Common Weakness Enumeration
CWE-115
AllowedMisinterpretation of Input
Abstraction: Base · Status: Incomplete
The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.
48 vulnerabilities reference this CWE, most recent first.
CVE-2023-0880 (GCVE-0-2023-0880)
Vulnerability from cvelistv5 – Published: 2023-02-17 00:00 – Updated: 2025-03-18 15:57
VLAI
EPSS
VEX
Title
Misinterpretation of Input in thorsten/phpmyfaq
Summary
Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
Severity
8.3 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-115 - Misinterpretation of Input
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| thorsten | thorsten/phpmyfaq |
Affected:
unspecified , < 3.1.11
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:24:34.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/14fc4841-0f5d-4e12-bf9e-1b60d2ac6a6c"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/thorsten/phpmyfaq/commit/a67dca41576834a1ddfee61b9e799b686b75d4fa"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0880",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T15:56:55.411097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T15:57:06.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "thorsten/phpmyfaq",
"vendor": "thorsten",
"versions": [
{
"lessThan": "3.1.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Ahmed Hassan (ahmedvienna)"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Josef Hassan (josefjku)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMisinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11.\u003c/p\u003e"
}
],
"value": "Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115 Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T10:11:04.242Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.dev/bounties/14fc4841-0f5d-4e12-bf9e-1b60d2ac6a6c"
},
{
"url": "https://github.com/thorsten/phpmyfaq/commit/a67dca41576834a1ddfee61b9e799b686b75d4fa"
}
],
"source": {
"advisory": "14fc4841-0f5d-4e12-bf9e-1b60d2ac6a6c",
"discovery": "EXTERNAL"
},
"title": "Misinterpretation of Input in thorsten/phpmyfaq",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2023-0880",
"datePublished": "2023-02-17T00:00:00.000Z",
"dateReserved": "2023-02-17T00:00:00.000Z",
"dateUpdated": "2025-03-18T15:57:06.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21672 (GCVE-0-2022-21672)
Vulnerability from cvelistv5 – Published: 2022-01-10 21:00 – Updated: 2025-04-23 19:13
VLAI
EPSS
VEX
Title
/etc/pki/tls and /etc/ssl/certs include distrusted certificates in make-ca
Summary
make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted certificates trusted by the system. The explicitly untrusted certificates were used by some CAs already hacked. Hostile attackers may perform a MIM attack exploiting them. Everyone using the affected versions of make-ca should upgrade to make-ca-1.10, and run `make-ca -f -g` as the `root` user to regenerate the trusted store immediately. As a workaround, users may delete the untrusted certificates from /etc/pki/tls and /etc/ssl/certs manually (or by a script), but this is not recommended because the manual changes will be overwritten next time running make-ca to update the trusted anchor.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-115 - Misinterpretation of Input
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/lfs-book/make-ca/security/advi… | x_refsource_CONFIRM |
| https://github.com/lfs-book/make-ca/issues/19 | x_refsource_MISC |
| https://github.com/lfs-book/make-ca/pull/20 | x_refsource_MISC |
| https://lists.linuxfromscratch.org/sympa/arc/blfs… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:46:39.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/lfs-book/make-ca/issues/19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/lfs-book/make-ca/pull/20"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:12:26.450363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:13:51.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "make-ca",
"vendor": "lfs-book",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.9, \u003c 1.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted certificates trusted by the system. The explicitly untrusted certificates were used by some CAs already hacked. Hostile attackers may perform a MIM attack exploiting them. Everyone using the affected versions of make-ca should upgrade to make-ca-1.10, and run `make-ca -f -g` as the `root` user to regenerate the trusted store immediately. As a workaround, users may delete the untrusted certificates from /etc/pki/tls and /etc/ssl/certs manually (or by a script), but this is not recommended because the manual changes will be overwritten next time running make-ca to update the trusted anchor."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115: Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-10T21:00:13.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lfs-book/make-ca/issues/19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lfs-book/make-ca/pull/20"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html"
