Action not permitted
Modal body text goes here.
wid-sec-w-2024-0054
Vulnerability from csaf_certbund
Published
2024-01-09 23:00
Modified
2024-01-09 23:00
Summary
IBM Security Verify Access: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Security Verify Access, ehemals IBM Security Access Manager (ISAM), ist eine Zugriffsverwaltungslösung.
Angriff
Ein Angreifer kann mehrere Schwachstellen in IBM Security Verify Access ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM Security Verify Access, ehemals IBM Security Access Manager (ISAM), ist eine Zugriffsverwaltungsl\u00f6sung.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in IBM Security Verify Access ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0054 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0054.json" }, { "category": "self", "summary": "WID-SEC-2024-0054 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0054" }, { "category": "external", "summary": "IBM Security Bulletin 7106586 vom 2024-01-09", "url": "https://www.ibm.com/support/pages/node/7106586" }, { "category": "external", "summary": "IBM Security Bulletin 7106583 vom 2024-01-09", "url": "https://www.ibm.com/support/pages/node/7106583" } ], "source_lang": "en-US", "title": "IBM Security Verify Access: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-01-09T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:56:02.171+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0054", "initial_release_date": "2024-01-09T23:00:00.000+00:00", "revision_history": [ { "date": "2024-01-09T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM Security Verify Access \u003c 10.0.7-ISS-ISVA-FP0000", "product": { "name": "IBM Security Verify Access \u003c 10.0.7-ISS-ISVA-FP0000", "product_id": "T031968", "product_identification_helper": { "cpe": "cpe:/a:ibm:security_verify_access:10.0.7-iss-isva-fp0000" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2032-43016", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2032-43016" }, { "cve": "CVE-2023-43017", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-43017" }, { "cve": "CVE-2023-40225", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-40225" }, { "cve": "CVE-2023-39417", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-39417" }, { "cve": "CVE-2023-38369", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-38369" }, { "cve": "CVE-2023-38267", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-38267" }, { "cve": "CVE-2023-32697", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-32697" }, { "cve": "CVE-2023-32330", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-32330" }, { "cve": "CVE-2023-32329", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-32329" }, { "cve": "CVE-2023-32328", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-32328" }, { "cve": "CVE-2023-32327", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-32327" }, { "cve": "CVE-2023-31006", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-31006" }, { "cve": "CVE-2023-31005", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-31005" }, { "cve": "CVE-2023-31004", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-31004" }, { "cve": "CVE-2023-31003", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-31003" }, { "cve": "CVE-2023-31002", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-31002" }, { "cve": "CVE-2023-31001", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-31001" }, { "cve": "CVE-2023-30999", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-30999" }, { "cve": "CVE-2023-25725", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-25725" }, { "cve": "CVE-2023-24998", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-24998" }, { "cve": "CVE-2023-2455", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-2455" }, { "cve": "CVE-2023-2454", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-2454" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2023-1370" }, { "cve": "CVE-2022-45688", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2022-45688" }, { "cve": "CVE-2022-41862", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2022-41862" }, { "cve": "CVE-2022-2625", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2022-2625" }, { "cve": "CVE-2022-2068", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2022-2068" }, { "cve": "CVE-2022-1471", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2022-1471" }, { "cve": "CVE-2020-11100", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2020-11100" }, { "cve": "CVE-2019-19330", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2019-19330" }, { "cve": "CVE-2019-18277", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2019-18277" }, { "cve": "CVE-2019-18276", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2019-18276" }, { "cve": "CVE-2019-14241", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2019-14241" }, { "cve": "CVE-2017-18342", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2017-18342" }, { "cve": "CVE-2015-5237", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in IBM Security Verify Access. Diese Fehler bestehen in mehreren Komponenten wie Access Manager Container und Drittanbieter-Modulen wie PostgreSQL oder HAProxy. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder komplexe Angriffe wie Cache-Poisoning, Cross-Site-Scripting oder Session-Hijacking durchzuf\u00fchren. Einige der Schwachstellen erfordern eine Interaktion des Benutzers, um sie erfolgreich auszunutzen." } ], "release_date": "2024-01-09T23:00:00Z", "title": "CVE-2015-5237" } ] }
cve-2023-32328
Vulnerability from cvelistv5
Published
2024-02-07 16:07
Modified
2024-08-02 15:10
Severity ?
EPSS score ?
Summary
IBM Security Verify Access information disclosure
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254657 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:10:24.887Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254657" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-Force Id: 254957." } ], "value": "IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-Force Id: 254957." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-07T16:07:06.935Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254657" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Verify Access information disclosure", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-32328", "datePublished": "2024-02-07T16:07:06.935Z", "dateReserved": "2023-05-08T18:32:34.087Z", "dateUpdated": "2024-08-02T15:10:24.887Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2455
Vulnerability from cvelistv5
Published
2023-06-09 00:00
Modified
2024-08-02 06:26
Severity ?
EPSS score ?
Summary
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
n/a | postgresql |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:26:08.921Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-2455" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2023-2455/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230706-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "postgresql", "vendor": "n/a", "versions": [ { "status": "affected", "version": "PostgreSQL 15.3, PostgreSQL 14.8, PostgreSQL 13.11, PostgreSQL 12.15, PostgreSQL 11.20" } ] } ], "descriptions": [ { "lang": "en", "value": "Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-06T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-2455" }, { "url": "https://www.postgresql.org/support/security/CVE-2023-2455/" }, { "url": "https://security.netapp.com/advisory/ntap-20230706-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-2455", "datePublished": "2023-06-09T00:00:00", "dateReserved": "2023-05-01T00:00:00", "dateUpdated": "2024-08-02T06:26:08.921Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31005
Vulnerability from cvelistv5
Published
2024-02-03 00:17
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container privilege escalation
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254767 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:25.281Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254767" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a local user to escalate their privileges due to an improper security configuration. IBM X-Force ID: 254767." } ], "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a local user to escalate their privileges due to an improper security configuration. IBM X-Force ID: 254767." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T00:17:52.461Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254767" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container privilege escalation", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-31005", "datePublished": "2024-02-03T00:17:52.461Z", "dateReserved": "2023-04-21T17:50:04.655Z", "dateUpdated": "2024-08-02T14:45:25.281Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31002
Vulnerability from cvelistv5
Published
2024-02-07 16:13
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container information disclosure
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254657 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-31002", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-07T20:24:38.442594Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:21:41.617Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:24.392Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254657" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254657." } ], "value": "IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254657." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "256 Plaintext Storage of a Password", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-07T16:13:14.870Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254657" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container information disclosure", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-31002", "datePublished": "2024-02-07T16:13:14.870Z", "dateReserved": "2023-04-21T17:50:04.655Z", "dateUpdated": "2024-08-02T14:45:24.392Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31006
Vulnerability from cvelistv5
Published
2024-02-03 01:05
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container denial of service
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254776 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-31006", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-05T17:09:54.594077Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:21:27.700Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:24.791Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254776" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. IBM X-Force ID: 254776." } ], "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. IBM X-Force ID: 254776." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T01:05:14.622Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254776" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container denial of service", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-31006", "datePublished": "2024-02-03T01:05:14.622Z", "dateReserved": "2023-04-21T17:50:04.655Z", "dateUpdated": "2024-08-02T14:45:24.791Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-43017
Vulnerability from cvelistv5
Published
2024-02-07 16:10
Modified
2024-08-02 19:37
Severity ?
