44695/" }, { "name": "RHSA-2018:1651", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1651" }, { "name": "RHSA-2018:1638", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1638" }, { "name": "RHSA-2018:1696", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1696" }, { "name": "RHSA-2018:2246", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2246" }, { "name": "RHSA-2018:1644", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1644" }, { "name": "RHSA-2018:1646", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1646" }, { "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html" }, { "name": "RHSA-2018:1639", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1639" }, { "name": "RHSA-2018:1668", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1668" }, { "name": "RHSA-2018:1637", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1637" }, { "name": "RHSA-2018:2948", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2948" }, { "name": "VU#180049", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/180049" }, { "name": "RHSA-2018:1686", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1686" }, { "name": "RHSA-2018:2172", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2172" }, { "name": "RHSA-2018:1663", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1663" }, { "name": "USN-3652-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3652-1/" }, { "name": "RHSA-2018:1629", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1629" }, { "name": "RHSA-2018:1655", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1655" }, { "name": "RHSA-2018:1640", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1640" }, { "name": "RHSA-2018:1669", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1669" }, { "name": "RHSA-2018:1676", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1676" }, { "name": "20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel" }, { "name": "RHSA-2018:3425", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3425" }, { "name": "RHSA-2018:2363", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2363" }, { "name": "RHSA-2018:1632", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1632" }, { "name": "RHSA-2018:1650", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1650" }, { "name": "RHSA-2018:2396", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2396" }, { "name": "RHSA-2018:2364", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2364" }, { "name": "USN-3653-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3653-2/" }, { "name": "RHSA-2018:2216", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2216" }, { "name": "USN-3655-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3655-1/" }, { "name": "RHSA-2018:1649", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1649" }, { "name": "RHSA-2018:2309", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2309" }, { "name": "104232", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104232" }, { "name": "RHSA-2018:1653", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1653" }, { "name": "RHSA-2018:2171", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2171" }, { "name": "RHSA-2018:1635", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1635" }, { "name": "[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html" }, { "name": "RHSA-2018:2394", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2394" }, { "name": "RHSA-2018:1710", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1710" }, { "name": "RHSA-2018:1659", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1659" }, { "name": "RHSA-2018:1711", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1711" }, { "name": "DSA-4273", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4273" }, { "name": "RHSA-2018:1738", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1738" }, { "name": "RHSA-2018:1674", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1674" }, { "name": "RHSA-2018:3396", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3396" }, { "name": "RHSA-2018:1667", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1667" }, { "name": "USN-3654-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3654-2/" }, { "name": "RHSA-2018:1662", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1662" }, { "name": "RHSA-2018:1630", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1630" }, { "name": "RHSA-2018:1647", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1647" }, { "name": "RHSA-2018:1967", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1967" }, { "name": "USN-3655-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3655-2/" }, { "name": "RHSA-2018:3399", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3399" }, { "name": "RHSA-2018:2060", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2060" }, { "name": "RHSA-2018:1690", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1690" }, { "name": "USN-3653-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3653-1/" }, { "name": "RHSA-2018:2161", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2161" }, { "name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html" }, { "name": "RHSA-2018:2328", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2328" }, { "name": "RHSA-2018:1648", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1648" }, { "name": "RHSA-2018:2387", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2387" }, { "name": "RHSA-2019:0148", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0148" }, { "name": "RHSA-2018:1654", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1654" }, { "name": "USN-3679-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3679-1/" }, { "name": "USN-3777-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3777-3/" }, { "name": "RHSA-2018:1642", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1642" }, { "name": "RHSA-2018:3397", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3397" }, { "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html" }, { "name": "USN-3756-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3756-1/" }, { "name": "RHSA-2018:3398", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3398" }, { "name": "RHSA-2018:3400", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3400" }, { "name": "RHSA-2018:2228", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2228" }, { "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" }, { "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html" }, { "name": "RHSA-2019:1046", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1046" }, { "name": "openSUSE-SU-2019:1439", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" }, { "name": "openSUSE-SU-2019:1438", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html" }, { "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Jun/36" }, { "name": "[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/06/10/1" }, { "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/06/10/2" }, { "name": "[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/06/10/5" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "refsource": "CONFIRM", "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf" }, { "name": "http://support.lenovo.com/us/en/solutions/LEN-22133", "refsource": "CONFIRM", "url": "http://support.lenovo.com/us/en/solutions/LEN-22133" }, { "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004", "refsource": "CONFIRM", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004" }, { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012" }, { "name": "https://support.citrix.com/article/CTX235225", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX235225" }, { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html" }, { "name": "https://www.synology.com/support/security/Synology_SA_18_23", "refsource": "CONFIRM", "url": "https://www.synology.com/support/security/Synology_SA_18_23" }, { "name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability", "refsource": "CONFIRM", "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability" }, { "name": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html", "refsource": "CONFIRM", "url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html" }, { "name": "http://xenbits.xen.org/xsa/advisory-263.html", "refsource": "CONFIRM", "url": "http://xenbits.xen.org/xsa/advisory-263.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf" }, { "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006", "refsource": "CONFIRM", "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03850en_us" }, { "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", "refsource": "MISC", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528" }, { "name": "https://security.netapp.com/advisory/ntap-20180521-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180521-0001/" }, { "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" }, { "name": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html", "refsource": "CONFIRM", "url": "https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html" }, { "name": "openSUSE-SU-2020:1325", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2018-3639", "datePublished": "2018-05-22T12:00:00Z", "dateReserved": "2017-12-28T00:00:00", "dateUpdated": "2024-09-16T22:55:27.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32573
Vulnerability from cvelistv5
Published
2023-05-10 00:00
Modified
2024-08-02 15:18
Severity ?
EPSS score ?
Summary
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:18:37.809Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://codereview.qt-project.org/c/qt/qtsvg/+/474093" }, { "name": "FEDORA-2023-0d4b3316f6", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/" }, { "name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-23T00:06:14.525652", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://codereview.qt-project.org/c/qt/qtsvg/+/474093" }, { "name": "FEDORA-2023-0d4b3316f6", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/" }, { "name": "[debian-lts-announce] 20230822 [SECURITY] [DLA 3539-1] qt4-x11 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-32573", "datePublished": "2023-05-10T00:00:00", "dateReserved": "2023-05-10T00:00:00", "dateUpdated": "2024-08-02T15:18:37.809Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32003
Vulnerability from cvelistv5
Published
2023-08-15 15:10
Modified
2024-10-09 14:16
Severity ?
EPSS score ?
Summary
`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory.
This vulnerability affects all users using the experimental permission model in Node.js 20.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.792Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/2037887" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230915-0009/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-32003", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-09T14:15:53.011114Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T14:16:32.217Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThanOrEqual": "20.5.0", "status": "affected", "version": "20.5.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2023-08-15T15:10:29.363Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/2037887" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBOZE2QZIBLFFTYWYN23FGKN6HULZ6HX/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQPELKG2LVTADSB7ME73AV4DXQK47PWK/" }, { "url": "https://security.netapp.com/advisory/ntap-20230915-0009/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-32003", "datePublished": "2023-08-15T15:10:29.363Z", "dateReserved": "2023-05-01T01:00:12.220Z", "dateUpdated": "2024-10-09T14:16:32.217Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30581
Vulnerability from cvelistv5
Published
2023-11-22 23:28
Modified
2024-08-02 14:28
Severity ?
EPSS score ?
Summary
The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20.
Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:28:51.907Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThan": "16.20.1", "status": "affected", "version": "16.20.1", "versionType": "semver" }, { "lessThan": "18.16.1", "status": "affected", "version": "18.16.1", "versionType": "semver" }, { "lessThan": "20.3.1", "status": "affected", "version": "20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js" } ], "providerMetadata": { "dateUpdated": "2023-11-22T23:28:30.768Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30581", "datePublished": "2023-11-22T23:28:30.768Z", "dateReserved": "2023-04-13T01:00:12.085Z", "dateUpdated": "2024-08-02T14:28:51.907Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4045
Vulnerability from cvelistv5
Published
2023-08-01 14:56
Modified
2024-08-02 07:17
Severity ?
EPSS score ?
Summary
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:12.147Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1833876" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5464" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5469" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Max Vlasov" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "value": "Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Offscreen Canvas could have bypassed cross-origin restrictions", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-01T14:56:53.933Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1833876" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.debian.org/security/2023/dsa-5464" }, { "url": "https://www.debian.org/security/2023/dsa-5469" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4045", "datePublished": "2023-08-01T14:56:53.933Z", "dateReserved": "2023-08-01T14:55:59.302Z", "dateUpdated": "2024-08-02T07:17:12.147Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3247
Vulnerability from cvelistv5
Published
2023-07-22 04:17
Modified
2024-10-15 20:34
Severity ?
EPSS score ?