}
],
"source": {
"advisory": "GHSA-m5qh-728v-4xrx",
"discovery": "UNKNOWN"
},
"title": "/etc/pki/tls and /etc/ssl/certs include distrusted certificates in make-ca",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-21672",
"STATE": "PUBLIC",
"TITLE": "/etc/pki/tls and /etc/ssl/certs include distrusted certificates in make-ca"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "make-ca",
"version": {
"version_data": [
{
"version_value": "\u003e= 0.9, \u003c 1.10"
}
]
}
}
]
},
"vendor_name": "lfs-book"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted certificates trusted by the system. The explicitly untrusted certificates were used by some CAs already hacked. Hostile attackers may perform a MIM attack exploiting them. Everyone using the affected versions of make-ca should upgrade to make-ca-1.10, and run `make-ca -f -g` as the `root` user to regenerate the trusted store immediately. As a workaround, users may delete the untrusted certificates from /etc/pki/tls and /etc/ssl/certs manually (or by a script), but this is not recommended because the manual changes will be overwritten next time running make-ca to update the trusted anchor."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115: Misinterpretation of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx",
"refsource": "CONFIRM",
"url": "https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx"
},
{
"name": "https://github.com/lfs-book/make-ca/issues/19",
"refsource": "MISC",
"url": "https://github.com/lfs-book/make-ca/issues/19"
},
{
"name": "https://github.com/lfs-book/make-ca/pull/20",
"refsource": "MISC",
"url": "https://github.com/lfs-book/make-ca/pull/20"
},
{
"name": "https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html",
"refsource": "MISC",
"url": "https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html"
}
]
},
"source": {
"advisory": "GHSA-m5qh-728v-4xrx",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-21672",
"datePublished": "2022-01-10T21:00:13.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:13:51.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20915 (GCVE-0-2022-20915)
Vulnerability from cvelistv5 – Published: 2022-10-10 20:43 – Updated: 2024-11-01 18:49
VLAI
EPSS
VEX
Title
Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability
Summary
A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling of an IPv6 packet that is forwarded from an MPLS and ZBFW-enabled interface in a 6VPE deployment. An attacker could exploit this vulnerability by sending a crafted IPv6 packet sourced from a device on the IPv6-enabled virtual routing and forwarding (VRF) interface through the affected device. A successful exploit could allow the attacker to reload the device, resulting in a DoS condition.
Severity
7.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Affected:
n/a
|
Date Public
2022-09-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220928 Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-6vpe-dos-tJBtf5Zv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:40:28.460351Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T18:49:22.478Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-09-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling of an IPv6 packet that is forwarded from an MPLS and ZBFW-enabled interface in a 6VPE deployment. An attacker could exploit this vulnerability by sending a crafted IPv6 packet sourced from a device on the IPv6-enabled virtual routing and forwarding (VRF) interface through the affected device. A successful exploit could allow the attacker to reload the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-10T00:00:00.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220928 Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-6vpe-dos-tJBtf5Zv"
}
],
"source": {
"advisory": "cisco-sa-iosxe-6vpe-dos-tJBtf5Zv",
"defect": [
[
"CSCwa41184"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20915",
"datePublished": "2022-10-10T20:43:15.634Z",
"dateReserved": "2021-11-02T00:00:00.000Z",
"dateUpdated": "2024-11-01T18:49:22.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3224 (GCVE-0-2022-3224)
Vulnerability from cvelistv5 – Published: 2022-09-15 11:30 – Updated: 2024-08-03 01:00
VLAI
EPSS
VEX
Title
Misinterpretation of Input in ionicabizau/parse-url
Summary
Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0.
