Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0384
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Dashboards | Cognos Dashboards versions 4.8.x antérieures à 4.8.9 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions antérieures à 6.2.0, 6.2.3 et 6.2.4 | ||
| IBM | Cognos Dashboards | Cognos Dashboards versions 5.x antérieures à 5.1.3 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Dashboards versions 4.8.x ant\u00e9rieures \u00e0 4.8.9",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions ant\u00e9rieures \u00e0 6.2.0, 6.2.3 et 6.2.4",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards versions 5.x ant\u00e9rieures \u00e0 5.1.3",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2025-33093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33093"
},
{
"name": "CVE-2024-47764",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
}
],
"initial_release_date": "2025-05-09T00:00:00",
"last_revision_date": "2025-05-09T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0384",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7232579",
"url": "https://www.ibm.com/support/pages/node/7232579"
},
{
"published_at": "2025-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7232762",
"url": "https://www.ibm.com/support/pages/node/7232762"
}
]
}
CVE-2025-33093 (GCVE-0-2025-33093)
Vulnerability from cvelistv5
Published
2025-05-07 11:04
Modified
2025-08-28 14:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-260 - Password in Configuration File
Summary
IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Sterling Partner Engagement Manager |
Version: 6.1.0 Version: 6.2.0 Version: 6.2.2 cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.1.2:*:*:*:standard:*:*:* cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.1.2:*:*:*:essentials:*:*:* cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.0:*:*:*:standard:*:*:* cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.0:*:*:*:essentials:*:*:* cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.2:*:*:*:standard:*:*:* cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.2:*:*:*:essentials:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33093",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T13:17:01.976480Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T13:20:00.805Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.1.2:*:*:*:standard:*:*:*",
"cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.1.2:*:*:*:essentials:*:*:*",
"cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.0:*:*:*:standard:*:*:*",
"cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.0:*:*:*:essentials:*:*:*",
"cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.2:*:*:*:standard:*:*:*",
"cpe:2.3:a:ibm:sterling_partner_engagement_manager:6.2.2:*:*:*:essentials:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Sterling Partner Engagement Manager",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1.0"
},
{
"status": "affected",
"version": "6.2.0"
},
{
"status": "affected",
"version": "6.2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret."
}
],
"value": "IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-260",
"description": "CWE-260 Password in Configuration File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:21:26.785Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7232762"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Product Version(s) Remediation/Fix/Instructions\u003cbr\u003eIBM Sterling Partner Engagement Manager Standard Edition / Essentials Edition 6.1.x, 6.2.0,6.2.3, 6.24\u2003\u2003\u20036.2.0,6.2.3,6.2.4"
}
],
"value": "Product Version(s) Remediation/Fix/Instructions\nIBM Sterling Partner Engagement Manager Standard Edition / Essentials Edition 6.1.x, 6.2.0,6.2.3, 6.24\u2003\u2003\u20036.2.0,6.2.3,6.2.4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Sterling Partner Engagement Manager information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-33093",
"datePublished": "2025-05-07T11:04:31.838Z",
"dateReserved": "2025-04-15T17:50:31.398Z",
"dateUpdated": "2025-08-28T14:21:26.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25032 (GCVE-0-2018-25032)
Vulnerability from cvelistv5
Published
2022-03-25 00:00
Modified
2025-05-06 14:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"name": "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"name": "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"name": "DSA-5111",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"name": "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"name": "FEDORA-2022-413a80a102",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"
},
{
"name": "FEDORA-2022-dbd2935e44",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"
},
{
"name": "FEDORA-2022-12b89e2aad",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"
},
{
"name": "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "FEDORA-2022-61cf1c64f6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/issues/605"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"name": "FEDORA-2022-3a92250fd5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"
},
{
"name": "FEDORA-2022-b58a85e167",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"
},
{
"name": "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"name": "GLSA-202210-42",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-25032",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:25.795648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T14:19:53.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"name": "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"name": "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"name": "DSA-5111",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"name": "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"name": "FEDORA-2022-413a80a102",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"