EPSS score ?
Summary
IBM Security Verify Access man in the middle
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/266155 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:37:22.925Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266155" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a configuration file that could allow remote access. IBM X-Force ID: 266155." } ], "value": "IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a configuration file that could allow remote access. IBM X-Force ID: 266155." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-07T16:10:54.183Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266155" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Verify Access man in the middle", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-43017", "datePublished": "2024-02-07T16:10:54.183Z", "dateReserved": "2023-09-15T01:11:41.606Z", "dateUpdated": "2024-08-02T19:37:22.925Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1370
Vulnerability from cvelistv5
Published
2023-03-13 09:04
Modified
2024-08-02 05:49
Severity ?
EPSS score ?
Summary
Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON
References
Impacted products
▼ | Vendor | Product |
---|---|---|
json-smart | json-smart |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:49:10.250Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://mvnrepository.com", "packageName": "net.minidev:json-smart", "product": "json-smart", "vendor": "json-smart", "versions": [ { "lessThan": "2.4.9", "status": "affected", "version": "0", "versionType": "maven" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003e[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\u003c/p\u003e\u003cp\u003eWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\u003c/p\u003e\u003cp\u003eIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.\u003c/p\u003e" } ], "value": "[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib.\n\nWhen reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, the code parses an array or an object respectively.\n\nIt was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-22T05:04:36.365Z", "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG" }, "references": [ { "url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON" } }, "cveMetadata": { "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "assignerShortName": "JFROG", "cveId": "CVE-2023-1370", "datePublished": "2023-03-13T09:04:36.365Z", "dateReserved": "2023-03-13T08:35:00.695Z", "dateUpdated": "2024-08-02T05:49:10.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38267
Vulnerability from cvelistv5
Published
2024-01-11 02:48
Modified
2024-09-03 18:23
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Appliance information disclosure
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/260584 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:39:12.302Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/260584" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-38267", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-21T19:55:54.937539Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-03T18:23:00.667Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:ibm:security_verify_access:10.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_verify_access:10.0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:security_verify_access_docker:10.0.6.1:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 260584." } ], "value": "IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 260584." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-311", "description": "CWE-311 Missing Encryption of Sensitive Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-24T14:40:36.381Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/260584" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Appliance information disclosure", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-38267", "datePublished": "2024-01-11T02:48:49.237Z", "dateReserved": "2023-07-14T00:46:14.890Z", "dateUpdated": "2024-09-03T18:23:00.667Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-18342
Vulnerability from cvelistv5
Published
2018-06-27 12:00
Modified
2024-08-05 21:20
Severity ?
EPSS score ?
Summary
In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.
References
▼ | URL | Tags |
---|---|---|
https://github.com/yaml/pyyaml/pull/74 | x_refsource_MISC | |
https://github.com/yaml/pyyaml/blob/master/CHANGES | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/ | vendor-advisory, x_refsource_FEDORA | |
https://github.com/marshmallow-code/apispec/issues/278 | x_refsource_MISC | |
https://github.com/yaml/pyyaml/issues/193 | x_refsource_MISC | |
https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load%28input%29-Deprecation | x_refsource_MISC | |
https://security.gentoo.org/glsa/202003-45 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T21:20:50.850Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/yaml/pyyaml/pull/74" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/yaml/pyyaml/blob/master/CHANGES" }, { "name": "FEDORA-2019-bed9afe622", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/" }, { "name": "FEDORA-2019-779a9db46a", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/" }, { "name": "FEDORA-2019-44643e8bcb", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/marshmallow-code/apispec/issues/278" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/yaml/pyyaml/issues/193" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load%28input%29-Deprecation" }, { "name": "GLSA-202003-45", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202003-45" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-06-27T00:00:00", "descriptions": [ { "lang": "en", "value": "In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the \u0027UnsafeLoader\u0027 has been introduced for backward compatibility with the function." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-03-19T20:06:10", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/yaml/pyyaml/pull/74" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/yaml/pyyaml/blob/master/CHANGES" }, { "name": "FEDORA-2019-bed9afe622", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/" }, { "name": "FEDORA-2019-779a9db46a", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/" }, { "name": "FEDORA-2019-44643e8bcb", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/marshmallow-code/apispec/issues/278" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/yaml/pyyaml/issues/193" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load%28input%29-Deprecation" }, { "name": "GLSA-202003-45", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202003-45" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-18342", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the \u0027UnsafeLoader\u0027 has been introduced for backward compatibility with the function." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/yaml/pyyaml/pull/74", "refsource": "MISC", "url": "https://github.com/yaml/pyyaml/pull/74" }, { "name": "https://github.com/yaml/pyyaml/blob/master/CHANGES", "refsource": "MISC", "url": "https://github.com/yaml/pyyaml/blob/master/CHANGES" }, { "name": "FEDORA-2019-bed9afe622", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/" }, { "name": "FEDORA-2019-779a9db46a", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/" }, { "name": "FEDORA-2019-44643e8bcb", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/" }, { "name": "https://github.com/marshmallow-code/apispec/issues/278", "refsource": "MISC", "url": "https://github.com/marshmallow-code/apispec/issues/278" }, { "name": "https://github.com/yaml/pyyaml/issues/193", "refsource": "MISC", "url": "https://github.com/yaml/pyyaml/issues/193" }, { "name": "https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation", "refsource": "MISC", "url": "https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation" }, { "name": "GLSA-202003-45", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-45" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-18342", "datePublished": "2018-06-27T12:00:00", "dateReserved": "2018-06-27T00:00:00", "dateUpdated": "2024-08-05T21:20:50.850Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-19330
Vulnerability from cvelistv5
Published
2019-11-27 15:53
Modified
2024-08-05 02:16
Severity ?
EPSS score ?