Severity
9.4 (Critical)
CWE
- CWE-115 - Misinterpretation of Input
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/3587a567-7fcd-4702-b7c… | x_refsource_CONFIRM |
| https://github.com/ionicabizau/parse-url/commit/9… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ionicabizau | ionicabizau/parse-url |
Affected:
unspecified , < 8.1.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/3587a567-7fcd-4702-b7c9-d9ca565e3c62"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ionicabizau/parse-url/commit/9cacf38de02db0fb1358bd6ec04543e523cd6a8e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ionicabizau/parse-url",
"vendor": "ionicabizau",
"versions": [
{
"lessThan": "8.1.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115 Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-15T11:30:12.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/3587a567-7fcd-4702-b7c9-d9ca565e3c62"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ionicabizau/parse-url/commit/9cacf38de02db0fb1358bd6ec04543e523cd6a8e"
}
],
"source": {
"advisory": "3587a567-7fcd-4702-b7c9-d9ca565e3c62",
"discovery": "EXTERNAL"
},
"title": "Misinterpretation of Input in ionicabizau/parse-url",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-3224",
"STATE": "PUBLIC",
"TITLE": "Misinterpretation of Input in ionicabizau/parse-url"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ionicabizau/parse-url",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "8.1.0"
}
]
}
}
]
},
"vendor_name": "ionicabizau"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115 Misinterpretation of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/3587a567-7fcd-4702-b7c9-d9ca565e3c62",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/3587a567-7fcd-4702-b7c9-d9ca565e3c62"
},
{
"name": "https://github.com/ionicabizau/parse-url/commit/9cacf38de02db0fb1358bd6ec04543e523cd6a8e",
"refsource": "MISC",
"url": "https://github.com/ionicabizau/parse-url/commit/9cacf38de02db0fb1358bd6ec04543e523cd6a8e"
}
]
},
"source": {
"advisory": "3587a567-7fcd-4702-b7c9-d9ca565e3c62",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-3224",
"datePublished": "2022-09-15T11:30:12.000Z",
"dateReserved": "2022-09-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T01:00:10.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1233 (GCVE-0-2022-1233)
Vulnerability from cvelistv5 – Published: 2022-04-04 19:30 – Updated: 2024-08-02 23:55
VLAI
EPSS
VEX
Title
URL Confusion When Scheme Not Supplied in medialize/uri.js
Summary
URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11.
Severity
6.5 (Medium)
CWE
- CWE-115 - Misinterpretation of Input
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://huntr.dev/bounties/228d5548-1109-49f8-8ae… | x_refsource_CONFIRM |
| https://github.com/medialize/uri.js/commit/88805f… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| medialize | medialize/uri.js |
Affected:
unspecified , < 1.19.11
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/228d5548-1109-49f8-8aee-91038e88371c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/medialize/uri.js/commit/88805fd3da03bd7a5e60947adb49d182011f1277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "medialize/uri.js",
"vendor": "medialize",
"versions": [
{
"lessThan": "1.19.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115 Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-04T19:30:15.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/228d5548-1109-49f8-8aee-91038e88371c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/medialize/uri.js/commit/88805fd3da03bd7a5e60947adb49d182011f1277"
}
],
"source": {
"advisory": "228d5548-1109-49f8-8aee-91038e88371c",
"discovery": "EXTERNAL"
},
"title": "URL Confusion When Scheme Not Supplied in medialize/uri.js",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1233",
"STATE": "PUBLIC",
"TITLE": "URL Confusion When Scheme Not Supplied in medialize/uri.js"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "medialize/uri.js",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.19.11"
}
]
}
}
]
},
"vendor_name": "medialize"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115 Misinterpretation of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/228d5548-1109-49f8-8aee-91038e88371c",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/228d5548-1109-49f8-8aee-91038e88371c"
},
{
"name": "https://github.com/medialize/uri.js/commit/88805fd3da03bd7a5e60947adb49d182011f1277",
"refsource": "MISC",
"url": "https://github.com/medialize/uri.js/commit/88805fd3da03bd7a5e60947adb49d182011f1277"
}
]
},
"source": {
"advisory": "228d5548-1109-49f8-8aee-91038e88371c",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1233",
"datePublished": "2022-04-04T19:30:15.000Z",
"dateReserved": "2022-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21366 (GCVE-0-2021-21366)
Vulnerability from cvelistv5 – Published: 2021-03-12 00:00 – Updated: 2024-08-03 18:09
VLAI
EPSS
VEX
Title
Misinterpretation of malicious XML input
Summary
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.4.0 and older do not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and serializing maliciously crafted documents. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This is fixed in version 0.5.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.