Summary
In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:48:08.521Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-3247", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-15T19:41:48.525120Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-15T20:34:03.327Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "PHP", "vendor": "PHP Group", "versions": [ { "lessThan": "8.0.29", "status": "affected", "version": "8.0.*", "versionType": "semver" }, { "lessThan": "8.1.20", "status": "affected", "version": "8.1.*", "versionType": "semver" }, { "lessThan": "8.2.7", "status": "affected", "version": "8.2.*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Niels Dossche" }, { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Tim D\u00fcsterhus" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eIn PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client\u0027s nonce.\u0026nbsp;\u003c/p\u003e" } ], "value": "In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client\u0027s nonce.\u00a0\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-252", "description": "CWE-252 Unchecked Return Value", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-330", "description": "CWE-330 Use of Insufficiently Random Values", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-22T04:17:09.896Z", "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php" }, "references": [ { "url": "https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw" } ], "source": { "advisory": "https://github.com/php/php-src/security/advisories/GHSA-76gg-c69", "discovery": "INTERNAL" }, "title": "Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "assignerShortName": "php", "cveId": "CVE-2023-3247", "datePublished": "2023-07-22T04:17:09.896Z", "dateReserved": "2023-06-14T16:24:08.631Z", "dateUpdated": "2024-10-15T20:34:03.327Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-22128
Vulnerability from cvelistv5
Published
2023-10-17 21:03
Modified
2024-09-13 15:41
Severity ?
EPSS score ?
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com/security-alerts/cpuoct2023.html | vendor-advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Solaris Operating System |
Version: 10 Version: 11 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:59:29.148Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-22128", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-13T15:38:30.643722Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-13T15:41:41.762Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Solaris Operating System", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "10" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via rquota to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via rquota to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-17T21:03:14.486Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-22128", "datePublished": "2023-10-17T21:03:14.486Z", "dateReserved": "2022-12-17T19:26:00.764Z", "dateUpdated": "2024-09-13T15:41:41.762Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31124
Vulnerability from cvelistv5
Published
2023-05-25 21:09
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:25.746Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4" }, { "name": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "c-ares", "vendor": "c-ares", "versions": [ { "status": "affected", "version": "\u003c 1.19.1" } ] } ], "descriptions": [ { "lang": "en", "value": "c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-330", "description": "CWE-330: Use of Insufficiently Random Values", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-25T21:09:31.881Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4" }, { "name": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/" }, { "url": "https://security.gentoo.org/glsa/202310-09" } ], "source": { "advisory": "GHSA-54xr-f67r-4pc4", "discovery": "UNKNOWN" }, "title": "AutoTools does not set CARES_RANDOM_FILE during cross compilation" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-31124", "datePublished": "2023-05-25T21:09:31.881Z", "dateReserved": "2023-04-24T21:44:10.415Z", "dateUpdated": "2024-08-02T14:45:25.746Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36191
Vulnerability from cvelistv5
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2023-09-12T15:12:53.708200", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "rejectedReasons": [ { "lang": "en", "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-36191", "dateRejected": "2023-09-12T00:00:00", "dateReserved": "2023-06-21T00:00:00", "dateUpdated": "2023-09-12T15:12:53.708200", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }
cve-2023-2854
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 06:33
Severity ?
EPSS score ?
Summary
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Wireshark Foundation | Wireshark |
Version: >=4.0.0, <4.0.6 Version: >=3.6.0, <3.6.14 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:33:05.826Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-17.html" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19084" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2854.json" }, { "name": "DSA-5429", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [ { "status": "affected", "version": "\u003e=4.0.0, \u003c4.0.6" }, { "status": "affected", "version": "\u003e=3.6.0, \u003c3.6.14" } ] } ], "credits": [ { "lang": "en", "value": "Huascar Tejeda" } ], "descriptions": [ { "lang": "en", "value": "BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer over-read in Wireshark", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-17T06:06:20.020893", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://www.wireshark.org/security/wnpa-sec-2023-17.html" }, { "url": "https://gitlab.com/wireshark/wireshark/-/issues/19084" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2854.json" }, { "name": "DSA-5429", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202309-02" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-2854", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-05-24T00:00:00", "dateUpdated": "2024-08-02T06:33:05.826Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30586
Vulnerability from cvelistv5
Published
2023-06-30 23:40
Modified
2024-11-27 18:27
Severity ?
EPSS score ?
Summary
A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine() API can be used to bypass the permission model when called with a compatible OpenSSL engine. The OpenSSL engine can, for example, disable the permission model in the host process by manipulating the process's stack memory to locate the permission model Permission::enabled_ in the host process's heap memory. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Node.js | https://github.com/nodejs/node |
Version: v20.3.1 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:28:51.808Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1954535" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230803-0008/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-30586", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-27T18:27:16.523763Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-27T18:27:25.453Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "https://github.com/nodejs/node", "vendor": "Node.js", "versions": [ { "lessThan": "v20.3.1", "status": "affected", "version": "v20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine() API can be used to bypass the permission model when called with a compatible OpenSSL engine. The OpenSSL engine can, for example, disable the permission model in the host process by manipulating the process\u0027s stack memory to locate the permission model Permission::enabled_ in the host process\u0027s heap memory. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2023-06-30T23:40:08.238Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1954535" }, { "url": "https://security.netapp.com/advisory/ntap-20230803-0008/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30586", "datePublished": "2023-06-30T23:40:08.238Z", "dateReserved": "2023-04-13T01:00:12.086Z", "dateUpdated": "2024-11-27T18:27:25.453Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4047
Vulnerability from cvelistv5
Published
2023-08-01 14:57
Modified
2024-10-22 15:24
Severity ?
EPSS score ?
Summary
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:11.351Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839073" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5464" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5469" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4047", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T15:16:57.592596Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-22T15:24:36.027Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Axel Chong (@Haxatron)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "value": "A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Potential permissions request bypass via clickjacking", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-01T14:57:35.097Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839073" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.debian.org/security/2023/dsa-5464" }, { "url": "https://www.debian.org/security/2023/dsa-5469" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4047", "datePublished": "2023-08-01T14:57:35.097Z", "dateReserved": "2023-08-01T14:57:30.157Z", "dateUpdated": "2024-10-22T15:24:36.027Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0049
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-02 04:54
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T04:54:32.595Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c" }, { "name": "FEDORA-2023-0f6a9433cf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3Y752EAVACVC5XY2TMGGOAIU25VQRPDW/" }, { "name": "FEDORA-2023-208f2107d5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T33LLWHLH63XDCO5OME7NWN63RA4U5HF/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1143", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9" }, { "url": "https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c" }, { "name": "FEDORA-2023-0f6a9433cf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3Y752EAVACVC5XY2TMGGOAIU25VQRPDW/" }, { "name": "FEDORA-2023-208f2107d5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T33LLWHLH63XDCO5OME7NWN63RA4U5HF/" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "5e6f325c-ba54-4bf0-b050-dca048fd3fd9", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0049", "datePublished": "2023-01-04T00:00:00", "dateReserved": "2023-01-04T00:00:00", "dateUpdated": "2024-08-02T04:54:32.595Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30583
Vulnerability from cvelistv5
Published
2024-09-07 16:00
Modified
2024-09-26 15:03
Severity ?
EPSS score ?
Summary
fs.openAsBlob() can bypass the experimental permission model when using the file system read restriction with the `--allow-fs-read` flag in Node.js 20. This flaw arises from a missing check in the `fs.openAsBlob()` API.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "nodejs", "vendor": "nodejs", "versions": [ { "lessThan": "20.3.1", "status": "affected", "version": "20.0", "versionType": "semver" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-30583", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-09T18:28:41.327139Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-09T18:30:04.226Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-09-26T15:03:04.235Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240926-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThan": "20.3.1", "status": "affected", "version": "20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "fs.openAsBlob() can bypass the experimental permission model when using the file system read restriction with the `--allow-fs-read` flag in Node.js 20. This flaw arises from a missing check in the `fs.openAsBlob()` API.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2024-09-07T16:00:35.918Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30583", "datePublished": "2024-09-07T16:00:35.918Z", "dateReserved": "2023-04-13T01:00:12.085Z", "dateUpdated": "2024-09-26T15:03:04.235Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-24805
Vulnerability from cvelistv5
Published
2023-05-17 17:33
Modified
2024-08-02 11:03
Severity ?
EPSS score ?