Summary
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
References
▼ | URL | Tags |
---|---|---|
https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=54f53ef7ce4102be596130b44c768d1818570344 | x_refsource_MISC | |
https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=146f53ae7e97dbfe496d0445c2802dd0a30b0878 | x_refsource_MISC | |
https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=ac198b92d461515551b95daae20954b3053ce87e | x_refsource_MISC | |
https://tools.ietf.org/html/rfc7540#section-10.3 | x_refsource_MISC | |
https://www.debian.org/security/2019/dsa-4577 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Nov/45 | mailing-list, x_refsource_BUGTRAQ | |
https://usn.ubuntu.com/4212-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://security.gentoo.org/glsa/202004-01 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T02:16:46.867Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=54f53ef7ce4102be596130b44c768d1818570344" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=146f53ae7e97dbfe496d0445c2802dd0a30b0878" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=ac198b92d461515551b95daae20954b3053ce87e" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://tools.ietf.org/html/rfc7540#section-10.3" }, { "name": "DSA-4577", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4577" }, { "name": "20191128 [SECURITY] [DSA 4577-1] haproxy security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Nov/45" }, { "name": "USN-4212-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4212-1/" }, { "name": "GLSA-202004-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202004-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-04-01T20:06:11", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=54f53ef7ce4102be596130b44c768d1818570344" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=146f53ae7e97dbfe496d0445c2802dd0a30b0878" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=ac198b92d461515551b95daae20954b3053ce87e" }, { "tags": [ "x_refsource_MISC" ], "url": "https://tools.ietf.org/html/rfc7540#section-10.3" }, { "name": "DSA-4577", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2019/dsa-4577" }, { "name": "20191128 [SECURITY] [DSA 4577-1] haproxy security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Nov/45" }, { "name": "USN-4212-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4212-1/" }, { "name": "GLSA-202004-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202004-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-19330", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=54f53ef7ce4102be596130b44c768d1818570344", "refsource": "MISC", "url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=54f53ef7ce4102be596130b44c768d1818570344" }, { "name": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=146f53ae7e97dbfe496d0445c2802dd0a30b0878", "refsource": "MISC", "url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=146f53ae7e97dbfe496d0445c2802dd0a30b0878" }, { "name": "https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=ac198b92d461515551b95daae20954b3053ce87e", "refsource": "MISC", "url": "https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=ac198b92d461515551b95daae20954b3053ce87e" }, { "name": "https://tools.ietf.org/html/rfc7540#section-10.3", "refsource": "MISC", "url": "https://tools.ietf.org/html/rfc7540#section-10.3" }, { "name": "DSA-4577", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4577" }, { "name": "20191128 [SECURITY] [DSA 4577-1] haproxy security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Nov/45" }, { "name": "USN-4212-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4212-1/" }, { "name": "GLSA-202004-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202004-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-19330", "datePublished": "2019-11-27T15:53:26", "dateReserved": "2019-11-27T00:00:00", "dateUpdated": "2024-08-05T02:16:46.867Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41862
Vulnerability from cvelistv5
Published
2023-03-03 00:00
Modified
2024-08-03 12:56
Severity ?
EPSS score ?
Summary
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
n/a | postgresql |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:56:38.305Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2022-41862/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165722" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230427-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "postgresql", "vendor": "n/a", "versions": [ { "status": "affected", "version": "postgresql 5.2, postgresql 14.7, postgresql 13.10, postgresql 12.14, postgresql 11.19" } ] } ], "descriptions": [ { "lang": "en", "value": "In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-27T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://www.postgresql.org/support/security/CVE-2022-41862/" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165722" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0002/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-41862", "datePublished": "2023-03-03T00:00:00", "dateReserved": "2022-09-30T00:00:00", "dateUpdated": "2024-08-03T12:56:38.305Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2068
Vulnerability from cvelistv5
Published
2022-06-21 14:45
Modified
2024-09-16 19:41
Severity ?
EPSS score ?
Summary
The c_rehash script allows command injection
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.279Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20220621.txt" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9" }, { "name": "DSA-5169", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5169" }, { "name": "FEDORA-2022-3b7d0abd0b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220707-0008/" }, { "name": "FEDORA-2022-41890e9e44", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "status": "affected", "version": "Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3)" }, { "status": "affected", "version": "Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o)" }, { "status": "affected", "version": "Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)" } ] } ], "credits": [ { "lang": "en", "value": "Chancen (Qingteng 73lab)" } ], "datePublic": "2022-06-21T00:00:00", "descriptions": [ { "lang": "en", "value": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)." } ], "metrics": [ { "other": { "content": { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Moderate", "value": "Moderate" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "description": "Command injection", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-10T00:00:00", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "url": "https://www.openssl.org/news/secadv/20220621.txt" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9" }, { "name": "DSA-5169", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5169" }, { "name": "FEDORA-2022-3b7d0abd0b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/" }, { "url": "https://security.netapp.com/advisory/ntap-20220707-0008/" }, { "name": "FEDORA-2022-41890e9e44", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" } ], "title": "The c_rehash script allows command injection" } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2022-2068", "datePublished": "2022-06-21T14:45:20.597138Z", "dateReserved": "2022-06-13T00:00:00", "dateUpdated": "2024-09-16T19:41:46.658Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-18277
Vulnerability from cvelistv5
Published
2019-10-23 13:07
Modified
2024-08-05 01:47
Severity ?
EPSS score ?
Summary
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).
References
▼ | URL | Tags |
---|---|---|
https://www.mail-archive.com/haproxy%40formilux.org/msg34926.html | x_refsource_MISC | |
https://nathandavison.com/blog/haproxy-http-request-smuggling | x_refsource_MISC | |
https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=196a7df44d8129d1adc795da020b722614d6a581 | x_refsource_MISC | |
https://usn.ubuntu.com/4174-1/ | vendor-advisory, x_refsource_UBUNTU | |
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00016.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00019.html | vendor-advisory, x_refsource_SUSE | |
https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T01:47:14.151Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg34926.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://nathandavison.com/blog/haproxy-http-request-smuggling" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=196a7df44d8129d1adc795da020b722614d6a581" }, { "name": "USN-4174-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4174-1/" }, { "name": "openSUSE-SU-2019:2626", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00016.html" }, { "name": "openSUSE-SU-2019:2645", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00019.html" }, { "name": "[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the \"chunked\" value were not being correctly rejected. The impact was limited but if combined with the \"http-reuse always\" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-05-30T18:06:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg34926.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://nathandavison.com/blog/haproxy-http-request-smuggling" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=196a7df44d8129d1adc795da020b722614d6a581" }, { "name": "USN-4174-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4174-1/" }, { "name": "openSUSE-SU-2019:2626", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00016.html" }, { "name": "openSUSE-SU-2019:2645", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00019.html" }, { "name": "[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-18277", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the \"chunked\" value were not being correctly rejected. The impact was limited but if combined with the \"http-reuse always\" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mail-archive.com/haproxy@formilux.org/msg34926.html", "refsource": "MISC", "url": "https://www.mail-archive.com/haproxy@formilux.org/msg34926.html" }, { "name": "https://nathandavison.com/blog/haproxy-http-request-smuggling", "refsource": "MISC", "url": "https://nathandavison.com/blog/haproxy-http-request-smuggling" }, { "name": "https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581", "refsource": "MISC", "url": "https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581" }, { "name": "USN-4174-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4174-1/" }, { "name": "openSUSE-SU-2019:2626", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00016.html" }, { "name": "openSUSE-SU-2019:2645", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00019.html" }, { "name": "[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-18277", "datePublished": "2019-10-23T13:07:01", "dateReserved": "2019-10-23T00:00:00", "dateUpdated": "2024-08-05T01:47:14.151Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2454
Vulnerability from cvelistv5
Published
2023-06-09 00:00
Modified
2024-08-02 06:26
Severity ?