Severity
4.3 (Medium)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:09:16.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.npmjs.com/package/xmldom"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xmldom/xmldom/releases/tag/0.5.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135"
},
{
"name": "[debian-lts-announce] 20230101 [SECURITY] [DLA 3260-1] node-xmldom security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "xmldom",
"vendor": "xmldom",
"versions": [
{
"status": "affected",
"version": "\u003c 0.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.4.0 and older do not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and serializing maliciously crafted documents. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This is fixed in version 0.5.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436 Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115: Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-01T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv"
},
{
"url": "https://www.npmjs.com/package/xmldom"
},
{
"url": "https://github.com/xmldom/xmldom/releases/tag/0.5.0"
},
{
"url": "https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135"
},
{
"name": "[debian-lts-announce] 20230101 [SECURITY] [DLA 3260-1] node-xmldom security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00000.html"
}
],
"source": {
"advisory": "GHSA-h6q6-9hqw-rwfv",
"discovery": "UNKNOWN"
},
"title": "Misinterpretation of malicious XML input"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-21366",
"datePublished": "2021-03-12T00:00:00.000Z",
"dateReserved": "2020-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:09:16.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1587 (GCVE-0-2021-1587)
Vulnerability from cvelistv5 – Published: 2021-08-25 19:11 – Updated: 2024-11-07 22:02
VLAI
EPSS
VEX
Title
Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability
Summary
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
n/a
|
Date Public
2021-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210825 Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1587",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:54:27.093740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:02:26.359Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T19:11:06.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210825 Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv"
}
],
"source": {
"advisory": "cisco-sa-nxos-ngoam-dos-LTDb9Hv",
"defect": [
[
"CSCvx66917"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-08-25T16:00:00",
"ID": "CVE-2021-1587",
"STATE": "PUBLIC",
"TITLE": "Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco NX-OS Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific packets with a Transparent Interconnection of Lots of Links (TRILL) OAM EtherType. An attacker could exploit this vulnerability by sending crafted packets, including the TRILL OAM EtherType of 0x8902, to a device that is part of a VXLAN Ethernet VPN (EVPN) fabric. A successful exploit could allow the attacker to cause an affected device to experience high CPU usage and consume excessive system resources, which may result in overall control plane instability and cause the affected device to reload. Note: The NGOAM feature is disabled by default."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210825 Cisco NX-OS Software VXLAN OAM (NGOAM) Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ngoam-dos-LTDb9Hv"
}
]
},
"source": {
"advisory": "cisco-sa-nxos-ngoam-dos-LTDb9Hv",
"defect": [
[
"CSCvx66917"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1587",
"datePublished": "2021-08-25T19:11:06.170Z",
"dateReserved": "2020-11-13T00:00:00.000Z",
"dateUpdated": "2024-11-07T22:02:26.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0207 (GCVE-0-2021-0207)
Vulnerability from cvelistv5 – Published: 2021-01-15 17:35 – Updated: 2024-09-17 02:21
VLAI
EPSS
VEX
Title
NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series: Certain genuine traffic received by the Junos OS device will be discarded instead of forwarded.