},
{
"name": "FEDORA-2022-dbd2935e44",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"
},
{
"name": "FEDORA-2022-12b89e2aad",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"
},
{
"name": "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "FEDORA-2022-61cf1c64f6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"url": "https://github.com/madler/zlib/issues/605"
},
{
"url": "https://support.apple.com/kb/HT213257"
},
{
"url": "https://support.apple.com/kb/HT213256"
},
{
"url": "https://support.apple.com/kb/HT213255"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"name": "FEDORA-2022-3a92250fd5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"
},
{
"name": "FEDORA-2022-b58a85e167",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"
},
{
"name": "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"name": "GLSA-202210-42",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-25032",
"datePublished": "2022-03-25T00:00:00.000Z",
"dateReserved": "2022-03-25T00:00:00.000Z",
"dateUpdated": "2025-05-06T14:19:53.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45853 (GCVE-0-2023-45853)
Vulnerability from cvelistv5
Published
2023-10-14 00:00
Modified
2024-08-02 20:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "zlib",
"vendor": "zlib",
"versions": [
{
"lessThan": "1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-45853",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T03:55:37.318179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-24T16:17:29.025Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:29:32.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/pull/843"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.winimage.com/zLibDll/minizip.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"
},
{
"tags": [
"x_transferred"
],
"url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"
},
{
"tags": [
"x_transferred"
],
"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"
},
{
"name": "[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/9"
},
{
"name": "[debian-lts-announce] 20231127 [SECURITY] [DLA 3670-1] minizip security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://pypi.org/project/pyminizip/#history"
},
{
"name": "GLSA-202401-18",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-18"
},
{
"name": "[oss-security] 20240124 Re: CVE-2023-45853: overflows in MiniZip in zlib through 1.3",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-24T21:06:19.795482",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/madler/zlib/pull/843"
},
{
"url": "https://www.winimage.com/zLibDll/minizip.html"
},
{
"url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4"
},
{
"url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61"
},
{
"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356"
},
{
"name": "[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/9"
},
{
"name": "[debian-lts-announce] 20231127 [SECURITY] [DLA 3670-1] minizip security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231130-0009/"
},
{
"url": "https://pypi.org/project/pyminizip/#history"
},
{
"name": "GLSA-202401-18",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202401-18"
},
{
"name": "[oss-security] 20240124 Re: CVE-2023-45853: overflows in MiniZip in zlib through 1.3",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-45853",
"datePublished": "2023-10-14T00:00:00",
"dateReserved": "2023-10-14T00:00:00",
"dateUpdated": "2024-08-02T20:29:32.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47764 (GCVE-0-2024-47764)
Vulnerability from cvelistv5
Published
2024-10-04 19:09
Modified
2024-10-04 20:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Summary
cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to 0.7.0, which updates the validation for name, path, and domain.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T20:14:41.037183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T20:14:56.059Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cookie",
"vendor": "jshttp",
"versions": [
{
"status": "affected",
"version": "\u003c 0.7.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to 0.7.0, which updates the validation for name, path, and domain."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:09:46.640Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/jshttp/cookie/security/advisories/GHSA-pxg6-pf52-xh8x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jshttp/cookie/security/advisories/GHSA-pxg6-pf52-xh8x"
},
{
"name": "https://github.com/jshttp/cookie/pull/167",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jshttp/cookie/pull/167"
},
{
"name": "https://github.com/jshttp/cookie/commit/e10042845354fea83bd8f34af72475eed1dadf5c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jshttp/cookie/commit/e10042845354fea83bd8f34af72475eed1dadf5c"
}
],
"source": {
"advisory": "GHSA-pxg6-pf52-xh8x",
"discovery": "UNKNOWN"
},
"title": "cookie accepts cookie name, path, and domain with out of bounds characters"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47764",
"datePublished": "2024-10-04T19:09:46.640Z",
"dateReserved": "2024-09-30T21:28:53.231Z",
"dateUpdated": "2024-10-04T20:14:56.059Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3651 (GCVE-0-2024-3651)
Vulnerability from cvelistv5
Published
2024-07-07 17:22
Modified
2025-10-15 12:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Summary
A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3651",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-07T19:07:43.737156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-07T19:07:50.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:20:00.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kjd/idna",
"vendor": "kjd",
"versions": [
{