EPSS score ?
Summary
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
n/a | postgresql |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:26:08.641Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-2454" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2023-2454/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230706-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "postgresql", "vendor": "n/a", "versions": [ { "status": "affected", "version": "PostgreSQL 15.3, PostgreSQL 14.8, PostgreSQL 13.11, PostgreSQL 12.15, PostgreSQL 11.20" } ] } ], "descriptions": [ { "lang": "en", "value": "schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-06T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-2454" }, { "url": "https://www.postgresql.org/support/security/CVE-2023-2454/" }, { "url": "https://security.netapp.com/advisory/ntap-20230706-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-2454", "datePublished": "2023-06-09T00:00:00", "dateReserved": "2023-05-01T00:00:00", "dateUpdated": "2024-08-02T06:26:08.641Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45688
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:17
Severity ?
EPSS score ?
Summary
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:17:04.006Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/dromara/hutool/issues/2748" }, { "tags": [ "x_transferred" ], "url": "https://github.com/stleary/JSON-java/issues/708" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/dromara/hutool/issues/2748" }, { "url": "https://github.com/stleary/JSON-java/issues/708" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-45688", "datePublished": "2022-12-13T00:00:00", "dateReserved": "2022-11-21T00:00:00", "dateUpdated": "2024-08-03T14:17:04.006Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39417
Vulnerability from cvelistv5
Published
2023-08-11 12:19
Modified
2024-09-12 19:51
Severity ?
EPSS score ?
Summary
Postgresql: extension script @substitutions@ within quoting allow sql injection
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-39417", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-26T15:28:16.003937Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-26T15:28:30.775Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T18:10:20.829Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:7545", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "name": "RHSA-2023:7579", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "name": "RHSA-2023:7580", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "name": "RHSA-2023:7581", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "name": "RHSA-2023:7616", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "name": "RHSA-2023:7656", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "name": "RHSA-2023:7666", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "name": "RHSA-2023:7667", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "name": "RHSA-2023:7694", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "name": "RHSA-2023:7695", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "name": "RHSA-2023:7714", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "name": "RHSA-2023:7770", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "name": "RHSA-2023:7772", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "name": "RHSA-2023:7784", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "name": "RHSA-2024:0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "name": "RHSA-2024:0332", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "name": "RHSA-2024:0337", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-39417" }, { "name": "RHBZ#2228111", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00003.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230915-0002/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5553" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5554" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2023-39417" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.2::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "Red Hat Advanced Cluster Security 4.2", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.2.4-7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113712.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231128173330.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113548.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020231128165246.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127153301.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020231127154806.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231114115246.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231128165328.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:13", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231114105206.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:12", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231128165335.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231113134015.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9030020231120082734.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::crb", "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9020020231115020618.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql12-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:12.17-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3::el7" ], "defaultStatus": "affected", "packageName": "rh-postgresql13-postgresql", "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:13.13-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:3.74::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "RHACS-3.74-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "3.74.8-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-central-db-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-main-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-operator-bundle", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.1::el8" ], "defaultStatus": "affected", "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "product": "RHACS-4.1-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "4.1.6-6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "postgresql:10/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3" ], "defaultStatus": "affected", "packageName": "rh-postgresql10-postgresql", "product": "Red Hat Software Collections", "vendor": "Red Hat" } ], "datePublic": "2023-08-10T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, \u0027\u0027, or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-89", "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-12T19:51:10.673Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:7545", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "name": "RHSA-2023:7579", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "name": "RHSA-2023:7580", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "name": "RHSA-2023:7581", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "name": "RHSA-2023:7616", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "name": "RHSA-2023:7656", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "name": "RHSA-2023:7666", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "name": "RHSA-2023:7667", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "name": "RHSA-2023:7694", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "name": "RHSA-2023:7695", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "name": "RHSA-2023:7714", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "name": "RHSA-2023:7770", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "name": "RHSA-2023:7772", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "name": "RHSA-2023:7784", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "name": "RHSA-2024:0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "name": "RHSA-2024:0332", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "name": "RHSA-2024:0337", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-39417" }, { "name": "RHBZ#2228111", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111" }, { "url": "https://www.postgresql.org/support/security/CVE-2023-39417" } ], "timeline": [ { "lang": "en", "time": "2023-08-01T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-08-10T00:00:00+00:00", "value": "Made public." } ], "title": "Postgresql: extension script @substitutions@ within quoting allow sql injection", "x_redhatCweChain": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-39417", "datePublished": "2023-08-11T12:19:15.108Z", "dateReserved": "2023-08-01T09:31:02.842Z", "dateUpdated": "2024-09-12T19:51:10.673Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-14241
Vulnerability from cvelistv5
Published
2019-07-23 12:02
Modified
2024-08-05 00:12
Severity ?
EPSS score ?
Summary
HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.
References
▼ | URL | Tags |
---|---|---|
https://github.com/haproxy/haproxy/issues/181 | x_refsource_MISC | |
http://www.securityfocus.com/bid/109352 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00062.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00060.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T00:12:43.367Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/haproxy/haproxy/issues/181" }, { "name": "109352", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/109352" }, { "name": "openSUSE-SU-2019:2556", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00062.html" }, { "name": "openSUSE-SU-2019:2555", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00060.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-24T00:07:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/haproxy/haproxy/issues/181" }, { "name": "109352", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/109352" }, { "name": "openSUSE-SU-2019:2556", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00062.html" }, { "name": "openSUSE-SU-2019:2555", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00060.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-14241", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/haproxy/haproxy/issues/181", "refsource": "MISC", "url": "https://github.com/haproxy/haproxy/issues/181" }, { "name": "109352", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109352" }, { "name": "openSUSE-SU-2019:2556", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00062.html" }, { "name": "openSUSE-SU-2019:2555", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00060.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-14241", "datePublished": "2019-07-23T12:02:36", "dateReserved": "2019-07-23T00:00:00", "dateUpdated": "2024-08-05T00:12:43.367Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31004
Vulnerability from cvelistv5
Published
2024-02-03 01:03
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container gain access
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254765 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:24.443Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254765" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to gain access to the underlying system using man in the middle techniques. IBM X-Force ID: 254765." } ], "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to gain access to the underlying system using man in the middle techniques. IBM X-Force ID: 254765." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-300", "description": "CWE-300 Channel Accessible by Non-Endpoint (\u0027Man-in-the-Middle\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T01:03:35.459Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254765" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container gain access", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-31004", "datePublished": "2024-02-03T01:03:35.459Z", "dateReserved": "2023-04-21T17:50:04.655Z", "dateUpdated": "2024-08-02T14:45:24.443Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-40225
Vulnerability from cvelistv5
Published
2023-08-10 00:00
Modified
2024-10-09 20:14
Severity ?
