Action not permitted
Modal body text goes here.
wid-sec-w-2023-0561
Vulnerability from csaf_certbund
Published
2023-03-02 23:00
Modified
2023-05-18 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0561 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0561.json" }, { "category": "self", "summary": "WID-SEC-2023-0561 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0561" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-007 vom 2023-05-18", "url": "https://security.business.xerox.com/wp-content/uploads/2023/05/Xerox-Security-Bulletin-XRX23-007-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-005 vom 2023-04-04", "url": "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-002 vom 2023-03-23", "url": "https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf" }, { "category": "external", "summary": "Xerox Mini Bulletin XRX21A vom 2023-03-02", "url": "https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-001-FreeFlow%C2%AE-Print-Server-v7.pdf" } ], "source_lang": "en-US", "title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-05-18T22:00:00.000+00:00", "generator": { "date": "2024-08-15T17:46:07.359+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-0561", "initial_release_date": "2023-03-02T23:00:00.000+00:00", "revision_history": [ { "date": "2023-03-02T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-03-22T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2023-04-03T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2023-05-18T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von XEROX aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server 7", "product": { "name": "Xerox FreeFlow Print Server 7", "product_id": "T000872", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:7" } } }, { "category": "product_name", "name": "Xerox FreeFlow Print Server 9", "product": { "name": "Xerox FreeFlow Print Server 9", "product_id": "T002977", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:9" } } }, { "category": "product_name", "name": "Xerox FreeFlow Print Server v2", "product": { "name": "Xerox FreeFlow Print Server v2", "product_id": "T014888", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v2" } } } ], "category": "product_name", "name": "FreeFlow Print Server" } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-21900", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2023-21900" }, { "cve": "CVE-2023-21843", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2023-21843" }, { "cve": "CVE-2023-21835", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2023-21835" }, { "cve": "CVE-2023-21830", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2023-21830" }, { "cve": "CVE-2022-46882", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-46882" }, { "cve": "CVE-2022-46881", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-46881" }, { "cve": "CVE-2022-46880", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-46880" }, { "cve": "CVE-2022-46878", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-46878" }, { "cve": "CVE-2022-46875", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-46875" }, { "cve": "CVE-2022-46874", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-46874" }, { "cve": "CVE-2022-46872", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-46872" }, { "cve": "CVE-2022-45421", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45421" }, { "cve": "CVE-2022-45420", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45420" }, { "cve": "CVE-2022-45419", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45419" }, { "cve": "CVE-2022-45418", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45418" }, { "cve": "CVE-2022-45417", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45417" }, { "cve": "CVE-2022-45416", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45416" }, { "cve": "CVE-2022-45415", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45415" }, { "cve": "CVE-2022-45414", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45414" }, { "cve": "CVE-2022-45413", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45413" }, { "cve": "CVE-2022-45412", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45412" }, { "cve": "CVE-2022-45411", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45411" }, { "cve": "CVE-2022-45410", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45410" }, { "cve": "CVE-2022-45409", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45409" }, { "cve": "CVE-2022-45408", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45408" }, { "cve": "CVE-2022-45407", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45407" }, { "cve": "CVE-2022-45406", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45406" }, { "cve": "CVE-2022-45405", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45405" }, { "cve": "CVE-2022-45404", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45404" }, { "cve": "CVE-2022-45403", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45403" }, { "cve": "CVE-2022-45063", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45063" }, { "cve": "CVE-2022-45061", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-45061" }, { "cve": "CVE-2022-44638", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-44638" }, { "cve": "CVE-2022-43680", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-43680" }, { "cve": "CVE-2022-43548", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-43548" }, { "cve": "CVE-2022-42932", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-42932" }, { "cve": "CVE-2022-42929", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-42929" }, { "cve": "CVE-2022-42928", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-42928" }, { "cve": "CVE-2022-42927", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-42927" }, { "cve": "CVE-2022-42252", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-42252" }, { "cve": "CVE-2022-41556", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-41556" }, { "cve": "CVE-2022-41323", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-41323" }, { "cve": "CVE-2022-40962", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-40962" }, { "cve": "CVE-2022-40960", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-40960" }, { "cve": "CVE-2022-40959", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-40959" }, { "cve": "CVE-2022-40958", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-40958" }, { "cve": "CVE-2022-40957", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-40957" }, { "cve": "CVE-2022-40956", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-40956" }, { "cve": "CVE-2022-40674", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-40674" }, { "cve": "CVE-2022-3970", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3970" }, { "cve": "CVE-2022-39260", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-39260" }, { "cve": "CVE-2022-39253", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-39253" }, { "cve": "CVE-2022-3786", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3786" }, { "cve": "CVE-2022-37797", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-37797" }, { "cve": "CVE-2022-37454", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-37454" }, { "cve": "CVE-2022-37436", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-37436" }, { "cve": "CVE-2022-36760", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-36760" }, { "cve": "CVE-2022-3627", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3627" }, { "cve": "CVE-2022-3626", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3626" }, { "cve": "CVE-2022-36087", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-36087" }, { "cve": "CVE-2022-36059", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-36059" }, { "cve": "CVE-2022-3602", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3602" }, { "cve": "CVE-2022-3599", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3599" }, { "cve": "CVE-2022-3598", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3598" }, { "cve": "CVE-2022-3597", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3597" }, { "cve": "CVE-2022-3570", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3570" }, { "cve": "CVE-2022-35256", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-35256" }, { "cve": "CVE-2022-35255", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-35255" }, { "cve": "CVE-2022-34526", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-34526" }, { "cve": "CVE-2022-3276", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3276" }, { "cve": "CVE-2022-32222", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-32222" }, { "cve": "CVE-2022-32215", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-32215" }, { "cve": "CVE-2022-32213", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-32213" }, { "cve": "CVE-2022-32212", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-32212" }, { "cve": "CVE-2022-3204", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3204" }, { "cve": "CVE-2022-3190", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3190" }, { "cve": "CVE-2022-31630", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-31630" }, { "cve": "CVE-2022-31629", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-31629" }, { "cve": "CVE-2022-31628", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-31628" }, { "cve": "CVE-2022-3155", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3155" }, { "cve": "CVE-2022-3034", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3034" }, { "cve": "CVE-2022-3033", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3033" }, { "cve": "CVE-2022-3032", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-3032" }, { "cve": "CVE-2022-29458", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-29458" }, { "cve": "CVE-2022-29187", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-29187" }, { "cve": "CVE-2022-29154", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-29154" }, { "cve": "CVE-2022-2869", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2869" }, { "cve": "CVE-2022-2868", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2868" }, { "cve": "CVE-2022-2867", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2867" }, { "cve": "CVE-2022-27406", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-27406" }, { "cve": "CVE-2022-27405", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-27405" }, { "cve": "CVE-2022-27404", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-27404" }, { "cve": "CVE-2022-26981", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-26981" }, { "cve": "CVE-2022-24765", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-24765" }, { "cve": "CVE-2022-24070", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-24070" }, { "cve": "CVE-2022-23901", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-23901" }, { "cve": "CVE-2022-22844", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-22844" }, { "cve": "CVE-2022-2210", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2210" }, { "cve": "CVE-2022-2208", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2208" }, { "cve": "CVE-2022-2207", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2207" }, { "cve": "CVE-2022-2206", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2206" }, { "cve": "CVE-2022-2183", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2183" }, { "cve": "CVE-2022-2175", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2175" }, { "cve": "CVE-2022-21658", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-21658" }, { "cve": "CVE-2022-21628", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-21628" }, { "cve": "CVE-2022-21626", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-21626" }, { "cve": "CVE-2022-21624", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-21624" }, { "cve": "CVE-2022-21619", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-21619" }, { "cve": "CVE-2022-2125", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2125" }, { "cve": "CVE-2022-2122", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2122" }, { "cve": "CVE-2022-2058", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2058" }, { "cve": "CVE-2022-2057", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2057" }, { "cve": "CVE-2022-2056", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-2056" }, { "cve": "CVE-2022-1925", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-1925" }, { "cve": "CVE-2022-1924", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-1924" }, { "cve": "CVE-2022-1923", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-1923" }, { "cve": "CVE-2022-1922", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-1922" }, { "cve": "CVE-2022-1921", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-1921" }, { "cve": "CVE-2022-1920", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-1920" }, { "cve": "CVE-2022-1348", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-1348" }, { "cve": "CVE-2022-1056", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-1056" }, { "cve": "CVE-2022-0924", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-0924" }, { "cve": "CVE-2022-0909", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-0909" }, { "cve": "CVE-2022-0908", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-0908" }, { "cve": "CVE-2022-0907", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-0907" }, { "cve": "CVE-2022-0891", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-0891" }, { "cve": "CVE-2022-0865", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-0865" }, { "cve": "CVE-2022-0562", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-0562" }, { "cve": "CVE-2022-0561", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2022-0561" }, { "cve": "CVE-2021-46848", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2021-46848" }, { "cve": "CVE-2021-46823", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2021-46823" }, { "cve": "CVE-2021-42694", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2021-42694" }, { "cve": "CVE-2021-42574", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2021-42574" }, { "cve": "CVE-2021-37750", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2021-37750" }, { "cve": "CVE-2021-28544", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2021-28544" }, { "cve": "CVE-2020-10735", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2020-10735" }, { "cve": "CVE-2019-6111", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2019-6111" }, { "cve": "CVE-2018-7160", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2018-7160" }, { "cve": "CVE-2015-20107", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2015-20107" }, { "cve": "CVE-2006-20001", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T014888", "T000872", "T002977" ] }, "release_date": "2023-03-02T23:00:00.000+00:00", "title": "CVE-2006-20001" } ] }
cve-2022-34526
Vulnerability from cvelistv5
Published
2022-07-29 00:00
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:15:15.727Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/433" }, { "name": "FEDORA-2022-83b9a5bf0f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FC6LWPAEKYJ57LSHX4SBFMLRMLOZTHIJ/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220930-0002/" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/486" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the \"tiffsplit\" or \"tiffcrop\" utilities." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/433" }, { "name": "FEDORA-2022-83b9a5bf0f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FC6LWPAEKYJ57LSHX4SBFMLRMLOZTHIJ/" }, { "url": "https://security.netapp.com/advisory/ntap-20220930-0002/" }, { "url": "https://gitlab.com/libtiff/libtiff/-/issues/486" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-34526", "datePublished": "2022-07-29T00:00:00", "dateReserved": "2022-06-26T00:00:00", "dateUpdated": "2024-08-03T09:15:15.727Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-7160
Vulnerability from cvelistv5
Published
2018-05-17 14:00
Modified
2024-09-17 01:35
Severity ?
EPSS score ?
Summary
The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access.