"lessThan": "3.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function\u0027s handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333 Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T12:49:38.011Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb"
},
{
"url": "https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"
}
],
"source": {
"advisory": "93d78d07-d791-4b39-a845-cbfabc44aadb",
"discovery": "EXTERNAL"
},
"title": "Denial of Service via Quadratic Complexity in kjd/idna"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-3651",
"datePublished": "2024-07-07T17:22:10.032Z",
"dateReserved": "2024-04-10T23:50:44.569Z",
"dateUpdated": "2025-10-15T12:49:38.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43799 (GCVE-0-2024-43799)
Vulnerability from cvelistv5
Published
2024-09-10 14:45
Modified
2024-09-10 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect() which executes untrusted code. This issue is patched in send 0.19.0.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43799",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T19:34:08.487499Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T19:34:18.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "send",
"vendor": "pillarjs",
"versions": [
{
"status": "affected",
"version": "\u003c 0.19.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect() which executes untrusted code. This issue is patched in send 0.19.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:45:06.761Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
},
{
"name": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
}
],
"source": {
"advisory": "GHSA-m6fv-jmcg-4jfg",
"discovery": "UNKNOWN"
},
"title": "send vulnerable to template injection that can lead to XSS"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43799",
"datePublished": "2024-09-10T14:45:06.761Z",
"dateReserved": "2024-08-16T14:20:37.326Z",
"dateUpdated": "2024-09-10T19:34:18.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45296 (GCVE-0-2024-45296)
Vulnerability from cvelistv5
Published
2024-09-09 19:07
Modified
2025-01-24 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Summary
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pillarjs | path-to-regexp |
Version: < 0.1.10 Version: >= 0.2.0, < 8.0.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pillarjs:path-to-regexp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "path-to-regexp",
"vendor": "pillarjs",
"versions": [
{
"lessThan": "0.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "8.0.0",
"status": "affected",
"version": "0.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45296",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T19:32:57.513942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T19:38:12.783Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-01-24T20:03:07.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250124-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "path-to-regexp",
"vendor": "pillarjs",
"versions": [
{
"status": "affected",
"version": "\u003c 0.1.10"
},
{
"status": "affected",
"version": "\u003e= 0.2.0, \u003c 8.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T19:07:40.313Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
},
{
"name": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"name": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
}
],
"source": {
"advisory": "GHSA-9wv6-86v2-598j",
"discovery": "UNKNOWN"
},
"title": "path-to-regexp outputs backtracking regular expressions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-45296",
"datePublished": "2024-09-09T19:07:40.313Z",
"dateReserved": "2024-08-26T18:25:35.442Z",
"dateUpdated": "2025-01-24T20:03:07.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4068 (GCVE-0-2024-4068)
Vulnerability from cvelistv5
Published
2024-05-13 10:06
Modified
2024-11-06 13:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1050 - Excessive Platform Resource Consumption within a Loop
Summary
The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| micromatch | braces |
Version: 0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:micromatch:braces:3.0.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "braces",
"vendor": "micromatch",
"versions": [
{
"lessThan": "3.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-13T11:10:08.649102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T20:12:58.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:26:57.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micromatch/braces/issues/35"
},
{
"tags": [
"x_transferred"
],
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micromatch/braces/pull/37"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micromatch/braces/pull/40"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.npmjs.com/package/micromatch",
"defaultStatus": "unknown",
"packageName": "braces",
"product": "braces",
"programFiles": [
"lib/parse.js"
],
"repo": "https://github.com/micromatch/braces",
"vendor": "micromatch",
"versions": [
{
"changes": [
{
"at": "3.0.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.0.2",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "M\u00e1rio Teixeira, Checkmarx Research Group"
}
],
"datePublic": "2024-05-13T12:44:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eThe NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1050",
"description": "CWE-1050: Excessive Platform Resource Consumption within a Loop",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T13:10:11.179Z",
"orgId": "596c5446-0ce5-4ba2-aa66-48b3b757a647",
"shortName": "Checkmarx"
},
"references": [
{
"url": "https://github.com/micromatch/braces/issues/35"
},
{
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"url": "https://github.com/micromatch/braces/pull/37"
},
{
"url": "https://github.com/micromatch/braces/pull/40"
},
{
"url": "https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version\u0026nbsp;3.0.3 to mitigate the issue."