Summary
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | OpenPrinting | cups-filters |
Version: <= 2.0rc1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:03:19.260Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x" }, { "name": "https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9d4c4447287d65", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9d4c4447287d65" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNCGL2ZTAS2GFF23QFT55UFWIDMI4ZJK/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5407" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KL2SJMZQ5T5JIH3PMQ2CGCY5TUUE255Y/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-06" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "cups-filters", "vendor": "OpenPrinting", "versions": [ { "status": "affected", "version": "\u003c= 2.0rc1 " } ] } ], "descriptions": [ { "lang": "en", "value": "cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) \u003e\u003e 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-17T17:33:41.714Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x" }, { "name": "https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9d4c4447287d65", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9d4c4447287d65" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNCGL2ZTAS2GFF23QFT55UFWIDMI4ZJK/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00021.html" }, { "url": "https://www.debian.org/security/2023/dsa-5407" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KL2SJMZQ5T5JIH3PMQ2CGCY5TUUE255Y/" }, { "url": "https://security.gentoo.org/glsa/202401-06" } ], "source": { "advisory": "GHSA-gpxc-v2m8-fr3x", "discovery": "UNKNOWN" }, "title": "Command injection in cups-filters" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-24805", "datePublished": "2023-05-17T17:33:41.714Z", "dateReserved": "2023-01-30T14:43:33.703Z", "dateUpdated": "2024-08-02T11:03:19.260Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29406
Vulnerability from cvelistv5
Published
2023-07-11 19:23
Modified
2024-11-07 15:39
Severity ?
EPSS score ?
Summary
The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | net/http |
Version: 0 ≤ Version: 1.20.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:45.735Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/60374" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/506996" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-1878" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230814-0002/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-29406", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-07T15:39:42.813114Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-07T15:39:53.007Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "net/http", "product": "net/http", "programRoutines": [ { "name": "Request.write" }, { "name": "Client.CloseIdleConnections" }, { "name": "Client.Do" }, { "name": "Client.Get" }, { "name": "Client.Head" }, { "name": "Client.Post" }, { "name": "Client.PostForm" }, { "name": "Get" }, { "name": "Head" }, { "name": "Post" }, { "name": "PostForm" }, { "name": "Request.Write" }, { "name": "Request.WriteProxy" }, { "name": "Transport.CancelRequest" }, { "name": "Transport.CloseIdleConnections" }, { "name": "Transport.RoundTrip" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.19.11", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.6", "status": "affected", "version": "1.20.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Bartek Nowotarski" } ], "descriptions": [ { "lang": "en", "value": "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-11T19:23:58.511Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/60374" }, { "url": "https://go.dev/cl/506996" }, { "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0" }, { "url": "https://pkg.go.dev/vuln/GO-2023-1878" }, { "url": "https://security.netapp.com/advisory/ntap-20230814-0002/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Insufficient sanitization of Host header in net/http" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-29406", "datePublished": "2023-07-11T19:23:58.511Z", "dateReserved": "2023-04-05T19:36:35.043Z", "dateUpdated": "2024-11-07T15:39:53.007Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32206
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.021Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1570651" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20230215 curl: CVE-2023-23916: HTTP multi-header compression denial of service", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/02/15/3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 7.84.0" } ] } ], "descriptions": [ { "lang": "en", "value": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling (CWE-770)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-15T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1570651" }, { "name": "FEDORA-2022-1b3d7f6973", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/" }, { "name": "DSA-5197", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5197" }, { "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0003/" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf" }, { "name": "GLSA-202212-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-01" }, { "name": "[oss-security] 20230215 curl: CVE-2023-23916: HTTP multi-header compression denial of service", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/02/15/3" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32206", "datePublished": "2022-07-07T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.021Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-22081
Vulnerability from cvelistv5
Published
2023-10-17 21:02
Modified
2024-08-02 09:59
Severity ?
EPSS score ?
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u381 Version: Oracle Java SE:8u381-perf Version: Oracle Java SE:11.0.20 Version: Oracle Java SE:17.0.8 Version: Oracle Java SE:21 Version: Oracle GraalVM for JDK:17.0.8 Version: Oracle GraalVM for JDK:21 Version: Oracle GraalVM Enterprise Edition:20.3.11 Version: Oracle GraalVM Enterprise Edition:21.3.7 Version: Oracle GraalVM Enterprise Edition:22.3.3 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:59:29.109Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5537" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5548" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u381" }, { "status": "affected", "version": "Oracle Java SE:8u381-perf" }, { "status": "affected", "version": "Oracle Java SE:11.0.20" }, { "status": "affected", "version": "Oracle Java SE:17.0.8" }, { "status": "affected", "version": "Oracle Java SE:21" }, { "status": "affected", "version": "Oracle GraalVM for JDK:17.0.8" }, { "status": "affected", "version": "Oracle GraalVM for JDK:21" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.11" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.7" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:22.3.3" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-08T04:14:14.116Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "url": "https://www.debian.org/security/2023/dsa-5537" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html" }, { "url": "https://www.debian.org/security/2023/dsa-5548" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-22081", "datePublished": "2023-10-17T21:02:56.346Z", "dateReserved": "2022-12-17T19:26:00.759Z", "dateUpdated": "2024-08-02T09:59:29.109Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-48337
Vulnerability from cvelistv5
Published
2023-02-20 00:00
Modified
2024-08-03 15:10
Severity ?
EPSS score ?
Summary
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:10:59.761Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c" }, { "name": "DSA-5360", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5360" }, { "name": "[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html" }, { "name": "FEDORA-2023-5763445abe", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/" }, { "name": "FEDORA-2023-29df561f1d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the \"etags -u *\" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-14T02:06:13.683266", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c" }, { "name": "DSA-5360", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5360" }, { "name": "[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html" }, { "name": "FEDORA-2023-5763445abe", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/" }, { "name": "FEDORA-2023-29df561f1d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-48337", "datePublished": "2023-02-20T00:00:00", "dateReserved": "2023-02-20T00:00:00", "dateUpdated": "2024-08-03T15:10:59.761Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-37207
Vulnerability from cvelistv5
Published
2023-07-05 08:52
Modified
2024-11-20 21:36
Severity ?
EPSS score ?
Summary
A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 115 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:09:32.878Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1816287" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5450" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5451" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-37207", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-20T21:36:31.471256Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-20T21:36:40.562Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "115", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Shaheen Fazim" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "value": "A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "problemTypes": [ { "descriptions": [ { "description": "Fullscreen notification obscured", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-05T08:52:52.315Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1816287" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "url": "https://www.debian.org/security/2023/dsa-5450" }, { "url": "https://www.debian.org/security/2023/dsa-5451" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-37207", "datePublished": "2023-07-05T08:52:52.315Z", "dateReserved": "2023-06-28T18:07:02.266Z", "dateUpdated": "2024-11-20T21:36:40.562Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32559
Vulnerability from cvelistv5
Published
2023-08-24 01:23
Modified
2024-10-03 13:38
Severity ?
EPSS score ?
Summary
A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:18:37.607Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1946470" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231006-0006/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "nodejs", "vendor": "nodejs", "versions": [ { "lessThan": "16.20.1", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "18.17.0", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "20.5.0", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-32559", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-03T13:34:58.374555Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T13:38:25.120Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThanOrEqual": "20.5.0", "status": "affected", "version": "20.5.0", "versionType": "semver" }, { "lessThanOrEqual": "18.17.0", "status": "affected", "version": "18.17.0", "versionType": "semver" }, { "lessThanOrEqual": "16.20.1", "status": "affected", "version": "16.20.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding(\u0027spawn_sync\u0027)` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2023-08-24T01:23:29.038Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1946470" }, { "url": "https://security.netapp.com/advisory/ntap-20231006-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-32559", "datePublished": "2023-08-24T01:23:29.038Z", "dateReserved": "2023-05-10T01:00:12.523Z", "dateUpdated": "2024-10-03T13:38:25.120Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2911
Vulnerability from cvelistv5
Published
2023-06-21 16:26
Modified
2024-12-06 18:32
Severity ?
EPSS score ?
Summary
If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow.