Summary
An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon receipt from an ingress interface filtering certain specific types of traffic which is then being redirected to an egress interface on a different VLAN. This causes a Denial of Service (DoS) to those clients sending these particular types of traffic. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious, and can be targeted to the device, or destined through it for the issue to occur. This issues affects IPv4 and IPv6 traffic. An indicator of compromise may be found by checking log files. You may find that traffic on the input interface has 100% of traffic flowing into the device, yet the egress interface shows 0 pps leaving the device. For example: [show interfaces "interface" statistics detail] Output between two interfaces would reveal something similar to: Ingress, first interface: -------------------- Interface Link Input packets (pps) Output packets (pps) et-0/0/0 Up 9999999999 (9999) 1 (0) -------------------- Egress, second interface: -------------------- Interface Link Input packets (pps) Output packets (pps) et-0/0/1 Up 0 (0) 9999999999 (0) -------------------- Dropped packets will not show up in DDoS monitoring/protection counters as issue is not caused by anti-DDoS protection mechanisms. This issue affects: Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S7 on NFX250, QFX5K Series, EX4600; 17.4 versions prior to 17.4R2-S11, 17.4R3-S3 on NFX250, QFX5K Series, EX4600; 18.1 versions prior to 18.1R3-S9 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4600; 18.2 versions prior to 18.2R3-S3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600; 18.3 versions prior to 18.3R3-S1 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 19.1R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.2 versions prior to 19.2R1-S5, 19.2R2 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.3 versions prior to 19.3R2-S3, 19.3R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.4 versions prior to 19.4R1-S2, 19.4R2 on NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series. This issue does not affect Junos OS releases prior to 17.2R2.
Severity
7.5 (High)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA11097 | x_refsource_CONFIRM |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
17.3 , < 17.3R3-S7
(custom)
Affected: 17.4 , < 17.4R2-S11, 17.4R3-S3 (custom) |
|
| Juniper Networks | Junos OS |
Affected:
18.1 , < 18.1R3-S9
(custom)
|
|
| Juniper Networks | Junos OS |
Affected:
18.2 , < 18.2R3-S3
(custom)
|
|
| Juniper Networks | Junos OS |
Affected:
18.3 , < 18.3R3-S1
(custom)
Affected: 18.4 , < 18.4R1-S5, 18.4R2-S3, 18.4R3 (custom) Affected: 19.1 , < 19.1R1-S5, 19.1R2-S1, 19.1R3 (custom) Affected: 19.2 , < 19.2R1-S5, 19.2R2 (custom) Affected: 19.3 , < 19.3R2-S3, 19.3R3 (custom) |
|
| Juniper Networks | Junos OS |
Affected:
19.4 , < 19.4R1-S2, 19.4R2
(custom)
|
Date Public
2021-01-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:32:10.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"NFX250, QFX5K Series, EX4600"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "17.3R3-S7",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "17.4R2-S11, 17.4R3-S3",
"status": "affected",
"version": "17.4",
"versionType": "custom"
}
]
},
{
"platforms": [
"NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4600"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "18.1R3-S9",
"status": "affected",
"version": "18.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "18.2R3-S3",
"status": "affected",
"version": "18.2",
"versionType": "custom"
}
]
},
{
"platforms": [
"NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "18.3R3-S1",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R1-S5, 18.4R2-S3, 18.4R3",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R1-S5, 19.1R2-S1, 19.1R3",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S5, 19.2R2",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R2-S3, 19.3R3",
"status": "affected",
"version": "19.3",
"versionType": "custom"
}
]
},
{
"platforms": [
"NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "19.4R1-S2, 19.4R2",
"status": "affected",
"version": "19.4",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The following minimal configuration is required on two interfaces passing traffic on different vlans between each other:\n set interfaces [interface] unit [unit] family ethernet-switching vlan members [name]\n set vlans [name] vlan-id [unit]"
}
],
"datePublic": "2021-01-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon receipt from an ingress interface filtering certain specific types of traffic which is then being redirected to an egress interface on a different VLAN. This causes a Denial of Service (DoS) to those clients sending these particular types of traffic. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious, and can be targeted to the device, or destined through it for the issue to occur. This issues affects IPv4 and IPv6 traffic. An indicator of compromise may be found by checking log files. You may find that traffic on the input interface has 100% of traffic flowing into the device, yet the egress interface shows 0 pps leaving the device. For example: [show interfaces \"interface\" statistics detail] Output between two interfaces would reveal something similar to: Ingress, first interface: -------------------- Interface Link Input packets (pps) Output packets (pps) et-0/0/0 Up 9999999999 (9999) 1 (0) -------------------- Egress, second interface: -------------------- Interface Link Input packets (pps) Output packets (pps) et-0/0/1 Up 0 (0) 9999999999 (0) -------------------- Dropped packets will not show up in DDoS monitoring/protection counters as issue is not caused by anti-DDoS protection mechanisms. This issue affects: Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S7 on NFX250, QFX5K Series, EX4600; 17.4 versions prior to 17.4R2-S11, 17.4R3-S3 on NFX250, QFX5K Series, EX4600; 18.1 versions prior to 18.1R3-S9 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4600; 18.2 versions prior to 18.2R3-S3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600; 18.3 versions prior to 18.3R3-S1 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 19.1R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.2 versions prior to 19.2R1-S5, 19.2R2 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.3 versions prior to 19.3R2-S3, 19.3R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.4 versions prior to 19.4R1-S2, 19.4R2 on NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series. This issue does not affect Junos OS releases prior to 17.2R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436 Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115 Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-15T17:35:54.