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC | |
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ | x_refsource_CONFIRM | |
https://support.f5.com/csp/article/K63025104?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | The Node.js Project | Node.js |
Version: ^6.0.0 || ^8.0.0 || ^9.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T06:24:10.499Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support\u0026amp%3Butm_medium=RSS" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Node.js", "vendor": "The Node.js Project", "versions": [ { "status": "affected", "version": "^6.0.0 || ^8.0.0 || ^9.0.0" } ] } ], "datePublic": "2018-03-21T00:00:00", "descriptions": [ { "lang": "en", "value": "The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-350", "description": "CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-20T22:53:16", "orgId": "386269d4-a6c6-4eaa-bf8e-bc0b0d010558", "shortName": "nodejs" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support\u0026amp%3Butm_medium=RSS" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve-request@iojs.org", "DATE_PUBLIC": "2018-03-21T00:00:00", "ID": "CVE-2018-7160", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Node.js", "version": { "version_data": [ { "version_value": "^6.0.0 || ^8.0.0 || ^9.0.0" } ] } } ] }, "vendor_name": "The Node.js Project" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/", "refsource": "CONFIRM", "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/" }, { "name": "https://support.f5.com/csp/article/K63025104?utm_source=f5support\u0026amp;utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support\u0026amp;utm_medium=RSS" } ] } } } }, "cveMetadata": { "assignerOrgId": "386269d4-a6c6-4eaa-bf8e-bc0b0d010558", "assignerShortName": "nodejs", "cveId": "CVE-2018-7160", "datePublished": "2018-05-17T14:00:00Z", "dateReserved": "2018-02-15T00:00:00", "dateUpdated": "2024-09-17T01:35:37.449Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2210
Vulnerability from cvelistv5
Published
2022-06-27 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.749Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/020845f8-f047-4072-af0f-3726fe1aea25" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c101abff4c6756db4f5e740fde289decb9452efa" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/020845f8-f047-4072-af0f-3726fe1aea25" }, { "url": "https://github.com/vim/vim/commit/c101abff4c6756db4f5e740fde289decb9452efa" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "020845f8-f047-4072-af0f-3726fe1aea25", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2210", "datePublished": "2022-06-27T00:00:00", "dateReserved": "2022-06-26T00:00:00", "dateUpdated": "2024-08-03T00:32:08.749Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37797
Vulnerability from cvelistv5
Published
2022-09-12 00:00
Modified
2024-08-03 10:37
Severity ?
EPSS score ?
Summary
In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.
References
▼ | URL | Tags |
---|---|---|
https://redmine.lighttpd.net/issues/3165 | ||
https://www.debian.org/security/2022/dsa-5243 | vendor-advisory | |
https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html | mailing-list | |
https://security.gentoo.org/glsa/202210-12 | vendor-advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:37:41.657Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://redmine.lighttpd.net/issues/3165" }, { "name": "DSA-5243", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5243" }, { "name": "[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html" }, { "name": "GLSA-202210-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://redmine.lighttpd.net/issues/3165" }, { "name": "DSA-5243", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5243" }, { "name": "[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html" }, { "name": "GLSA-202210-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-12" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37797", "datePublished": "2022-09-12T00:00:00", "dateReserved": "2022-08-08T00:00:00", "dateUpdated": "2024-08-03T10:37:41.657Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21628
Vulnerability from cvelistv5
Published
2022-10-18 00:00
Modified
2024-11-20 14:43
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u341 Version: Oracle Java SE:8u345-perf Version: Oracle Java SE:11.0.16.1 Version: Oracle Java SE:17.0.4.1 Version: Oracle Java SE:19 Version: Oracle GraalVM Enterprise Edition:20.3.7 Version: Oracle GraalVM Enterprise Edition:21.3.3 Version: Oracle GraalVM Enterprise Edition:22.2.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:46:39.220Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "name": "FEDORA-2022-b050ae8974", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "name": "FEDORA-2022-5d494ab9ab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/" }, { "name": "FEDORA-2022-1c07902a5e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "name": "FEDORA-2022-361f34f2a9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "name": "FEDORA-2022-f76014ae17", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/" }, { "name": "FEDORA-2022-d989953883", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-25" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-21628", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-01-23T16:44:33.706023Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-20T14:43:49.731Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u341" }, { "status": "affected", "version": "Oracle Java SE:8u345-perf" }, { "status": "affected", "version": "Oracle Java SE:11.0.16.1" }, { "status": "affected", "version": "Oracle Java SE:17.0.4.1" }, { "status": "affected", "version": "Oracle Java SE:19" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.7" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.3" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:22.2.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-03T00:00:00", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "name": "FEDORA-2022-b050ae8974", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "name": "FEDORA-2022-5d494ab9ab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/" }, { "name": "FEDORA-2022-1c07902a5e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "name": "FEDORA-2022-361f34f2a9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "name": "FEDORA-2022-f76014ae17", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/" }, { "name": "FEDORA-2022-d989953883", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "url": "https://security.gentoo.org/glsa/202401-25" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2022-21628", "datePublished": "2022-10-18T00:00:00", "dateReserved": "2021-11-15T00:00:00", "dateUpdated": "2024-11-20T14:43:49.731Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21619