This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:41:03.760Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CVE-2023-2911", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://kb.isc.org/docs/cve-2023-2911" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/06/21/6" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5439" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230703-0010/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-2911", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-06T18:32:18.833805Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-06T18:32:26.092Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "BIND 9", "vendor": "ISC", "versions": [ { "lessThanOrEqual": "9.16.41", "status": "affected", "version": "9.16.33", "versionType": "custom" }, { "lessThanOrEqual": "9.18.15", "status": "affected", "version": "9.18.7", "versionType": "custom" }, { "lessThanOrEqual": "9.16.41-S1", "status": "affected", "version": "9.16.33-S1", "versionType": "custom" }, { "lessThanOrEqual": "9.18.15-S1", "status": "affected", "version": "9.18.11-S1", "versionType": "custom" } ] } ], "datePublic": "2023-06-21T00:00:00Z", "descriptions": [ { "lang": "en", "value": "If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow.\nThis issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1." } ], "exploits": [ { "lang": "en", "value": "This flaw was discovered in internal testing. We are not aware of any active exploits." } ], "impacts": [ { "descriptions": [ { "lang": "en", "value": "By sending specific queries to the resolver, an attacker can cause `named` to terminate unexpectedly." } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "providerMetadata": { "dateUpdated": "2023-06-21T16:26:36.587Z", "orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc" }, "references": [ { "name": "CVE-2023-2911", "tags": [ "vendor-advisory" ], "url": "https://kb.isc.org/docs/cve-2023-2911" }, { "url": "http://www.openwall.com/lists/oss-security/2023/06/21/6" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/" }, { "url": "https://www.debian.org/security/2023/dsa-5439" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/" }, { "url": "https://security.netapp.com/advisory/ntap-20230703-0010/" } ], "solutions": [ { "lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.42, 9.18.16, 9.16.42-S1, or 9.18.16-S1." } ], "source": { "discovery": "INTERNAL" }, "title": "Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0", "workarounds": [ { "lang": "en", "value": "Setting `stale-answer-client-timeout` to `off` or to a non-zero value prevents the issue.\n\nUsers of versions 9.18.10, 9.16.36, 9.16.36-S1 or older who are unable to upgrade should set `stale-answer-client-timeout` to `off`; using a non-zero value with these older versions leaves `named` vulnerable to CVE-2022-3924.\n\nAlthough it is possible to set the `recursive-clients` limit to a high number to reduce the likelihood of this scenario, this is not recommended; the limit on `recursive-clients` is important for preventing exhaustion of server resources. The limit cannot be disabled entirely." } ] } }, "cveMetadata": { "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "cveId": "CVE-2023-2911", "datePublished": "2023-06-21T16:26:36.587Z", "dateReserved": "2023-05-26T11:20:45.872Z", "dateUpdated": "2024-12-06T18:32:26.092Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4049
Vulnerability from cvelistv5
Published
2023-08-01 14:58
Modified
2024-10-22 15:11
Severity ?
EPSS score ?
Summary
Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:11.564Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842658" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5464" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5469" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-4049", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T15:10:50.908793Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-22T15:11:45.370Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Nika Layzell" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "value": "Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Fix potential race conditions when releasing platform objects", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-01T14:58:07.699Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842658" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.debian.org/security/2023/dsa-5464" }, { "url": "https://www.debian.org/security/2023/dsa-5469" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4049", "datePublished": "2023-08-01T14:58:07.699Z", "dateReserved": "2023-08-01T14:57:51.704Z", "dateUpdated": "2024-10-22T15:11:45.370Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-34969
Vulnerability from cvelistv5
Published
2023-06-08 00:00
Modified
2024-08-02 16:17
Severity ?
EPSS score ?
Summary
D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:17:04.235Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.freedesktop.org/dbus/dbus/-/issues/457" }, { "name": "FEDORA-2023-d22162d9ba", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZYCDRMD7B4XO4HF6C6YTLH4YUD7TANP/" }, { "name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3628-1] dbus security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00033.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231208-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-08T19:06:18.886572", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.freedesktop.org/dbus/dbus/-/issues/457" }, { "name": "FEDORA-2023-d22162d9ba", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZYCDRMD7B4XO4HF6C6YTLH4YUD7TANP/" }, { "name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3628-1] dbus security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00033.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231208-0007/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-34969", "datePublished": "2023-06-08T00:00:00", "dateReserved": "2023-06-08T00:00:00", "dateUpdated": "2024-08-02T16:17:04.235Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1393
Vulnerability from cvelistv5
Published
2023-03-30 00:00
Modified
2024-08-02 05:49
Severity ?
EPSS score ?
Summary
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | xorg-server |
Version: xorg-server 21.1.8 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:49:11.396Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/03/29/1" }, { "name": "FEDORA-2023-eb3c27ff25", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/" }, { "name": "FEDORA-2023-b7835960ac", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/" }, { "name": "FEDORA-2023-b87fd3a628", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/" }, { "name": "FEDORA-2023-f754e7abfd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/" }, { "name": "FEDORA-2023-66d5af0278", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/" }, { "name": "FEDORA-2023-239bae4b57", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/" }, { "name": "FEDORA-2023-fe18ae3e85", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/" }, { "name": "FEDORA-2023-6f3f9ee721", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/" }, { "name": "GLSA-202305-30", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-30" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "xorg-server", "vendor": "n/a", "versions": [ { "status": "affected", "version": "xorg-server 21.1.8" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-23T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://www.openwall.com/lists/oss-security/2023/03/29/1" }, { "name": "FEDORA-2023-eb3c27ff25", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/" }, { "name": "FEDORA-2023-b7835960ac", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/" }, { "name": "FEDORA-2023-b87fd3a628", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/" }, { "name": "FEDORA-2023-f754e7abfd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/" }, { "name": "FEDORA-2023-66d5af0278", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/" }, { "name": "FEDORA-2023-239bae4b57", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/" }, { "name": "FEDORA-2023-fe18ae3e85", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/" }, { "name": "FEDORA-2023-6f3f9ee721", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/" }, { "name": "GLSA-202305-30", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-30" }, { "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-1393", "datePublished": "2023-03-30T00:00:00", "dateReserved": "2023-03-14T00:00:00", "dateUpdated": "2024-08-02T05:49:11.396Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1175
Vulnerability from cvelistv5
Published
2023-03-04 00:00
Modified
2024-08-02 05:40
Severity ?
EPSS score ?
Summary
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:40:58.018Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7e93fc17-92eb-4ae7-b01a-93bb460b643e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c99cbf8f289bdda5d4a77d7ec415850a520330ba" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1378", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-131", "description": "CWE-131 Incorrect Calculation of Buffer Size", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7e93fc17-92eb-4ae7-b01a-93bb460b643e" }, { "url": "https://github.com/vim/vim/commit/c99cbf8f289bdda5d4a77d7ec415850a520330ba" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "source": { "advisory": "7e93fc17-92eb-4ae7-b01a-93bb460b643e", "discovery": "EXTERNAL" }, "title": "Incorrect Calculation of Buffer Size in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1175", "datePublished": "2023-03-04T00:00:00", "dateReserved": "2023-03-04T00:00:00", "dateUpdated": "2024-08-02T05:40:58.018Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1170
Vulnerability from cvelistv5
Published
2023-03-03 00:00
Modified
2024-08-02 05:40
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:40:58.916Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/286e0090-e654-46d2-ac60-29f81799d0a4" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/1c73b65229c25e3c1fd8824ba958f7cc4d604f9c" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1376", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/286e0090-e654-46d2-ac60-29f81799d0a4" }, { "url": "https://github.com/vim/vim/commit/1c73b65229c25e3c1fd8824ba958f7cc4d604f9c" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "286e0090-e654-46d2-ac60-29f81799d0a4", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1170", "datePublished": "2023-03-03T00:00:00", "dateReserved": "2023-03-03T00:00:00", "dateUpdated": "2024-08-02T05:40:58.916Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2858
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 06:33
Severity ?
EPSS score ?
Summary
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Wireshark Foundation | Wireshark |
Version: >=4.0.0, <4.0.6 Version: >=3.6.0, <3.6.14 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:33:05.827Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-15.html" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19081" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2858.json" }, { "name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html" }, { "name": "DSA-5429", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [ { "status": "affected", "version": "\u003e=4.0.0, \u003c4.0.6" }, { "status": "affected", "version": "\u003e=3.6.0, \u003c3.6.14" } ] } ], "credits": [ { "lang": "en", "value": "Huascar Tejeda" } ], "descriptions": [ { "lang": "en", "value": "NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer over-read in Wireshark", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-17T06:06:18.422481", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://www.wireshark.org/security/wnpa-sec-2023-15.html" }, { "url": "https://gitlab.com/wireshark/wireshark/-/issues/19081" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2858.json" }, { "name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html" }, { "name": "DSA-5429", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202309-02" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-2858", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-05-24T00:00:00", "dateUpdated": "2024-08-02T06:33:05.827Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-37211
Vulnerability from cvelistv5
Published
2023-07-05 09:00
Modified
2024-11-20 21:33
Severity ?
EPSS score ?
Summary
Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 115 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:09:32.968Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13", "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5450" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5451" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-37211", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-20T21:32:28.535383Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-20T21:33:23.076Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "115", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Andrew McCreight, Matthew Gaudet, Tom Ritter, and the Mozilla Fuzzing Team," } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "value": "Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-05T09:00:58.955Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "name": "Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13", "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "url": "https://www.debian.org/security/2023/dsa-5450" }, { "url": "https://www.debian.org/security/2023/dsa-5451" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-37211", "datePublished": "2023-07-05T09:00:58.955Z", "dateReserved": "2023-06-28T18:07:02.266Z", "dateUpdated": "2024-11-20T21:33:23.076Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4055
Vulnerability from cvelistv5
Published
2023-08-01 15:01
Modified
2024-10-22 14:35
Severity ?
EPSS score ?