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11097"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.3R3-S7, 17.4R2-S11, 17.4R3-S3, 18.1R3-S9, 18.2R3-S3, 18.3R3-S1, 18.4R1-S5, 18.4R2-S3, 18.4R3, 19.1R1-S5, 19.1R2-S1, 19.1R3, 19.2R1-S5, 19.2R2, 19.3R2-S3, 19.3R3, 19.4R1-S2, 19.4R2, 20.1R1 and all subsequent releases."
}
],
"source": {
"advisory": "JSA11097",
"defect": [
"1429543"
],
"discovery": "USER"
},
"title": "NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series: Certain genuine traffic received by the Junos OS device will be discarded instead of forwarded.",
"workarounds": [
{
"lang": "en",
"value": "There are no available workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-01-13T17:00:00.000Z",
"ID": "CVE-2021-0207",
"STATE": "PUBLIC",
"TITLE": "NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series: Certain genuine traffic received by the Junos OS device will be discarded instead of forwarded."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "NFX250, QFX5K Series, EX4600",
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R3-S7"
},
{
"platform": "NFX250, QFX5K Series, EX4600",
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R2-S11, 17.4R3-S3"
},
{
"platform": "NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4600",
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R3-S9"
},
{
"platform": "NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600",
"version_affected": "\u003c",
"version_name": "18.2",
"version_value": "18.2R3-S3"
},
{
"platform": "NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series",
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3-S1"
},
{
"platform": "NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series",
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R1-S5, 18.4R2-S3, 18.4R3"
},
{
"platform": "NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series",
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R1-S5, 19.1R2-S1, 19.1R3"
},
{
"platform": "NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series",
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R1-S5, 19.2R2"
},
{
"platform": "NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series",
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R2-S3, 19.3R3"
},
{
"platform": "NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series",
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R1-S2, 19.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The following minimal configuration is required on two interfaces passing traffic on different vlans between each other:\n set interfaces [interface] unit [unit] family ethernet-switching vlan members [name]\n set vlans [name] vlan-id [unit]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon receipt from an ingress interface filtering certain specific types of traffic which is then being redirected to an egress interface on a different VLAN. This causes a Denial of Service (DoS) to those clients sending these particular types of traffic. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious, and can be targeted to the device, or destined through it for the issue to occur. This issues affects IPv4 and IPv6 traffic. An indicator of compromise may be found by checking log files. You may find that traffic on the input interface has 100% of traffic flowing into the device, yet the egress interface shows 0 pps leaving the device. For example: [show interfaces \"interface\" statistics detail] Output between two interfaces would reveal something similar to: Ingress, first interface: -------------------- Interface Link Input packets (pps) Output packets (pps) et-0/0/0 Up 9999999999 (9999) 1 (0) -------------------- Egress, second interface: -------------------- Interface Link Input packets (pps) Output packets (pps) et-0/0/1 Up 0 (0) 9999999999 (0) -------------------- Dropped packets will not show up in DDoS monitoring/protection counters as issue is not caused by anti-DDoS protection mechanisms. This issue affects: Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S7 on NFX250, QFX5K Series, EX4600; 17.4 versions prior to 17.4R2-S11, 17.4R3-S3 on NFX250, QFX5K Series, EX4600; 18.1 versions prior to 18.1R3-S9 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4600; 18.2 versions prior to 18.2R3-S3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600; 18.3 versions prior to 18.3R3-S1 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 19.1R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.2 versions prior to 19.2R1-S5, 19.2R2 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.3 versions prior to 19.3R2-S3, 19.3R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series; 19.4 versions prior to 19.4R1-S2, 19.4R2 on NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series. This issue does not affect Junos OS releases prior to 17.2R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-436 Interpretation Conflict"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-115 Misinterpretation of Input"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11097",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11097"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.3R3-S7, 17.4R2-S11, 17.4R3-S3, 18.1R3-S9, 18.2R3-S3, 18.3R3-S1, 18.4R1-S5, 18.4R2-S3, 18.4R3, 19.1R1-S5, 19.1R2-S1, 19.1R3, 19.2R1-S5, 19.2R2, 19.3R2-S3, 19.3R3, 19.4R1-S2, 19.4R2, 20.1R1 and all subsequent releases."
