{"vulnerability": "CVE-2023-3423", "sightings": [{"uuid": "ffaaa119-e95c-4bb8-b64b-2c23cf0ce779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34231", "type": "seen", "source": "https://t.me/kasraone_com/352", "content": "\ud83d\udd34 CVE \n\n     CVE-2023-34231\n\n\u06af\u0648\u0633\u0646\u0648\u0641\u0644\u06cc\u06a9 \u06cc\u06a9 \u062f\u0631\u0627\u06cc\u0648\u0631 \u06af\u0648\u0644\u0627\u0646\u06af \u0628\u0631\u0627\u06cc \u0633\u0646\u0648\u0641\u0644\u06cc\u06a9 \u0627\u0633\u062a. \u0642\u0628\u0644 \u0627\u0632 \u0646\u0633\u062e\u0647 1.6.19\u060c \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062a\u0632\u0631\u06cc\u0642 \u062f\u0633\u062a\u0648\u0631 \u062f\u0631 \u062f\u0631\u0627\u06cc\u0648\u0631 \u06af\u0648\u0644\u0627\u0646\u06af \u0633\u0646\u0648\u0641\u0644\u06cc\u06a9 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062a\u0623\u06cc\u06cc\u062f \u0647\u0648\u06cc\u062a \u062a\u06a9 \u0639\u0644\u0627\u0645\u062a (SSO) \u0627\u0632 \u0637\u0631\u06cc\u0642 URL \u0645\u0631\u0648\u0631\u06af\u0631 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0642\u0627\u0628\u0644\u06cc\u062a \u062a\u0632\u0631\u06cc\u0642 \u062f\u0633\u062a\u0648\u0631\u060c \u062d\u0645\u0644\u0647\u200c\u06a9\u0646\u0646\u062f\u0647 \u0628\u0627\u06cc\u062f \u0645\u0648\u0641\u0642 \u0634\u0648\u062f (1) \u0645\u0646\u0628\u0639 \u0645\u062e\u0631\u0628 \u0631\u0627 \u0628\u0631\u067e\u0627 \u06a9\u0646\u062f \u0648 (2) \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0631\u0627 \u0628\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u0646\u0628\u0639 \u0647\u062f\u0627\u06cc\u062a \u06a9\u0646\u062f. \u062d\u0645\u0644\u0647\u200c\u06a9\u0646\u0646\u062f\u0647 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u06cc\u06a9 \u0633\u0631\u0648\u0631 \u0645\u062e\u0631\u0628 \u0648 \u0642\u0627\u0628\u0644 \u062f\u0633\u062a\u0631\u0633 \u0639\u0645\u0648\u0645\u06cc \u0631\u0627 \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0647 URL SSO \u0628\u0627 \u06cc\u06a9 \u0628\u0627\u0631\u06af\u06cc\u0631\u06cc \u062d\u0645\u0644\u0647 \u067e\u0627\u0633\u062e \u062f\u0647\u062f. \u0627\u06af\u0631 \u062d\u0645\u0644\u0647\u200c\u06a9\u0646\u0646\u062f\u0647 \u0633\u067e\u0633 \u06a9\u0627\u0631\u0628\u0631 \u0631\u0627 \u0628\u0647 \u0628\u0627\u0632\u062f\u06cc\u062f \u0627\u0632 URL \u0627\u062a\u0635\u0627\u0644 \u0645\u062e\u0635\u0648\u0635 \u062e\u0648\u062f \u0641\u0631\u0627\u0645\u0648\u0634 \u0646\u0634\u062f\u0647 \u0647\u062f\u0627\u06cc\u062a \u06a9\u0646\u062f\u060c \u062f\u0633\u062a\u06af\u0627\u0647 \u0645\u062d\u0644\u06cc \u06a9\u0627\u0631\u0628\u0631 \u067e\u0627\u0633\u062e \u0645\u062e\u0631\u0628 \u0631\u0627 \u0646\u0634\u0627\u0646 \u062e\u0648\u0627\u0647\u062f \u062f\u0627\u062f \u0648 \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u062e\u0648\u0627\u0647\u062f \u0634\u062f. \u0627\u06cc\u0646 \u0633\u0646\u0627\u0631\u06cc\u0648\u06cc \u062d\u0645\u0644\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0644\u06cc\u0633\u062a \u0633\u0641\u06cc\u062f \u06a9\u0631\u062f\u0646 URL \u0648 \u0645\u0646\u0627\u0628\u0639 \u0645\u062a\u062f\u0627\u0648\u0644 \u0636\u062f \u0641\u06cc\u0634\u06cc\u0646\u06af \u0645\u0647\u0627\u0631 \u0634\u0648\u062f. \u06cc\u06a9 \u067e\u0686 \u062f\u0631 \u0646\u0633\u062e\u0647 1.6.19 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0627\u0633\u062a.\n \n#kasraone #Bug_Bounty #Hunters", "creation_timestamp": "2023-07-06T05:18:10.000000Z"}, {"uuid": "85ef17a9-494e-4d9e-b123-1f133ce5b6db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34233", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lztuw35igs2j", "content": "", "creation_timestamp": "2025-09-27T21:02:27.581953Z"}, {"uuid": "1805471c-4272-4c69-9d3d-be16d5a278b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34230", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m65cuot4ms2q", "content": "", "creation_timestamp": "2025-11-21T12:46:57.820404Z"}, {"uuid": "a89343da-b09b-484d-afac-7f39408a26c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34231", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m65cuot4ms2q", "content": "", "creation_timestamp": "2025-11-21T12:46:57.899258Z"}, {"uuid": "b8e48b3c-d1a4-48d5-8089-db959abb249a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34236", "type": "seen", "source": "https://t.me/cibsecurity/66762", "content": "\u203c CVE-2023-34236 \u203c\n\nWeave GitOps Terraform Controller (aka Weave TF-controller) is a controller for Flux to reconcile Terraform resources in a GitOps way. A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This vulnerability stems from Weave GitOps Terraform Runners (`tf-runner`), where sensitive data is inadvertently printed - potentially revealing sensitive user data in their pod logs. In particular, functions `tfexec.ShowPlan`, `tfexec.ShowPlanRaw`, and `tfexec.Output` are implicated when the `tfexec` object set its `Stdout` and `Stderr` to be `os.Stdout` and `os.Stderr`. An unauthorized remote attacker could exploit this vulnerability by accessing these prints