Summary
When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:11.427Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1782561" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5464" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5469" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox_esr", "vendor": "mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4055", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T14:30:02.356531Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-22T14:35:20.808Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Marco Squarcina" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When the number of cookies per domain was exceeded in \u003ccode\u003edocument.cookie\u003c/code\u003e, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "value": "When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Cookie jar overflow caused unexpected cookie jar state", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-01T15:01:20.220Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1782561" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.debian.org/security/2023/dsa-5464" }, { "url": "https://www.debian.org/security/2023/dsa-5469" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4055", "datePublished": "2023-08-01T15:01:20.220Z", "dateReserved": "2023-08-01T15:00:27.480Z", "dateUpdated": "2024-10-22T14:35:20.808Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32681
Vulnerability from cvelistv5
Published
2023-05-26 17:02
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:36.610Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q" }, { "name": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5" }, { "name": "https://github.com/psf/requests/releases/tag/v2.31.0", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/psf/requests/releases/tag/v2.31.0" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-08" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "requests", "vendor": "psf", "versions": [ { "status": "affected", "version": "\u003e= 2.3.0, \u003c 2.31.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-26T17:02:52.899Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q" }, { "name": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5" }, { "name": "https://github.com/psf/requests/releases/tag/v2.31.0", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/psf/requests/releases/tag/v2.31.0" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html" }, { "url": "https://security.gentoo.org/glsa/202309-08" } ], "source": { "advisory": "GHSA-j8r2-6x86-q33q", "discovery": "UNKNOWN" }, "title": "Unintended leak of Proxy-Authorization header in requests" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-32681", "datePublished": "2023-05-26T17:02:52.899Z", "dateReserved": "2023-05-11T16:33:45.731Z", "dateUpdated": "2024-08-02T15:25:36.610Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0054
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-02 04:54
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T04:54:32.644Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1145", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d" }, { "url": "https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "source": { "advisory": "b289ee0f-fd16-4147-bd01-c6289c45e49d", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0054", "datePublished": "2023-01-04T00:00:00", "dateReserved": "2023-01-04T00:00:00", "dateUpdated": "2024-08-02T04:54:32.644Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-46784
Vulnerability from cvelistv5
Published
2022-07-17 00:00
Modified
2024-08-04 05:17
Severity ?
EPSS score ?
Summary
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:17:42.311Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/squid-cache/squid/commit/5e2ea2b13bd98f53e29964ca26bb0d602a8a12b9" }, { "tags": [ "x_transferred" ], "url": "http://www.squid-cache.org/Versions/v4/changesets/SQUID-2021_7.patch" }, { "tags": [ "x_transferred" ], "url": "http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch" }, { "tags": [ "x_transferred" ], "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w" }, { "tags": [ "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-46784" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221223-0007/" }, { "name": "[oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/1" }, { "name": "[oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/10" }, { "name": "[oss-security] 20231021 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/21/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-21T23:06:16.659186", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/squid-cache/squid/commit/5e2ea2b13bd98f53e29964ca26bb0d602a8a12b9" }, { "url": "http://www.squid-cache.org/Versions/v4/changesets/SQUID-2021_7.patch" }, { "url": "http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch" }, { "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w" }, { "url": "https://security-tracker.debian.org/tracker/CVE-2021-46784" }, { "url": "https://security.netapp.com/advisory/ntap-20221223-0007/" }, { "name": "[oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/1" }, { "name": "[oss-security] 20231013 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/10" }, { "name": "[oss-security] 20231021 Re: Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days.", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/10/21/1" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-46784", "datePublished": "2022-07-17T00:00:00", "dateReserved": "2022-04-21T00:00:00", "dateUpdated": "2024-08-04T05:17:42.311Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36664
Vulnerability from cvelistv5
Published
2023-06-25 00:00
Modified
2024-12-05 14:54
Severity ?
EPSS score ?
Summary
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:52:54.110Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706761" }, { "tags": [ "x_transferred" ], "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=505eab7782b429017eb434b2b95120855f2b0e3c" }, { "tags": [ "x_transferred" ], "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0974e4f2ac0005d3731e0b5c13ebc7e965540f4d" }, { "name": "DSA-5446", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5446" }, { "name": "FEDORA-2023-d8a1c3e5e2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5EWMEK2UPCUU3ZLL7VASE5CEHDQY4VKV/" }, { "name": "FEDORA-2023-83c805b441", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICXN5VPF3WJCYKMPSYER5KHTPJXSTJZ/" }, { "name": "GLSA-202309-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-03" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-36664", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-05T14:54:02.927222Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-05T14:54:10.977Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-17T06:06:40.169979", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706761" }, { "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=505eab7782b429017eb434b2b95120855f2b0e3c" }, { "url": "https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0974e4f2ac0005d3731e0b5c13ebc7e965540f4d" }, { "name": "DSA-5446", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5446" }, { "name": "FEDORA-2023-d8a1c3e5e2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5EWMEK2UPCUU3ZLL7VASE5CEHDQY4VKV/" }, { "name": "FEDORA-2023-83c805b441", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICXN5VPF3WJCYKMPSYER5KHTPJXSTJZ/" }, { "name": "GLSA-202309-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202309-03" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-36664", "datePublished": "2023-06-25T00:00:00", "dateReserved": "2023-06-25T00:00:00", "dateUpdated": "2024-12-05T14:54:10.977Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2855
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 06:33
Severity ?
EPSS score ?
Summary
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Wireshark Foundation | Wireshark |
Version: >=4.0.0, <4.0.6 Version: >=3.6.0, <3.6.14 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:33:05.827Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-12.html" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19062" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json" }, { "name": "DSA-5429", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [ { "status": "affected", "version": "\u003e=4.0.0, \u003c4.0.6" }, { "status": "affected", "version": "\u003e=3.6.0, \u003c3.6.14" } ] } ], "credits": [ { "lang": "en", "value": "Huascar Tejeda" } ], "descriptions": [ { "lang": "en", "value": "Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer over-read in Wireshark", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-17T06:06:34.910049", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://www.wireshark.org/security/wnpa-sec-2023-12.html" }, { "url": "https://gitlab.com/wireshark/wireshark/-/issues/19062" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json" }, { "name": "DSA-5429", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202309-02" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-2855", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-05-24T00:00:00", "dateUpdated": "2024-08-02T06:33:05.827Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0666
Vulnerability from cvelistv5
Published
2023-06-07 02:25
Modified
2024-08-02 05:17
Severity ?
EPSS score ?
Summary
Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
References
▼ | URL | Tags |
---|---|---|
https://takeonme.org/cves/CVE-2023-0666.html | third-party-advisory | |
https://gitlab.com/wireshark/wireshark/-/issues/19085 | issue-tracking | |
https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html | release-notes | |
https://www.wireshark.org/security/wnpa-sec-2023-18.html | vendor-advisory | |
https://www.debian.org/security/2023/dsa-5429 | ||
https://security.gentoo.org/glsa/202309-02 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Wireshark Foundation | Wireshark |
Version: 4.0.0 ≤ 4.0.5 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:17:50.337Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://takeonme.org/cves/CVE-2023-0666.html" }, { "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19085" }, { "tags": [ "release-notes", "x_transferred" ], "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-18.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [ { "lessThanOrEqual": "4.0.5", "status": "affected", "version": "4.0.0", "versionType": "semver" }, { "status": "unaffected", "version": "4.0.6" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!" }, { "lang": "en", "type": "coordinator", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!" } ], "datePublic": "2023-05-22T19:04:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark." } ], "value": "Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark." } ], "impacts": [ { "capecId": "CAPEC-100", "descriptions": [ { "lang": "en", "value": "CAPEC-100 Overflow Buffers" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-07T02:42:41.249Z", "orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://takeonme.org/cves/CVE-2023-0666.html" }, { "tags": [ "issue-tracking" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19085" }, { "tags": [ "release-notes" ], "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html" }, { "tags": [ "vendor-advisory" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-18.html" }, { "url": "https://www.debian.org/security/2023/dsa-5429" }, { "url": "https://security.gentoo.org/glsa/202309-02" } ], "source": { "discovery": "EXTERNAL" }, "title": "Wireshark RTPS Parsing Buffer Overflow", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "assignerShortName": "AHA", "cveId": "CVE-2023-0666", "datePublished": "2023-06-07T02:25:27.974Z", "dateReserved": "2023-02-03T22:06:14.542Z", "dateUpdated": "2024-08-02T05:17:50.337Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-44917
Vulnerability from cvelistv5
Published
2021-12-21 19:57
Modified
2024-08-04 04:32
Severity ?
EPSS score ?
Summary
A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash.