EPSS score ?
Summary
HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:24:55.757Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/haproxy/haproxy/issues/2237" }, { "tags": [ "x_transferred" ], "url": "https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856" }, { "tags": [ "x_transferred" ], "url": "https://www.haproxy.org/download/2.8/src/CHANGELOG" }, { "tags": [ "x_transferred" ], "url": "https://www.haproxy.org/download/2.7/src/CHANGELOG" }, { "tags": [ "x_transferred" ], "url": "https://www.haproxy.org/download/2.6/src/CHANGELOG" }, { "tags": [ "x_transferred" ], "url": "https://cwe.mitre.org/data/definitions/436.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-40225", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-09T20:14:21.494530Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T20:14:29.797Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-10T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/haproxy/haproxy/issues/2237" }, { "url": "https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856" }, { "url": "https://www.haproxy.org/download/2.8/src/CHANGELOG" }, { "url": "https://www.haproxy.org/download/2.7/src/CHANGELOG" }, { "url": "https://www.haproxy.org/download/2.6/src/CHANGELOG" }, { "url": "https://cwe.mitre.org/data/definitions/436.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-40225", "datePublished": "2023-08-10T00:00:00", "dateReserved": "2023-08-10T00:00:00", "dateUpdated": "2024-10-09T20:14:29.797Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32330
Vulnerability from cvelistv5
Published
2024-02-07 16:09
Modified
2024-08-02 15:10
Severity ?
EPSS score ?
Summary
IBM Security Verify Access man in the middle
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254977 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-32330", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-21T19:32:05.886809Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:26:25.750Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:10:24.819Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254977" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977." } ], "value": "IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-295", "description": "CWE-295 Improper Certificate Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-07T16:09:01.182Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254977" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Verify Access man in the middle", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-32330", "datePublished": "2024-02-07T16:09:01.182Z", "dateReserved": "2023-05-08T18:32:34.087Z", "dateUpdated": "2024-08-02T15:10:24.819Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31003
Vulnerability from cvelistv5
Published
2024-01-11 02:22
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container privilege escalation
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254658 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:24.443Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254658" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254658." } ], "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254658." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-11T02:22:44.925Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254658" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container privilege escalation", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-31003", "datePublished": "2024-01-11T02:22:44.925Z", "dateReserved": "2023-04-21T17:50:04.655Z", "dateUpdated": "2024-08-02T14:45:24.443Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2625
Vulnerability from cvelistv5
Published
2022-08-18 00:00
Modified
2024-08-03 00:46
Severity ?
EPSS score ?
Summary
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
n/a | postgresql |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:46:03.361Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113825" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/" }, { "name": "GLSA-202211-04", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202211-04" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "postgresql", "vendor": "n/a", "versions": [ { "status": "affected", "version": "postgresql 14.5, postgresql 13.8, postgresql 12.12, postgresql 11.17, postgresql 10.22" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-915", "description": "CWE-915", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-22T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113825" }, { "url": "https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/" }, { "name": "GLSA-202211-04", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202211-04" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-2625", "datePublished": "2022-08-18T00:00:00", "dateReserved": "2022-08-02T00:00:00", "dateUpdated": "2024-08-03T00:46:03.361Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-11100
Vulnerability from cvelistv5
Published
2020-04-02 14:23
Modified
2024-08-04 11:21
Severity ?
EPSS score ?
Summary
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:21:14.619Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.haproxy.org" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.haproxy.org/download/2.1/src/CHANGELOG" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023" }, { "name": "openSUSE-SU-2020:0444", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html" }, { "name": "FEDORA-2020-16cd111544", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/" }, { "name": "DSA-4649", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2020/dsa-4649" }, { "name": "USN-4321-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4321-1/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html" }, { "name": "FEDORA-2020-13fd8b1721", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/" }, { "name": "GLSA-202012-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202012-22" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-12-24T15:06:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.haproxy.org" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.haproxy.org/download/2.1/src/CHANGELOG" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023" }, { "name": "openSUSE-SU-2020:0444", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html" }, { "name": "FEDORA-2020-16cd111544", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/" }, { "name": "DSA-4649", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2020/dsa-4649" }, { "name": "USN-4321-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4321-1/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html" }, { "name": "FEDORA-2020-13fd8b1721", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/" }, { "name": "GLSA-202012-22", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202012-22" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-11100", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.haproxy.org", "refsource": "MISC", "url": "http://www.haproxy.org" }, { "name": "https://www.haproxy.org/download/2.1/src/CHANGELOG", "refsource": "CONFIRM", "url": "https://www.haproxy.org/download/2.1/src/CHANGELOG" }, { "name": "https://lists.debian.org/debian-security-announce/2020/msg00052.html", "refsource": "CONFIRM", "url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html" }, { "name": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html", "refsource": "CONFIRM", "url": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111" }, { "name": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88", "refsource": "CONFIRM", "url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88" }, { "name": "https://bugzilla.suse.com/show_bug.cgi?id=1168023", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023" }, { "name": "openSUSE-SU-2020:0444", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html" }, { "name": "FEDORA-2020-16cd111544", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/" }, { "name": "DSA-4649", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4649" }, { "name": "USN-4321-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4321-1/" }, { "name": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html" }, { "name": "FEDORA-2020-13fd8b1721", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/" }, { "name": "GLSA-202012-22", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202012-22" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-11100", "datePublished": "2020-04-02T14:23:05", "dateReserved": "2020-03-30T00:00:00", "dateUpdated": "2024-08-04T11:21:14.619Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32697
Vulnerability from cvelistv5
Published
2023-05-23 22:45
Modified
2024-08-02 15:25
Severity ?
EPSS score ?
Summary
Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled
References
▼ | URL | Tags |
---|---|---|
https://github.com/xerial/sqlite-jdbc/security/advisories/GHSA-6phf-6h5g-97j2 | x_refsource_CONFIRM | |
https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2 | x_refsource_MISC |
Impacted products
▼ | Vendor | Product |
---|---|---|
xerial | sqlite-jdbc |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:25:36.870Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/xerial/sqlite-jdbc/security/advisories/GHSA-6phf-6h5g-97j2", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/xerial/sqlite-jdbc/security/advisories/GHSA-6phf-6h5g-97j2" }, { "name": "https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "sqlite-jdbc", "vendor": "xerial", "versions": [ { "status": "affected", "version": "\u003e= 3.6.14.1, \u003c 3.41.2.2" } ] } ], "descriptions": [ { "lang": "en", "value": "SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-23T22:45:10.493Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/xerial/sqlite-jdbc/security/advisories/GHSA-6phf-6h5g-97j2", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/xerial/sqlite-jdbc/security/advisories/GHSA-6phf-6h5g-97j2" }, { "name": "https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2" } ], "source": { "advisory": "GHSA-6phf-6h5g-97j2", "discovery": "UNKNOWN" }, "title": "Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-32697", "datePublished": "2023-05-23T22:45:10.493Z", "dateReserved": "2023-05-11T16:33:45.734Z", "dateUpdated": "2024-08-02T15:25:36.870Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30999
Vulnerability from cvelistv5
Published
2024-02-03 00:31
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
IBM Security Access Manager denial of service
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254651 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "security_verify_access", "vendor": "ibm", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0", "versionType": "semver" } ] }, { "cpes": [ "cpe:2.3:a:ibm:security_verify_access_docker:10.0.0.0:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "security_verify_access_docker", "vendor": "ibm", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-30999", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-05T15:28:57.654447Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-12T22:42:40.886Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:24.419Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254651" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 254651." } ], "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 254651." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T00:31:31.771Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254651" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager denial of service", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-30999", "datePublished": "2024-02-03T00:31:31.771Z", "dateReserved": "2023-04-21T17:50:04.655Z", "dateUpdated": "2024-08-02T14:45:24.419Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-25725
Vulnerability from cvelistv5
Published
2023-02-14 00:00
Modified
2024-08-02 11:32
Severity ?