Vulnerability from cvelistv5
Published
2022-10-18 00:00
Modified
2024-08-03 02:46
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u341 Version: Oracle Java SE:8u345-perf Version: Oracle Java SE:11.0.16.1 Version: Oracle Java SE:17.0.4.1 Version: Oracle Java SE:19 Version: Oracle GraalVM Enterprise Edition:20.3.7 Version: Oracle GraalVM Enterprise Edition:21.3.3 Version: Oracle GraalVM Enterprise Edition:22.2.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:46:39.137Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "name": "FEDORA-2022-b050ae8974", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "name": "FEDORA-2022-5d494ab9ab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/" }, { "name": "FEDORA-2022-1c07902a5e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "name": "FEDORA-2022-361f34f2a9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "name": "FEDORA-2022-f76014ae17", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/" }, { "name": "FEDORA-2022-d989953883", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-25" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u341" }, { "status": "affected", "version": "Oracle Java SE:8u345-perf" }, { "status": "affected", "version": "Oracle Java SE:11.0.16.1" }, { "status": "affected", "version": "Oracle Java SE:17.0.4.1" }, { "status": "affected", "version": "Oracle Java SE:19" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.7" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.3" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:22.2.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-03T00:00:00", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "name": "FEDORA-2022-b050ae8974", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "name": "FEDORA-2022-5d494ab9ab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/" }, { "name": "FEDORA-2022-1c07902a5e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "name": "FEDORA-2022-361f34f2a9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "name": "FEDORA-2022-f76014ae17", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/" }, { "name": "FEDORA-2022-d989953883", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "url": "https://security.gentoo.org/glsa/202401-25" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2022-21619", "datePublished": "2022-10-18T00:00:00", "dateReserved": "2021-11-15T00:00:00", "dateUpdated": "2024-08-03T02:46:39.137Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45408
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:56.990Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1793829" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Fullscreen notification bypass via windowName", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1793829" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45408", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:56.990Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-39253
Vulnerability from cvelistv5
Published
2022-10-19 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Git subject to exposure of sensitive information via local clone of symbolic links
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:00:43.267Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85" }, { "name": "FEDORA-2022-12790ca71a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VFYXCTLOSESYIP72BUYD6ECDIMUM4WMB/" }, { "name": "FEDORA-2022-8b58806840", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213496" }, { "name": "FEDORA-2022-53aadd995f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/" }, { "name": "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Nov/1" }, { "name": "FEDORA-2022-2c33bba286", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMQWGMDLX6KTVWW5JZLVPI7ICAK72TN7/" }, { "name": "FEDORA-2022-fb088df94c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/" }, { "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html" }, { "name": "[oss-security] 20230214 [Announce] Git 2.39.2 and friends", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/02/14/5" }, { "name": "GLSA-202312-15", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202312-15" }, { "name": "[oss-security] 20240514 git: 5 vulnerabilities fixed", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/05/14/2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "git", "vendor": "git", "versions": [ { "status": "affected", "version": "\u003c 2.30.6" }, { "status": "affected", "version": "\u003c 2.31.5" }, { "status": "affected", "version": "\u003c 2.32.4" }, { "status": "affected", "version": "\u003c 2.33.5" }, { "status": "affected", "version": "\u003c 2.34.5" }, { "status": "affected", "version": "\u003c 2.35.5" }, { "status": "affected", "version": "\u003c 2.36.3" }, { "status": "affected", "version": "\u003c 2.37.4" } ] } ], "descriptions": [ { "lang": "en", "value": "Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source\u0027s `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via `--no-hardlinks`). A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim\u0027s machine. This can be done either by having the victim clone a malicious repository on the same machine, or having them clone a malicious repository embedded as a bare repository via a submodule from any source, provided they clone with the `--recurse-submodules` option. Git does not create symbolic links in the `$GIT_DIR/objects` directory. The problem has been patched in the versions published on 2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning untrusted repositories using the `--local` optimization when on a shared machine, either by passing the `--no-local` option to `git clone` or cloning from a URL that uses the `file://` scheme. Alternatively, avoid cloning repositories from untrusted sources with `--recurse-submodules` or run `git config --global protocol.file.allow user`." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-10T17:14:58.362681", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85" }, { "name": "FEDORA-2022-12790ca71a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VFYXCTLOSESYIP72BUYD6ECDIMUM4WMB/" }, { "name": "FEDORA-2022-8b58806840", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/" }, { "url": "https://support.apple.com/kb/HT213496" }, { "name": "FEDORA-2022-53aadd995f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/" }, { "name": "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Nov/1" }, { "name": "FEDORA-2022-2c33bba286", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMQWGMDLX6KTVWW5JZLVPI7ICAK72TN7/" }, { "name": "FEDORA-2022-fb088df94c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/" }, { "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html" }, { "name": "[oss-security] 20230214 [Announce] Git 2.39.2 and friends", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/02/14/5" }, { "name": "GLSA-202312-15", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202312-15" }, { "name": "[oss-security] 20240514 git: 5 vulnerabilities fixed", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/05/14/2" } ], "source": { "advisory": "GHSA-3wp6-j8xr-qw85", "discovery": "UNKNOWN" }, "title": "Git subject to exposure of sensitive information via local clone of symbolic links" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-39253", "datePublished": "2022-10-19T00:00:00", "dateReserved": "2022-09-02T00:00:00", "dateUpdated": "2024-08-03T12:00:43.267Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46872
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:39
Severity ?
EPSS score ?
Summary
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 108 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:39:39.119Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1799156" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-13" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "108", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.\u003cbr\u003e*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 108, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6." } ], "problemTypes": [ { "descriptions": [ { "description": "Arbitrary file read from a compromised content process", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1799156" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-13" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-46872", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-12-09T00:00:00", "dateUpdated": "2024-08-03T14:39:39.119Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1922
Vulnerability from cvelistv5
Published
2022-07-19 19:09
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5204 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.943Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "GStreamer", "vendor": "n/a", "versions": [ { "status": "affected", "version": "1.20.3" } ] } ], "descriptions": [ { "lang": "en", "value": "DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T02:08:05", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-1922", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "GStreamer", "version": { "version_data": [ { "version_value": "1.20.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122" } ] } ] }, "references": { "reference_data": [ { "name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225", "refsource": "MISC", "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5204" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1922", "datePublished": "2022-07-19T19:09:22", "dateReserved": "2022-05-27T00:00:00", "dateUpdated": "2024-08-03T00:17:00.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40956
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 12:28
Severity ?
EPSS score ?
Summary
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.3 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:28:43.077Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770094" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "105", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When injecting an HTML base element, some requests would ignore the CSP\u0027s base-uri settings and accept the injected element\u0027s base instead. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105." } ], "problemTypes": [ { "descriptions": [ { "description": "Content-Security-Policy base-uri bypass", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770094" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-40956", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:28:43.077Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42929
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 106 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:19:05.571Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789439" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "106", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Andrei Enache" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "If a website called \u003ccode\u003ewindow.print()\u003c/code\u003e in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user\u0027s session restore settings. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4." } ], "value": "If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user\u0027s session restore settings. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service via window.print", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:36:47.776Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789439" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-42929", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-10-14T00:00:00", "dateUpdated": "2024-08-03T13:19:05.571Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42694
Vulnerability from cvelistv5
Published
2021-11-01 00:00
Modified
2024-10-29 13:41
Severity ?
EPSS score ?