}
],
"value": "Update to version\u00a03.0.3 to mitigate the issue."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory Exhaustion in braces",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "596c5446-0ce5-4ba2-aa66-48b3b757a647",
"assignerShortName": "Checkmarx",
"cveId": "CVE-2024-4068",
"datePublished": "2024-05-13T10:06:38.152Z",
"dateReserved": "2024-04-23T13:31:17.738Z",
"dateUpdated": "2024-11-06T13:10:11.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6345 (GCVE-0-2024-6345)
Vulnerability from cvelistv5
Published
2024-07-15 00:00
Modified
2024-08-01 21:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code
Summary
A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pypa | pypa/setuptools |
Version: unspecified < 70.0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:python:setuptools:69.1.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "setuptools",
"vendor": "python",
"versions": [
{
"lessThan": "70.0",
"status": "affected",
"version": "69.1.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6345",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T13:33:16.586239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:38:34.323Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:33:05.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pypa/setuptools",
"vendor": "pypa",
"versions": [
{
"lessThan": "70.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T00:00:14.545Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5"
},
{
"url": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0"
}
],
"source": {
"advisory": "d6362117-ad57-4e83-951f-b8141c6e7ca5",
"discovery": "EXTERNAL"
},
"title": "Remote Code Execution in pypa/setuptools"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-6345",
"datePublished": "2024-07-15T00:00:14.545Z",
"dateReserved": "2024-06-26T08:16:17.895Z",
"dateUpdated": "2024-08-01T21:33:05.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52798 (GCVE-0-2024-52798)
Vulnerability from cvelistv5
Published
2024-12-05 22:45
Modified
2025-01-24 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1333 - Inefficient Regular Expression Complexity
Summary
path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgrade to 0.1.12. This vulnerability exists because of an incomplete fix for CVE-2024-45296.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pillarjs | path-to-regexp |
Version: < 0.1.12 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pillarjs:path-to-regexp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "path-to-regexp",
"vendor": "pillarjs",
"versions": [
{
"lessThan": "0.1.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52798",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T14:53:29.827845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T14:54:43.939Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-01-24T20:03:11.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250124-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "path-to-regexp",
"vendor": "pillarjs",
"versions": [
{
"status": "affected",
"version": "\u003c 0.1.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgrade to 0.1.12. This vulnerability exists because of an incomplete fix for CVE-2024-45296."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T22:45:42.774Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w"
},
{
"name": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4"
}
],
"source": {
"advisory": "GHSA-rhx6-c78j-4q9w",
"discovery": "UNKNOWN"
},
"title": "path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-52798",
"datePublished": "2024-12-05T22:45:42.774Z",
"dateReserved": "2024-11-15T17:11:13.440Z",
"dateUpdated": "2025-01-24T20:03:11.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32681 (GCVE-0-2023-32681)
Vulnerability from cvelistv5
Published
2023-05-26 17:02
Modified
2025-02-13 16:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q"
},
{
"name": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5"
},
{
"name": "https://github.com/psf/requests/releases/tag/v2.31.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/psf/requests/releases/tag/v2.31.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-08"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32681",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T19:35:47.263757Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:35:55.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "requests",
"vendor": "psf",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.3.0, \u003c 2.31.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T08:07:02.389Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q"
},
{
"name": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5"
},
{
"name": "https://github.com/psf/requests/releases/tag/v2.31.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/psf/requests/releases/tag/v2.31.0"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYASTZDGQG2BWLSNBPL3TQRL2G7QYNZ/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html"
},
{
"url": "https://security.gentoo.org/glsa/202309-08"
}
],
"source": {
"advisory": "GHSA-j8r2-6x86-q33q",
"discovery": "UNKNOWN"
},
"title": "Unintended leak of Proxy-Authorization header in requests"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32681",
"datePublished": "2023-05-26T17:02:52.899Z",
"dateReserved": "2023-05-11T16:33:45.731Z",
"dateUpdated": "2025-02-13T16:54:56.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…