EPSS score ?
Summary
HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:32:11.848Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.haproxy.org/" }, { "tags": [ "x_transferred" ], "url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112" }, { "name": "[debian-lts-announce] 20230214 [SECURITY] [DLA 3318-1] haproxy security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html" }, { "name": "DSA-5348", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5348" }, { "name": "FEDORA-2023-7e04833463", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/" }, { "name": "FEDORA-2023-3e8a21cd5b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka \"request smuggling.\" The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-25T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.haproxy.org/" }, { "url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112" }, { "name": "[debian-lts-announce] 20230214 [SECURITY] [DLA 3318-1] haproxy security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html" }, { "name": "DSA-5348", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5348" }, { "name": "FEDORA-2023-7e04833463", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/" }, { "name": "FEDORA-2023-3e8a21cd5b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-25725", "datePublished": "2023-02-14T00:00:00", "dateReserved": "2023-02-13T00:00:00", "dateUpdated": "2024-08-02T11:32:11.848Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32329
Vulnerability from cvelistv5
Published
2024-02-03 01:00
Modified
2024-08-21 14:12
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container improper file validation
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254972 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:10:24.882Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254972" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-32329", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-21T14:12:29.249196Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-21T14:12:47.242Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force ID: 254972." } ], "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force ID: 254972." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-345", "description": "CWE-345 Insufficient Verification of Data Authenticity", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T01:00:15.237Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254972" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container improper file validation", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-32329", "datePublished": "2024-02-03T01:00:15.237Z", "dateReserved": "2023-05-08T18:32:34.087Z", "dateUpdated": "2024-08-21T14:12:47.242Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-5237
Vulnerability from cvelistv5
Published
2017-09-25 17:00
Modified
2024-08-06 06:41
Severity ?
EPSS score ?
Summary
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T06:41:08.584Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/google/protobuf/issues/760" }, { "name": "[oss-security] 20150827 CVE-2015-5237: Integer overflow in protobuf serialization (currently minor)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2015/08/27/2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256426" }, { "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E" }, { "name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E" }, { "name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E" }, { "name": "[pulsar-commits] 20200425 [GitHub] [pulsar] guyv opened a new issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ra28fed69eef3a71e5fe5daea001d0456b05b102044237330ec5c7c82%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200428 [GitHub] [pulsar] gaoran10 edited a comment on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r17dc6f394429f6bffb5e4c66555d93c2e9923cbbdc5a93db9a56c1c7%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200428 [GitHub] [pulsar] gaoran10 commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r42e47994734cd1980ef3e204a40555336e10cc80096927aca2f37d90%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200428 [GitHub] [pulsar] guyv commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/re6d04a214424a97ea59c62190d79316edf311a0a6346524dfef3b940%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200428 [GitHub] [pulsar] guyv edited a comment on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r1263fa5b51e4ec3cb8f09ff40e4747428c71198e9bee93349ec96a3c%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200430 [GitHub] [pulsar] sijie commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r42ef6acfb0d86a2df0c2390702ecbe97d2104a331560f2790d17ca69%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200506 [GitHub] [pulsar] gaoran10 commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rb71dac1d9dd4e8a8ae3dbc033aeae514eda9be1263c1df3b42a530a2%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200506 [GitHub] [pulsar] gaoran10 edited a comment on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r320dc858da88846ba00bb077bcca2cdf75b7dde0f6eb3a3d60dba6a1%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200506 [GitHub] [pulsar] sijie commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r85c9a764b573c786224688cc906c27e28343e18f5b33387f94cae90f%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E" }, { "name": "[flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E" }, { "name": "[pulsar-commits] 20210120 [GitHub] [pulsar] fmiguelez opened a new issue #9250: Protobuf version used in broker and client affected by vulnerability CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r5e52caf41dc49df55b4ee80758356fe1ff2a88179ff24c685de7c28d%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20210120 [GitHub] [pulsar] merlimat commented on issue #9250: Protobuf version used in broker and client affected by vulnerability CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf7539287c90be979bac94af9aaba34118fbf968864944b4871af48dd%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20210128 [GitHub] [pulsar] codelipenghui closed issue #9250: Protobuf version used in broker and client affected by vulnerability CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r1d274d647b3c2060df9be21eade4ce56d3a59998cf19ac72662dd994%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[spark-issues] 20210624 [jira] [Assigned] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rb40dc9d63a5331bce8e80865b7fa3af9dd31e16555affd697b6f3526%40%3Cissues.spark.apache.org%3E" }, { "name": "[spark-issues] 20210624 [jira] [Commented] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r4886108206d4c535db9b20c813fe4723d4fe6a91b9278382af8b9d08%40%3Cissues.spark.apache.org%3E" }, { "name": "[spark-issues] 20210624 [jira] [Created] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r5741f4dbdd129dbb9885f5fb170dc1b24a06b9313bedef5e67fded94%40%3Cissues.spark.apache.org%3E" }, { "name": "[spark-issues] 20210720 [jira] [Resolved] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r14fa8d38d5757254f1a2e112270c996711d514de2e3b01c93d397ab4%40%3Cissues.spark.apache.org%3E" }, { "name": "[hadoop-common-dev] 20210823 [jira] [Created] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities CVEs #CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r00d9ab1fc0f1daf14cd4386564dd84f7889404438d81462c86dfa836%40%3Ccommon-dev.hadoop.apache.org%3E" }, { "name": "[hadoop-common-issues] 20210823 [jira] [Updated] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities #CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r764fc66435ee4d185d359c28c0887d3e5866d7292a8d5598d9e7cbc4%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "name": "[hadoop-common-issues] 20210823 [jira] [Created] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities CVEs #CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r2ea33ce5591a9cb9ed52750b6ab42ab658f529a7028c3166ba93c7d5%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "name": "[hadoop-common-issues] 20210823 [jira] [Commented] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities #CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r0ca83171c4898dc92b86fa6f484a7be1dc96206765f4d01dce0f1b28%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "name": "[hbase-issues] 20210828 [jira] [Commented] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r4ef574a5621b0e670a3ce641e9922543e34f22bf4c9ee9584aa67fcf%40%3Cissues.hbase.apache.org%3E" }, { "name": "[hbase-dev] 20210828 [jira] [Created] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r00097d0b5b6164ea428554007121d5dc1f88ba2af7b9e977a10572cd%40%3Cdev.hbase.apache.org%3E" }, { "name": "[hbase-issues] 20210828 [jira] [Created] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd64381fb8f92d640c1975dc50dcdf1b8512e02a2a7b20292d3565cae%40%3Cissues.hbase.apache.org%3E" }, { "name": "[hadoop-common-issues] 20210902 [jira] [Updated] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities #CVE-2015-5237, CVE-2019-15544", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r7fed8dd9bee494094e7011cf3c2ab75bd8754ea314c6734688c42932%40%3Ccommon-issues.hadoop.