Summary
An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to inject code via adversarial identifier definitions in upstream software dependencies invoked deceptively in downstream software. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard (all versions). Unless mitigated, an adversary could produce source code identifiers using homoglyph characters that render visually identical to but are distinct from a target identifier. In this way, an adversary could inject adversarial identifier definitions in upstream software that are not detected by human reviewers and are invoked deceptively in downstream software. The Unicode Consortium has documented this class of security vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:unicode:unicode:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "unicode", "vendor": "unicode", "versions": [ { "lessThan": "14.0.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-42694", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-18T17:31:01.226978Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-29T13:41:17.179Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T03:38:50.055Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://www.unicode.org/versions/Unicode14.0.0/" }, { "tags": [ "x_transferred" ], "url": "https://trojansource.codes" }, { "name": "[oss-security] 20211101 CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/1" }, { "name": "[oss-security] 20211101 Trojan Source Attacks", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/6" }, { "name": "VU#999008", "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/999008" }, { "tags": [ "x_transferred" ], "url": "https://www.scyon.nl/post/trojans-in-your-source-code" }, { "tags": [ "x_transferred" ], "url": "https://www.unicode.org/reports/tr36/" }, { "tags": [ "x_transferred" ], "url": "https://www.unicode.org/reports/tr39/" }, { "tags": [ "x_transferred" ], "url": "https://cwe.mitre.org/data/definitions/1007.html" }, { "name": "GLSA-202210-09", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to inject code via adversarial identifier definitions in upstream software dependencies invoked deceptively in downstream software. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard (all versions). Unless mitigated, an adversary could produce source code identifiers using homoglyph characters that render visually identical to but are distinct from a target identifier. In this way, an adversary could inject adversarial identifier definitions in upstream software that are not detected by human reviewers and are invoked deceptively in downstream software. The Unicode Consortium has documented this class of security vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "http://www.unicode.org/versions/Unicode14.0.0/" }, { "url": "https://trojansource.codes" }, { "name": "[oss-security] 20211101 CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/1" }, { "name": "[oss-security] 20211101 Trojan Source Attacks", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/6" }, { "name": "VU#999008", "tags": [ "third-party-advisory" ], "url": "https://www.kb.cert.org/vuls/id/999008" }, { "url": "https://www.scyon.nl/post/trojans-in-your-source-code" }, { "url": "https://www.unicode.org/reports/tr36/" }, { "url": "https://www.unicode.org/reports/tr39/" }, { "url": "https://cwe.mitre.org/data/definitions/1007.html" }, { "name": "GLSA-202210-09", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-09" } ], "tags": [ "disputed" ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-42694", "datePublished": "2021-11-01T00:00:00", "dateReserved": "2021-10-18T00:00:00", "dateUpdated": "2024-10-29T13:41:17.179Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32222
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/nodejs/node |
Version: Fixed in 18.9.1+ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.053Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1695596" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/nodejs/node", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 18.9.1+" } ] } ], "descriptions": [ { "lang": "en", "value": "A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-310", "description": "Cryptographic Issues - Generic (CWE-310)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-23T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1695596" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32222", "datePublished": "2022-07-14T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.053Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45419
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.034Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1716082" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Deleting a security exception did not take effect immediately", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1716082" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45419", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.034Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21900
Vulnerability from cvelistv5
Published
2023-01-17 23:35
Modified
2024-09-16 19:47
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. CVSS 3.1 Base Score 4.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:L).
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com/security-alerts/cpujan2023.html | vendor-advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Solaris Operating System |
Version: 10 Version: 11 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:51:51.392Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-21900", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-16T19:39:53.337632Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-16T19:47:33.216Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Solaris Operating System", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "10" }, { "status": "affected", "version": "11" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. CVSS 3.1 Base Score 4.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:L)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-23T23:37:50.567Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-21900", "datePublished": "2023-01-17T23:35:27.904Z", "dateReserved": "2022-12-17T19:26:00.712Z", "dateUpdated": "2024-09-16T19:47:33.216Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2867
Vulnerability from cvelistv5
Published
2022-08-17 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.602Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118847" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "n/a", "versions": [ { "status": "affected", "version": "libtiff 4.4.0rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "libtiff\u0027s tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191-\u003e(CWE-125|CWE-787)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118847" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-2867", "datePublished": "2022-08-17T00:00:00", "dateReserved": "2022-08-16T00:00:00", "dateUpdated": "2024-08-03T00:52:59.602Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35256
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.1+, 16.17.1+,18.9.1+ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:29:17.444Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1675191" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "name": "DSA-5326", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5326" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/nodejs/node", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 14.20.1+, 16.17.1+,18.9.1+" } ] } ], "descriptions": [ { "lang": "en", "value": "The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-444", "description": "HTTP Request Smuggling (CWE-444)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-25T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1675191" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "name": "DSA-5326", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5326" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-35256", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-07-06T00:00:00", "dateUpdated": "2024-08-03T09:29:17.444Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2175
Vulnerability from cvelistv5
Published
2022-06-23 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Buffer Over-read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.074Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55" }, { "url": "https://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7f0481c2-8b57-4324-b47c-795d1ea67e55", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2175", "datePublished": "2022-06-23T00:00:00", "dateReserved": "2022-06-22T00:00:00", "dateUpdated": "2024-08-03T00:32:09.074Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45403
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:56.988Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1762078" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Service Workers might have learned size of cross-origin media files", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1762078" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45403", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:56.988Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3786
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 01:20
Severity ?