References
▼ | URL | Tags |
---|---|---|
https://sourceforge.net/p/gnuplot/bugs/2358/ | x_refsource_MISC | |
https://sourceforge.net/p/gnuplot/bugs/2474/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:32:13.250Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://sourceforge.net/p/gnuplot/bugs/2358/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://sourceforge.net/p/gnuplot/bugs/2474/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-04T16:09:34", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://sourceforge.net/p/gnuplot/bugs/2358/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://sourceforge.net/p/gnuplot/bugs/2474/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-44917", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://sourceforge.net/p/gnuplot/bugs/2358/", "refsource": "MISC", "url": "https://sourceforge.net/p/gnuplot/bugs/2358/" }, { "name": "https://sourceforge.net/p/gnuplot/bugs/2474/", "refsource": "MISC", "url": "https://sourceforge.net/p/gnuplot/bugs/2474/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-44917", "datePublished": "2021-12-21T19:57:14", "dateReserved": "2021-12-13T00:00:00", "dateUpdated": "2024-08-04T04:32:13.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30582
Vulnerability from cvelistv5
Published
2024-09-07 16:00
Modified
2024-09-26 15:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file watching through the fs.watchFile API. As a result, malicious actors can monitor files that they do not have explicit read access to.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "nodejs", "vendor": "nodejs", "versions": [ { "lessThan": "20.3.1", "status": "affected", "version": "20.0", "versionType": "semver" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2023-30582", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-09T18:09:51.490438Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-09T18:20:15.025Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-09-26T15:03:03.244Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240926-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThan": "20.3.1", "status": "affected", "version": "20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file watching through the fs.watchFile API. As a result, malicious actors can monitor files that they do not have explicit read access to.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2024-09-07T16:00:35.978Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30582", "datePublished": "2024-09-07T16:00:35.978Z", "dateReserved": "2023-04-13T01:00:12.085Z", "dateUpdated": "2024-09-26T15:03:03.244Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4576
Vulnerability from cvelistv5
Published
2023-09-11 08:00
Modified
2024-09-26 15:03
Severity ?
EPSS score ?
Summary
On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 117 |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.602Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846694" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "117", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox_esr", "vendor": "mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.2", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "thunderbird", "vendor": "mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4576", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:57:46.688185Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:03:13.589Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "117", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "fffvr" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "On Windows, an integer overflow could occur in \u003ccode\u003eRecordedSourceSurfaceCreation\u003c/code\u003e which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.\u003cbr\u003e*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "value": "On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "problemTypes": [ { "descriptions": [ { "description": "Integer Overflow in RecordedSourceSurfaceCreation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:38:10.089Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846694" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4576", "datePublished": "2023-09-11T08:00:51.770Z", "dateReserved": "2023-08-29T03:36:40.370Z", "dateUpdated": "2024-09-26T15:03:13.589Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-37208
Vulnerability from cvelistv5
Published
2023-07-05 08:54
Modified
2024-11-20 21:35
Severity ?
EPSS score ?
Summary
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 115 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:09:33.201Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1837675" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5450" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5451" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-37208", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-20T21:34:29.247769Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-20T21:35:10.883Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "115", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.13", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "P Umar Farooq" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "value": "When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox \u003c 115, Firefox ESR \u003c 102.13, and Thunderbird \u003c 102.13." } ], "problemTypes": [ { "descriptions": [ { "description": "Lack of warning when opening Diagcab files", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-12T14:07:05.749Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1837675" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html" }, { "url": "https://www.debian.org/security/2023/dsa-5450" }, { "url": "https://www.debian.org/security/2023/dsa-5451" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-22/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-23/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-24/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-37208", "datePublished": "2023-07-05T08:54:19.005Z", "dateReserved": "2023-06-28T18:07:02.266Z", "dateUpdated": "2024-11-20T21:35:10.883Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-34241
Vulnerability from cvelistv5
Published
2023-06-22 22:39
Modified
2024-12-10 20:49
Severity ?
EPSS score ?
Summary
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process.
The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`.
Version 2.4.6 has a patch for this issue.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | OpenPrinting | cups |
Version: >= 2.0.0, < 2.4.6 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:01:54.315Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25" }, { "name": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2" }, { "name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/06/23/10" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/06/26/1" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00038.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7I7DWGYGEMBNLZF5UQBMF3SONR37YUBN/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213843" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-34241", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-10T20:49:43.499652Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-10T20:49:51.464Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "cups", "vendor": "OpenPrinting", "versions": [ { "status": "affected", "version": "\u003e= 2.0.0, \u003c 2.4.6" } ] } ], "descriptions": [ { "lang": "en", "value": "OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process.\n\nThe exact cause of this issue is the function `httpClose(con-\u003ehttp)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`.\n\nVersion 2.4.6 has a patch for this issue." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-22T22:39:32.400Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25" }, { "name": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2" }, { "name": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/OpenPrinting/cups/releases/tag/v2.4.6" }, { "url": "http://www.openwall.com/lists/oss-security/2023/06/23/10" }, { "url": "http://www.openwall.com/lists/oss-security/2023/06/26/1" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00038.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7I7DWGYGEMBNLZF5UQBMF3SONR37YUBN/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" } ], "source": { "advisory": "GHSA-qjgh-5hcq-5f25", "discovery": "UNKNOWN" }, "title": "CUPS vulnerable to use-after-free in cupsdAcceptClient()" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-34241", "datePublished": "2023-06-22T22:39:32.400Z", "dateReserved": "2023-05-31T13:51:51.171Z", "dateUpdated": "2024-12-10T20:49:51.464Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1981
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 06:05
Severity ?
EPSS score ?
Summary
A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:05:27.096Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-1981" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185911" }, { "tags": [ "x_transferred" ], "url": "https://github.com/lathiat/avahi/issues/375" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "avahi", "vendor": "n/a", "versions": [ { "status": "affected", "version": "avahi-0.7-20" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-26T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-1981" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185911" }, { "url": "https://github.com/lathiat/avahi/issues/375" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-1981", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-04-11T00:00:00", "dateUpdated": "2024-08-02T06:05:27.096Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32005
Vulnerability from cvelistv5
Published
2023-09-12 01:36
Modified
2024-09-26 14:44
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument.
This flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.statfs` API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to.
This vulnerability affects all users using the experimental permission model in Node.js 20.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.786Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/2051224" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231103-0004/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-32005", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T14:44:42.313206Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T14:44:50.266Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThanOrEqual": "20.5.0", "status": "affected", "version": "20.5.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument.\n\nThis flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.statfs` API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2023-09-12T01:36:55.851Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/2051224" }, { "url": "https://security.netapp.com/advisory/ntap-20231103-0004/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-32005", "datePublished": "2023-09-12T01:36:55.851Z", "dateReserved": "2023-05-01T01:00:12.220Z", "dateUpdated": "2024-09-26T14:44:50.266Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32558
Vulnerability from cvelistv5
Published
2023-09-12 01:36
Modified
2024-10-25 13:07
Severity ?
EPSS score ?
Summary
The use of the deprecated API `process.binding()` can bypass the permission model through path traversal.
This vulnerability affects all users using the experimental permission model in Node.js 20.x.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-10-25T13:07:29.559Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/2051257" }, { "url": "https://security.netapp.com/advisory/ntap-20241025-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThanOrEqual": "20.5.0", "status": "affected", "version": "20.5.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "The use of the deprecated API `process.binding()` can bypass the permission model through path traversal. \n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.x.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js." } ], "providerMetadata": { "dateUpdated": "2023-09-12T01:36:55.861Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/2051257" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-32558", "datePublished": "2023-09-12T01:36:55.861Z", "dateReserved": "2023-05-10T01:00:12.523Z", "dateUpdated": "2024-10-25T13:07:29.559Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-41080
Vulnerability from cvelistv5
Published
2023-08-25 20:39
Modified
2024-09-27 18:43
Severity ?
EPSS score ?
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.
The vulnerability is limited to the ROOT (default) web application.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Tomcat |
Version: 11.0.0-M1 ≤ 11.0.0-M10 Version: 10.1.0-M1 ≤ 10.0.12 Version: 9.0.0-M1 ≤ 9.0.79 Version: 8.5.0 ≤ 8.5.92 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:46:11.691Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230921-0006/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5521" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-41080", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-27T18:42:58.974327Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-27T18:43:12.433Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "11.0.0-M10", "status": "affected", "version": "11.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "10.0.12", "status": "affected", "version": "10.1.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "9.0.79", "status": "affected", "version": "9.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "8.5.92", "status": "affected", "version": "8.5.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "This vulnerability was reported responsibly to the Tomcat security team by Yiheng Cao." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in FORM authentication feature Apache Tomcat.\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.\u003c/p\u003eThe vulnerability is limited to the ROOT (default) web application." } ], "value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.\n\nThe vulnerability is limited to the ROOT (default) web application." } ], "metrics": [ { "other": { "content": { "text": "moderate" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-25T20:39:36.584Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f" }, { "url": "https://security.netapp.com/advisory/ntap-20230921-0006/" }, { "url": "https://www.debian.org/security/2023/dsa-5522" }, { "url": "https://www.debian.org/security/2023/dsa-5521" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" } ], "source": { "discovery": "EXTERNAL" }, "title": "Apache Tomcat: Open redirect with FORM authentication", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-41080", "datePublished": "2023-08-25T20:39:36.584Z", "dateReserved": "2023-08-22T18:21:35.140Z", "dateUpdated": "2024-09-27T18:43:12.433Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30585
Vulnerability from cvelistv5
Published
2023-11-28 01:23
Modified
2024-08-02 14:28
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in the Node.js (.msi version) installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the "msiexec.exe" process, running under the NT AUTHORITY\SYSTEM context, attempts to read the %USERPROFILE% environment variable from the current user's registry.