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-08-24T00:00:00", "descriptions": [ { "lang": "en", "value": "protobuf allows remote authenticated attackers to cause a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-09-02T14:06:08", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/google/protobuf/issues/760" }, { "name": "[oss-security] 20150827 CVE-2015-5237: Integer overflow in protobuf serialization (currently minor)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2015/08/27/2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256426" }, { "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E" }, { "name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E" }, { "name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E" }, { "name": "[pulsar-commits] 20200425 [GitHub] [pulsar] guyv opened a new issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/ra28fed69eef3a71e5fe5daea001d0456b05b102044237330ec5c7c82%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200428 [GitHub] [pulsar] gaoran10 edited a comment on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r17dc6f394429f6bffb5e4c66555d93c2e9923cbbdc5a93db9a56c1c7%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200428 [GitHub] [pulsar] gaoran10 commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r42e47994734cd1980ef3e204a40555336e10cc80096927aca2f37d90%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200428 [GitHub] [pulsar] guyv commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/re6d04a214424a97ea59c62190d79316edf311a0a6346524dfef3b940%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200428 [GitHub] [pulsar] guyv edited a comment on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r1263fa5b51e4ec3cb8f09ff40e4747428c71198e9bee93349ec96a3c%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200430 [GitHub] [pulsar] sijie commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r42ef6acfb0d86a2df0c2390702ecbe97d2104a331560f2790d17ca69%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200506 [GitHub] [pulsar] gaoran10 commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rb71dac1d9dd4e8a8ae3dbc033aeae514eda9be1263c1df3b42a530a2%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200506 [GitHub] [pulsar] gaoran10 edited a comment on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r320dc858da88846ba00bb077bcca2cdf75b7dde0f6eb3a3d60dba6a1%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20200506 [GitHub] [pulsar] sijie commented on issue #6818: pulsar-client vulnerability CVE-2015-5237 (shaded protobuf-java:2.4.1)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r85c9a764b573c786224688cc906c27e28343e18f5b33387f94cae90f%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cdev.flink.apache.org%3E" }, { "name": "[flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r02e39d7beb32eebcdbb4b516e95f67d71c90d5d462b26f4078d21eeb%40%3Cuser.flink.apache.org%3E" }, { "name": "[pulsar-commits] 20210120 [GitHub] [pulsar] fmiguelez opened a new issue #9250: Protobuf version used in broker and client affected by vulnerability CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r5e52caf41dc49df55b4ee80758356fe1ff2a88179ff24c685de7c28d%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20210120 [GitHub] [pulsar] merlimat commented on issue #9250: Protobuf version used in broker and client affected by vulnerability CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf7539287c90be979bac94af9aaba34118fbf968864944b4871af48dd%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[pulsar-commits] 20210128 [GitHub] [pulsar] codelipenghui closed issue #9250: Protobuf version used in broker and client affected by vulnerability CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r1d274d647b3c2060df9be21eade4ce56d3a59998cf19ac72662dd994%40%3Ccommits.pulsar.apache.org%3E" }, { "name": "[spark-issues] 20210624 [jira] [Assigned] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rb40dc9d63a5331bce8e80865b7fa3af9dd31e16555affd697b6f3526%40%3Cissues.spark.apache.org%3E" }, { "name": "[spark-issues] 20210624 [jira] [Commented] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r4886108206d4c535db9b20c813fe4723d4fe6a91b9278382af8b9d08%40%3Cissues.spark.apache.org%3E" }, { "name": "[spark-issues] 20210624 [jira] [Created] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r5741f4dbdd129dbb9885f5fb170dc1b24a06b9313bedef5e67fded94%40%3Cissues.spark.apache.org%3E" }, { "name": "[spark-issues] 20210720 [jira] [Resolved] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r14fa8d38d5757254f1a2e112270c996711d514de2e3b01c93d397ab4%40%3Cissues.spark.apache.org%3E" }, { "name": "[hadoop-common-dev] 20210823 [jira] [Created] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities CVEs #CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r00d9ab1fc0f1daf14cd4386564dd84f7889404438d81462c86dfa836%40%3Ccommon-dev.hadoop.apache.org%3E" }, { "name": "[hadoop-common-issues] 20210823 [jira] [Updated] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities #CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r764fc66435ee4d185d359c28c0887d3e5866d7292a8d5598d9e7cbc4%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "name": "[hadoop-common-issues] 20210823 [jira] [Created] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities CVEs #CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r2ea33ce5591a9cb9ed52750b6ab42ab658f529a7028c3166ba93c7d5%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "name": "[hadoop-common-issues] 20210823 [jira] [Commented] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities #CVE-2015-5237", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r0ca83171c4898dc92b86fa6f484a7be1dc96206765f4d01dce0f1b28%40%3Ccommon-issues.hadoop.apache.org%3E" }, { "name": "[hbase-issues] 20210828 [jira] [Commented] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r4ef574a5621b0e670a3ce641e9922543e34f22bf4c9ee9584aa67fcf%40%3Cissues.hbase.apache.org%3E" }, { "name": "[hbase-dev] 20210828 [jira] [Created] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r00097d0b5b6164ea428554007121d5dc1f88ba2af7b9e977a10572cd%40%3Cdev.hbase.apache.org%3E" }, { "name": "[hbase-issues] 20210828 [jira] [Created] (HBASE-26234) Protobuf-java-2.5.0.jar Has Several Security Vulnerabilities,CVE-2015-5237,CVE-2019-15544", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd64381fb8f92d640c1975dc50dcdf1b8512e02a2a7b20292d3565cae%40%3Cissues.hbase.apache.org%3E" }, { "name": "[hadoop-common-issues] 20210902 [jira] [Updated] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities #CVE-2015-5237, CVE-2019-15544", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r7fed8dd9bee494094e7011cf3c2ab75bd8754ea314c6734688c42932%40%3Ccommon-issues.hadoop.apache.org%3E" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-5237", "datePublished": "2017-09-25T17:00:00", "dateReserved": "2015-07-01T00:00:00", "dateUpdated": "2024-08-06T06:41:08.584Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-24998
Vulnerability from cvelistv5
Published
2023-02-20 15:57
Modified
2024-08-02 11:11
Severity ?