of sensitive information, which may contain configurations or tokens that could be used to gain unauthorized control or access to resources managed by the Terraform controller. A successful exploit could allow the attacker to utilize this sensitive data, potentially leading to unauthorized access or control of the system. This vulnerability has been addressed in Weave GitOps Terraform Controller versions `v0.14.4` and `v0.15.0-rc.5`. Users are urged to upgrade to one of these versions to mitigate the vulnerability. As a temporary measure until the patch can be applied, users can add the environment variable `DISABLE_TF_LOGS` to the tf-runners via the runner pod template of the Terraform Custom Resource. This will prevent the logging of sensitive information and mitigate the risk of this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-15T02:22:40.000000Z"}, {"uuid": "c3fa81b2-926a-4092-a005-04c49ebb7311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34232", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/226", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34232\n\ud83d\udd39 Description: snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user\u2019s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 1.6.21 contains a patch for this issue.\n\ud83d\udccf Published: 2023-06-08T20:17:49.734Z\n\ud83d\udccf Modified: 2025-01-06T20:19:54.764Z\n\ud83d\udd17 References:\n1. https://github.com/snowflakedb/snowflake-connector-nodejs/security/advisories/GHSA-h53w-7qw7-vh5c\n2. https://github.com/snowflakedb/snowflake-connector-nodejs/pull/465\n3. https://github.com/snowflakedb/snowflake-connector-nodejs/commit/0c9622ae12cd7d627df404b73a783b4a5f60728a\n4. https://community.snowflake.com/s/article/Node-js-Driver-Release-Notes", "creation_timestamp": "2025-01-06T20:49:59.000000Z"}, {"uuid": "1f93424b-68c0-4acf-8428-18dd4c0e3784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34232", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/10095", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34232\n\ud83d\udd39 Description: snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions prior to 1.6.21. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user\u2019s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 1.6.21 contains a patch for this issue.\n\ud83d\udccf Published: 2023-06-08T20:17:49.734Z\n\ud83d\udccf Modified: 2025-01-06T20:19:54.764Z\n\ud83d\udd17 References:\n1. https://github.com/snowflakedb/snowflake-connector-nodejs/security/advisories/GHSA-h53w-7qw7-vh5c\n2. https://github.com/snowflakedb/snowflake-connector-nodejs/pull/465\n3. https://github.com/snowflakedb/snowflake-connector-nodejs/commit/0c9622ae12cd7d627df404b73a783b4a5f60728a\n4. https://community.snowflake.com/s/article/Node-js-Driver-Release-Notes", "creation_timestamp": "2025-01-06T21:50:12.000000Z"}, {"uuid": "9510d589-e292-4fc2-a8de-c3d136d238d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34230", "type": "seen", "source": "https://t.me/arpsyndicate/2731", "content": "#ExploitObserverAlert\n\nCVE-2023-34230\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-34230. snowflake-connector-net, the Snowflake Connector for .NET, is vulnerable to command injection prior to version 2.0.18 via SSO URL authentication. In order to exploit the potential for command injection, an attacker would need to be successful in (1) establishing a malicious resource and (2) redirecting users to utilize the resource. The attacker could set up a malicious, publicly accessible server which responds to the SSO URL with an attack payload. If the attacker then tricked a user into visiting the maliciously crafted connection URL, the user\u2019s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources. Version 2.0.18 fixes this issue.\n\nFIRST-EPSS: 0.002700000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-09T08:10:15.000000Z"}, {"uuid": "2d926baf-c975-46f1-8112-2ae0acd2ff69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34234", "type": "seen", "source": "https://t.me/cibsecurity/65047", "content": "\u203c CVE-2023-34234 \u203c\n\nOpenZeppelin Contracts is a library for smart contract development. By frontrunning the creation of a proposal, an attacker can become the proposer and gain the ability to cancel it. The attacker can do this repeatedly to try to prevent a proposal from being proposed at all. This impacts the `Governor` contract in v4.9.0 only, and the `GovernorCompatibilityBravo` contract since v4.3.0. This problem has been patched in 4.9.1 by introducing opt-in frontrunning protection. Users are advised to upgrade. Users unable to upgrade may submit the proposal creation transaction to an endpoint with frontrunning protection as a workaround.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-07T22:35:57.000000Z"}, {"uuid": "aa66c72d-cf01-4dfb-8498-fab976f0a5d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3423", "type": "seen", "source": "https://t.me/cibsecurity/65567", "content": "\u203c CVE-2023-3423 \u203c\n\nWeak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-27T08:08:59.000000Z"}]}