The issue arises when the path referenced by the %USERPROFILE% environment variable does not exist. In such cases, the "msiexec.exe" process attempts to create the specified path in an unsafe manner, potentially leading to the creation of arbitrary folders in arbitrary locations.
The severity of this vulnerability is heightened by the fact that the %USERPROFILE% environment variable in the Windows registry can be modified by standard (or "non-privileged") users. Consequently, unprivileged actors, including malicious entities or trojans, can manipulate the environment variable key to deceive the privileged "msiexec.exe" process. This manipulation can result in the creation of folders in unintended and potentially malicious locations.
It is important to note that this vulnerability is specific to Windows users who install Node.js using the .msi installer. Users who opt for other installation methods are not affected by this particular issue.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:28:51.579Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Node.js", "vendor": "Node.js", "versions": [ { "lessThan": "16.20.1", "status": "affected", "version": "16.20.1", "versionType": "semver" }, { "lessThan": "18.16.1", "status": "affected", "version": "18.16.1", "versionType": "semver" }, { "lessThan": "20.3.1", "status": "affected", "version": "20.3.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in the Node.js (.msi version) installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the \"msiexec.exe\" process, running under the NT AUTHORITY\\SYSTEM context, attempts to read the %USERPROFILE% environment variable from the current user\u0027s registry.\n\nThe issue arises when the path referenced by the %USERPROFILE% environment variable does not exist. In such cases, the \"msiexec.exe\" process attempts to create the specified path in an unsafe manner, potentially leading to the creation of arbitrary folders in arbitrary locations.\n\nThe severity of this vulnerability is heightened by the fact that the %USERPROFILE% environment variable in the Windows registry can be modified by standard (or \"non-privileged\") users. Consequently, unprivileged actors, including malicious entities or trojans, can manipulate the environment variable key to deceive the privileged \"msiexec.exe\" process. This manipulation can result in the creation of folders in unintended and potentially malicious locations.\n\nIt is important to note that this vulnerability is specific to Windows users who install Node.js using the .msi installer. Users who opt for other installation methods are not affected by this particular issue." } ], "providerMetadata": { "dateUpdated": "2023-11-28T01:23:08.734Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30585", "datePublished": "2023-11-28T01:23:08.734Z", "dateReserved": "2023-04-13T01:00:12.086Z", "dateUpdated": "2024-08-02T14:28:51.579Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1906
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2024-08-02 06:05
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | ImageMagick |
Version: Fixed in ImageMagick v6.9.12-84, v 7.1.1-6. |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:05:27.068Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185714" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-1906" }, { "name": "FEDORA-2023-541c04817f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "ImageMagick", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in ImageMagick v6.9.12-84, v 7.1.1-6." } ] } ], "descriptions": [ { "lang": "en", "value": "A heap-based buffer overflow issue was discovered in ImageMagick\u0027s ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 - Heap-based Buffer Overflow, CWE-125 - Out-of-bounds Read.", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-16T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185714" }, { "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247" }, { "url": "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3" }, { "url": "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d" }, { "url": "https://access.redhat.com/security/cve/CVE-2023-1906" }, { "name": "FEDORA-2023-541c04817f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-1906", "datePublished": "2023-04-12T00:00:00", "dateReserved": "2023-04-06T00:00:00", "dateUpdated": "2024-08-02T06:05:27.068Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4048
Vulnerability from cvelistv5
Published
2023-08-01 14:57
Modified
2024-10-22 15:16
Severity ?
EPSS score ?
Summary
An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:10.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1841368" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5464" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5469" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox_esr", "vendor": "mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4048", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T15:12:49.143121Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-22T15:16:17.433Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Irvan Kurniawan" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "value": "An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Crash in DOMParser due to out-of-memory conditions", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-01T14:57:48.886Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1841368" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.debian.org/security/2023/dsa-5464" }, { "url": "https://www.debian.org/security/2023/dsa-5469" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4048", "datePublished": "2023-08-01T14:57:48.886Z", "dateReserved": "2023-08-01T14:57:37.412Z", "dateUpdated": "2024-10-22T15:16:17.433Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-22129
Vulnerability from cvelistv5
Published
2023-10-17 21:03
Modified
2024-09-13 15:41
Severity ?
EPSS score ?
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com/security-alerts/cpuoct2023.html | vendor-advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Solaris Operating System |
Version: 11 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:59:29.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-22129", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-13T15:38:22.290969Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-13T15:41:23.253Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Solaris Operating System", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. Note: This vunlerability only affects SPARC Systems. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-17T21:03:14.842Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2023.html" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-22129", "datePublished": "2023-10-17T21:03:14.842Z", "dateReserved": "2022-12-17T19:26:00.764Z", "dateUpdated": "2024-09-13T15:41:23.253Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32067
Vulnerability from cvelistv5
Published
2023-05-25 22:49
Modified
2024-08-02 15:03
Severity ?
EPSS score ?
Summary
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fedora", "vendor": "fedoraproject", "versions": [ { "status": "affected", "version": "37" } ] }, { "cpes": [ "cpe:2.3:a:c-ares:c-ares:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "c-ares", "vendor": "c-ares", "versions": [ { "lessThan": "1.19.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "fedora", "vendor": "fedoraproject", "versions": [ { "status": "affected", "version": "38" } ] }, { "cpes": [ "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "debian_linux", "vendor": "debian", "versions": [ { "status": "affected", "version": "10.0" }, { "status": "affected", "version": "11.0" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-32067", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-16T18:37:41.012008Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-16T18:42:36.162Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.668Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc" }, { "name": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5419" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00034.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-09" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240605-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "c-ares", "vendor": "c-ares", "versions": [ { "status": "affected", "version": "\u003c 1.19.1" } ] } ], "descriptions": [ { "lang": "en", "value": "c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-25T22:49:55.860Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc" }, { "name": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/" }, { "url": "https://www.debian.org/security/2023/dsa-5419" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00034.html" }, { "url": "https://security.gentoo.org/glsa/202310-09" }, { "url": "https://security.netapp.com/advisory/ntap-20240605-0004/" } ], "source": { "advisory": "GHSA-9g78-jv2r-p7vc", "discovery": "UNKNOWN" }, "title": "0-byte UDP payload DoS in c-ares" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-32067", "datePublished": "2023-05-25T22:49:55.860Z", "dateReserved": "2023-05-01T16:47:35.314Z", "dateUpdated": "2024-08-02T15:03:28.668Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32643
Vulnerability from cvelistv5
Published
2023-09-14 19:14
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-32643", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-14T17:30:47.183666Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:26:27.498Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:36.404Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2840" }, { "tags": [ "x_transferred" ], "url": "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240426-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "glib", "vendor": "glib", "versions": [ { "status": "unaffected", "version": "2.75.1" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665." } ], "value": "A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-14T19:21:23.514Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2840" }, { "url": "https://https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835" }, { "url": "https://security.netapp.com/advisory/ntap-20240426-0005/" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-32643", "datePublished": "2023-09-14T19:14:56.761Z", "dateReserved": "2023-05-30T11:48:42.107Z", "dateUpdated": "2024-08-02T15:25:36.404Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32611
Vulnerability from cvelistv5
Published
2023-09-14 19:07
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | n/a | glib2 | |||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:35.683Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-32611" }, { "name": "RHBZ#2211829", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211829" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2797" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0005/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-18" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "glib2", "vendor": "n/a" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "glib2", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "glib2", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "affected", "packageName": "glib2", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "glib2", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib", "product": "Extra Packages for Enterprise Linux", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "mingw-glib2", "product": "Fedora 38", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "mingw-glib2", "product": "Fedora 37", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib2", "product": "Fedora 37", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "glib2", "product": "Fedora 38", "vendor": "Fedora" } ], "credits": [ { "lang": "en", "value": "Upstream acknowledges William Manley as the original reporter." } ], "datePublic": "2022-12-14T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Low" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-14T19:07:19.011Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-32611" }, { "name": "RHBZ#2211829", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211829" }, { "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/2797" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00030.html" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0005/" }, { "url": "https://security.gentoo.org/glsa/202311-18" } ], "timeline": [ { "lang": "en", "time": "2023-05-24T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2022-12-14T00:00:00+00:00", "value": "Made public." } ], "title": "G_variant_byteswap() can take a long time with some non-normal inputs", "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-32611", "datePublished": "2023-09-14T19:07:19.011Z", "dateReserved": "2023-05-30T11:48:42.101Z", "dateUpdated": "2024-08-02T15:25:35.683Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31122
Vulnerability from cvelistv5
Published
2023-10-23 06:51
Modified
2024-09-17 13:47
Severity ?