}
],
"source": {
"advisory": "JSA11097",
"defect": [
"1429543"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no available workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-0207",
"datePublished": "2021-01-15T17:35:54.872Z",
"dateReserved": "2020-10-27T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:21:57.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29511 (GCVE-0-2020-29511)
Vulnerability from cvelistv5 – Published: 2020-12-14 19:59 – Updated: 2024-09-17 04:09
VLAI
EPSS
VEX
Summary
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.
Severity
9.8 (Critical)
CWE
- CWE-115 - Misinterpretation of Input
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/mattermost/xml-roundtrip-valid… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2021012… | x_refsource_CONFIRM |
Date Public
2020-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Go",
"vendor": "Golang",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2020-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115 Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T06:06:09.000Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0006/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"workarounds": [
{
"lang": "en",
"value": "Untrusted markup in affected applications can be validated using the github.com/mattermost/xml-roundtrip-validator module."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsibledisclosure@mattermost.com",
"DATE_PUBLIC": "2020-12-14T08:00:00.000Z",
"ID": "CVE-2020-29511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Go",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Golang"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115 Misinterpretation of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md",
"refsource": "MISC",
"url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210129-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210129-0006/"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Untrusted markup in affected applications can be validated using the github.com/mattermost/xml-roundtrip-validator module."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2020-29511",
"datePublished": "2020-12-14T19:59:50.700Z",
"dateReserved": "2020-12-03T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:09:22.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29510 (GCVE-0-2020-29510)
Vulnerability from cvelistv5 – Published: 2020-12-14 19:57 – Updated: 2024-09-16 16:48
VLAI
EPSS
VEX
Summary
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.
Severity
9.8 (Critical)
CWE
- CWE-115 - Misinterpretation of Input
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/mattermost/xml-roundtrip-valid… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2021012… | x_refsource_CONFIRM |
Impacted products
Date Public
2020-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Go",
"vendor": "Golang",
"versions": [
{
"lessThanOrEqual": "1.15",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-115",
"description": "CWE-115 Misinterpretation of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-29T06:06:08.000Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210129-0006/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"workarounds": [
{
"lang": "en",
"value": "Untrusted markup in affected applications can be validated using the github.com/mattermost/xml-roundtrip-validator module."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsibledisclosure@mattermost.com",
"DATE_PUBLIC": "2020-12-14T08:00:00.000Z",
"ID": "CVE-2020-29510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Go",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.15"
}
]
}
}
]
},
"vendor_name": "Golang"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-115 Misinterpretation of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md",
"refsource": "MISC",
"url": "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210129-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210129-0006/"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Untrusted markup in affected applications can be validated using the github.com/mattermost/xml-roundtrip-validator module."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2020-29510",
"datePublished": "2020-12-14T19:57:44.107Z",
"dateReserved": "2020-12-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:48:42.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.