EPSS score ?
Summary
Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:11:43.763Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20230302-0013/" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/05/22/1" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-37" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Commons FileUpload", "vendor": "Apache Software Foundation", "versions": [ { "lessThan": "1.5", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [ { "status": "affected", "version": "11.0.0-M1" }, { "lessThanOrEqual": "10.1.4", "status": "affected", "version": "10.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "9.0.70", "status": "affected", "version": "9.0.0-M1", "versionType": "semver" }, { "lessThanOrEqual": "8.5.84", "status": "affected", "version": "8.5.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Jakob Ackermann" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003eApache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eNote that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured.\u003cbr\u003e\u003c/div\u003e" } ], "value": "Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.\n\n\n\n\nNote that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured.\n\n\n" } ], "metrics": [ { "other": { "content": { "text": "important" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-23T09:34:44.714Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy" }, { "url": "http://www.openwall.com/lists/oss-security/2023/05/22/1" }, { "url": "https://security.gentoo.org/glsa/202305-37" }, { "url": "https://www.debian.org/security/2023/dsa-5522" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" } ], "source": { "discovery": "EXTERNAL" }, "title": "Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2023-24998", "datePublished": "2023-02-20T15:57:07.372Z", "dateReserved": "2023-02-01T10:32:05.492Z", "dateUpdated": "2024-08-02T11:11:43.763Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1471
Vulnerability from cvelistv5
Published
2022-12-01 10:47
Modified
2024-09-17 13:52
Severity ?
EPSS score ?
Summary
Remote Code execution in SnakeYAML
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:03:06.269Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" }, { "tags": [ "x_transferred" ], "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479" }, { "tags": [ "x_transferred" ], "url": "https://github.com/mbechler/marshalsec" }, { "tags": [ "x_transferred" ], "url": "https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230818-0015/" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/11/19/1" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-1471", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-07T18:13:22.155371Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T13:52:47.976Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "SnakeYAML", "vendor": "SnakeYAML", "versions": [ { "lessThanOrEqual": "2.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSnakeYaml\u0027s Constructor() class does not restrict types which can be instantiated during deserialization.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDeserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml\u0027s SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e" } ], "value": "SnakeYaml\u0027s Constructor() class does not restrict types which can be instantiated during deserialization.\u00a0Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml\u0027s SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\n" } ], "impacts": [ { "capecId": "CAPEC-253", "descriptions": [ { "lang": "en", "value": "CAPEC-253 Remote Code Inclusion" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-25T16:48:44.288Z", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2" }, { "url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479" }, { "url": "https://github.com/mbechler/marshalsec" }, { "url": "https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true" }, { "url": "https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc" }, { "url": "https://security.netapp.com/advisory/ntap-20230818-0015/" }, { "url": "http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html" }, { "url": "http://www.openwall.com/lists/oss-security/2023/11/19/1" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "source": { "discovery": "UNKNOWN" }, "title": "Remote Code execution in SnakeYAML", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2022-1471", "datePublished": "2022-12-01T10:47:07.203Z", "dateReserved": "2022-04-26T08:32:53.188Z", "dateUpdated": "2024-09-17T13:52:47.976Z", "requesterUserId": "ed9b5bb2-2df1-4aa3-9791-5fb260d88e62", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-31001
Vulnerability from cvelistv5
Published
2024-01-11 02:44
Modified
2024-08-02 14:45
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container information disclosure
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254653 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:45:24.397Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254653" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653." } ], "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-257", "description": "CWE-257 Storing Passwords in a Recoverable Format", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-11T02:44:33.092Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254653" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container information disclosure", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-31001", "datePublished": "2024-01-11T02:44:33.092Z", "dateReserved": "2023-04-21T17:50:04.655Z", "dateUpdated": "2024-08-02T14:45:24.397Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32327
Vulnerability from cvelistv5
Published
2024-02-03 00:57
Modified
2024-08-02 15:10
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container XML external entity injection
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/254783 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-32327", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-21T20:04:10.693857Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:26:18.782Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T15:10:24.883Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254783" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 254783." } ], "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 254783." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T00:57:32.934Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254783" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container XML external entity injection", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-32327", "datePublished": "2024-02-03T00:57:32.934Z", "dateReserved": "2023-05-08T18:32:34.087Z", "dateUpdated": "2024-08-02T15:10:24.883Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-38369
Vulnerability from cvelistv5
Published
2024-02-07 16:15
Modified
2024-08-02 17:39
Severity ?
EPSS score ?
Summary
IBM Security Access Manager Container information disclosure
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/7106586 | vendor-advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/261196 | vdb-entry |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:39:13.388Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/261196" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Security Verify Access Appliance", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Verify Access Docker", "vendor": "IBM", "versions": [ { "lessThanOrEqual": "10.0.6.1", "status": "affected", "version": "10.0.0.0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does not require that docker images should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 261196." } ], "value": "IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does not require that docker images should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 261196." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-521", "description": "CWE-521 Weak Password Requirements", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-07T16:15:04.324Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7106586" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/261196" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security Access Manager Container information disclosure", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2023-38369", "datePublished": "2024-02-07T16:15:04.324Z", "dateReserved": "2023-07-16T00:53:28.840Z", "dateUpdated": "2024-08-02T17:39:13.388Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-18276
Vulnerability from cvelistv5
Published
2019-11-28 00:27
Modified
2024-08-05 01:47
Severity ?
EPSS score ?
Summary
An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.
References
▼ | URL | Tags |
---|---|---|
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202105-34 | vendor-advisory, x_refsource_GENTOO | |
https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
https://www.youtube.com/watch?v=-wGtxJ8opa8 | x_refsource_MISC | |
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff | x_refsource_CONFIRM | |
http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20200430-0003/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T01:47:14.188Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E" }, { "name": "GLSA-202105-34", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202105-34" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.youtube.com/watch?v=-wGtxJ8opa8" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20200430-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T23:20:34", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E" }, { "name": "GLSA-202105-34", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202105-34" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.youtube.com/watch?v=-wGtxJ8opa8" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20200430-0003/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-18276", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" }, { "name": "GLSA-202105-34", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202105-34" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://www.youtube.com/watch?v=-wGtxJ8opa8", "refsource": "MISC", "url": "https://www.youtube.com/watch?v=-wGtxJ8opa8" }, { "name": "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff", "refsource": "CONFIRM", "url": "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff" }, { "name": "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html" }, { "name": "https://security.netapp.com/advisory/ntap-20200430-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20200430-0003/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-18276", "datePublished": "2019-11-28T00:27:51", "dateReserved": "2019-10-23T00:00:00", "dateUpdated": "2024-08-05T01:47:14.188Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.