EPSS score ?
Summary
Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 0 ≤ 2.4.57 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:25.498Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-31122", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-11T20:23:50.224711Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T13:47:23.424Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.57", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "David Shoon (github/davidshoon)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.\u003cp\u003eThis issue affects Apache HTTP Server: through 2.4.57.\u003c/p\u003e" } ], "value": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.\n\n" } ], "metrics": [ { "other": { "content": { "text": "low" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-23T06:51:59.705Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/" }, { "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html" } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2023-04-04T00:00:00.000Z", "value": "Reported to security team" } ], "title": "Apache HTTP Server: mod_macro buffer over-read", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-31122", "datePublished": "2023-10-23T06:51:59.705Z", "dateReserved": "2023-04-24T17:37:59.263Z", "dateUpdated": "2024-09-17T13:47:23.424Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4584
Vulnerability from cvelistv5
Published
2023-09-11 08:02
Modified
2024-08-02 07:31
Severity ?
EPSS score ?
Summary
Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 117 |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.567Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2", "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1843968%2C1845205%2C1846080%2C1846526%2C1847529" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "117", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.15", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "115.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Randell Jesup, Andrew McCreight, the Mozilla Fuzzing Team" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "value": "Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 102.15, Firefox ESR \u003c 115.2, Thunderbird \u003c 102.15, and Thunderbird \u003c 115.2." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:38:15.885Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "name": "Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2", "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1843968%2C1845205%2C1846080%2C1846526%2C1847529" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-35/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-36/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-37/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-38/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4584", "datePublished": "2023-09-11T08:02:21.634Z", "dateReserved": "2023-08-29T03:37:02.591Z", "dateUpdated": "2024-08-02T07:31:06.567Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4054
Vulnerability from cvelistv5
Published
2023-08-01 15:00
Modified
2024-10-22 14:37
Severity ?
EPSS score ?
Summary
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:11.488Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1840777" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-32/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-33/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-4054", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T14:37:04.189427Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-22T14:37:12.198Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "P Umar Farooq" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. \u003cbr\u003e*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, Firefox ESR \u003c 115.1, Thunderbird \u003c 102.14, and Thunderbird \u003c 115.1." } ], "value": "When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. \n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, Firefox ESR \u003c 115.1, Thunderbird \u003c 102.14, and Thunderbird \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Lack of warning when opening appref-ms files", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-07T13:19:25.268Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1840777" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-32/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-33/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4054", "datePublished": "2023-08-01T15:00:25.281Z", "dateReserved": "2023-08-01T14:59:56.295Z", "dateUpdated": "2024-10-22T14:37:12.198Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28319
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.1.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:24.827Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1913733" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213843" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" }, { "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.1.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A use after free vulnerability exists in curl \u003cv8.1.0 in the way libcurl offers a feature to verify an SSH server\u0027s public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "Use After Free (CWE-416)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T10:06:29.880561", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1913733" }, { "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-28319", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-03-14T00:00:00", "dateUpdated": "2024-08-02T12:38:24.827Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-27985
Vulnerability from cvelistv5
Published
2023-03-09 00:00
Modified
2024-08-02 12:23
Severity ?
EPSS score ?
Summary
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:23:30.841Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/03/08/2" }, { "tags": [ "x_transferred" ], "url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=d32091199ae5de590a83f1542a01d75fba000467" }, { "tags": [ "x_transferred" ], "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60204" }, { "name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/03/09/1" }, { "tags": [ "x_transferred" ], "url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-09T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.openwall.com/lists/oss-security/2023/03/08/2" }, { "url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=d32091199ae5de590a83f1542a01d75fba000467" }, { "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60204" }, { "name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/03/09/1" }, { "url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-27985", "datePublished": "2023-03-09T00:00:00", "dateReserved": "2023-03-09T00:00:00", "dateUpdated": "2024-08-02T12:23:30.841Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4056
Vulnerability from cvelistv5
Published
2023-08-01 15:01
Modified
2024-10-22 14:28
Severity ?
EPSS score ?
Summary
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 116 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:17:11.136Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14", "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5464" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5469" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox", "vendor": "mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "firefox_esr", "vendor": "mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "115.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4056", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T14:25:23.785975Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-22T14:28:29.772Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "116", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.14", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "115.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Dianna Smith, Ryan VanderMeulen, Timothy Nikkel, and the Mozilla Fuzzing Team" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "value": "Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 116, Firefox ESR \u003c 102.14, and Firefox ESR \u003c 115.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-01T15:01:39.855Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "name": "Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14", "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-30/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-31/" }, { "url": "https://www.debian.org/security/2023/dsa-5464" }, { "url": "https://www.debian.org/security/2023/dsa-5469" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-4056", "datePublished": "2023-08-01T15:01:39.855Z", "dateReserved": "2023-08-01T15:01:22.111Z", "dateUpdated": "2024-10-22T14:28:29.772Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28322
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/curl/curl |
Version: Fixed in 8.1.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:25.091Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1954658" }, { "name": "FEDORA-2023-37eac50e9b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "name": "FEDORA-2023-8ed627bb04", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213843" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" }, { "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "name": "[debian-lts-announce] 20231222 [SECURITY] [DLA 3692-1] curl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/curl/curl", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 8.1.0" } ] } ], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists in curl \u003cv8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "Information Disclosure (CWE-200)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-22T16:06:14.746366", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1954658" }, { "name": "FEDORA-2023-37eac50e9b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/" }, { "name": "FEDORA-2023-8ed627bb04", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/" }, { "url": "https://security.netapp.com/advisory/ntap-20230609-0009/" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" }, { "name": "20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/52" }, { "name": "20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/48" }, { "name": "20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Jul/47" }, { "name": "GLSA-202310-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-12" }, { "name": "[debian-lts-announce] 20231222 [SECURITY] [DLA 3692-1] curl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-28322", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-03-14T00:00:00", "dateUpdated": "2024-08-02T12:38:25.091Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30589
Vulnerability from cvelistv5
Published
2023-06-30 23:39
Modified
2024-08-02 14:28
Severity ?
EPSS score ?
Summary
The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).
The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Node.js | https://github.com/nodejs/node |
Version: v20.3.1 ≤ Version: v18.16.1 ≤ Version: v16.20.1 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:28:51.669Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/2001873" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230803-0009/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "https://github.com/nodejs/node", "vendor": "Node.js", "versions": [ { "lessThan": "v20.3.1", "status": "affected", "version": "v20.3.1", "versionType": "semver" }, { "lessThan": "v18.16.1", "status": "affected", "version": "v18.16.1", "versionType": "semver" }, { "lessThan": "v16.20.1", "status": "affected", "version": "v16.20.1", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).\r\n\r\nThe CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20\r\n" } ], "providerMetadata": { "dateUpdated": "2023-06-30T23:39:59.161Z", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/2001873" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEEQIN5242K5NBE2CZ4DYTNA5B4YTYE5/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEJWL67XR67JAGEL2ZK22NA3BRKNMZNY/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKFMKD4MJZIKFQJAAJ4VZ2FHIJ764A76/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE/" }, { "url": "https://security.netapp.com/advisory/ntap-20230803-0009/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF/" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2023-30589", "datePublished": "2023-06-30T23:39:59.161Z", "dateReserved": "2023-04-13T01:00:12.086Z", "dateUpdated": "2024-08-02T14:28:51.669Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2879
Vulnerability from cvelistv5
Published
2023-05-26 00:00
Modified
2024-08-02 06:41
Severity ?
EPSS score ?
Summary
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Wireshark Foundation | Wireshark |
Version: >=4.0.0, <4.0.6 Version: >=3.6.0, <3.6.14 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:41:02.457Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wireshark.org/security/wnpa-sec-2023-14.html" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19068" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2879.json" }, { "name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html" }, { "name": "DSA-5429", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [ { "status": "affected", "version": "\u003e=4.0.0, \u003c4.0.6" }, { "status": "affected", "version": "\u003e=3.6.0, \u003c3.6.14" } ] } ], "descriptions": [ { "lang": "en", "value": "GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Loop with unreachable exit condition (\u0027infinite loop\u0027) in Wireshark", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-17T06:06:33.344581", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://www.wireshark.org/security/wnpa-sec-2023-14.html" }, { "url": "https://gitlab.com/wireshark/wireshark/-/issues/19068" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2879.json" }, { "name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html" }, { "name": "DSA-5429", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5429" }, { "name": "GLSA-202309-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202309-02" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-2879", "datePublished": "2023-05-26T00:00:00", "dateReserved": "2023-05-25T00:00:00", "dateUpdated": "2024-08-02T06:41:02.457Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.