EPSS score ?
Summary
X.509 Email Address Variable Length Buffer Overflow
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:20:58.788Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20221101.txt" }, { "name": "3.0.7 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "lessThan": "3.0.7", "status": "affected", "version": "3.0.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Viktor Dukhovni" } ], "datePublic": "2022-11-01T00:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eA buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\u003c/p\u003e" } ], "value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\n\n" } ], "metrics": [ { "format": "other", "other": { "content": { "text": "HIGH" }, "type": "https://www.openssl.org/policies/secpolicy.html#high" } } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer overflow", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-04T07:28:32.835Z", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.openssl.org/news/secadv/20221101.txt" }, { "name": "3.0.7 git commit", "tags": [ "patch" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a" } ], "source": { "discovery": "UNKNOWN" }, "title": "X.509 Email Address Variable Length Buffer Overflow", "x_generator": { "engine": "Vulnogram 0.1.0-dev", "importer": "vulnxml2json5.py 2022-11-04 07:19:07.034873" } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2022-3786", "datePublished": "2022-11-01T00:00:00", "dateReserved": "2022-11-01T00:00:00", "dateUpdated": "2024-08-03T01:20:58.788Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21626
Vulnerability from cvelistv5
Published
2022-10-18 00:00
Modified
2024-08-03 02:46
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u341 Version: Oracle Java SE:8u345-perf Version: Oracle Java SE:11.0.16.1 Version: Oracle GraalVM Enterprise Edition:20.3.7 Version: Oracle GraalVM Enterprise Edition:21.3.3 Version: Oracle GraalVM Enterprise Edition:22.2.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:46:39.195Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "name": "FEDORA-2022-b050ae8974", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "name": "FEDORA-2022-1c07902a5e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "name": "FEDORA-2022-361f34f2a9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "name": "FEDORA-2022-d989953883", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-25" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u341" }, { "status": "affected", "version": "Oracle Java SE:8u345-perf" }, { "status": "affected", "version": "Oracle Java SE:11.0.16.1" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.7" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.3" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:22.2.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-03T00:00:00", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "name": "FEDORA-2022-b050ae8974", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "name": "FEDORA-2022-1c07902a5e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "name": "FEDORA-2022-361f34f2a9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "name": "FEDORA-2022-d989953883", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "url": "https://security.gentoo.org/glsa/202401-25" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2022-21626", "datePublished": "2022-10-18T00:00:00", "dateReserved": "2021-11-15T00:00:00", "dateUpdated": "2024-08-03T02:46:39.195Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0924
Vulnerability from cvelistv5
Published
2022-03-11 00:00
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:42.854Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/278" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/311" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220506-0002/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "=4.3.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/278" }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/311" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "url": "https://security.netapp.com/advisory/ntap-20220506-0002/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-0924", "datePublished": "2022-03-11T00:00:00", "dateReserved": "2022-03-10T00:00:00", "dateUpdated": "2024-08-02T23:47:42.854Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46875
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:39
Severity ?
EPSS score ?
Summary
The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 108 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:39:38.749Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1786188" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-13" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "108", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user\u0027s computer. \u003cbr\u003e*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 108, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6." } ], "problemTypes": [ { "descriptions": [ { "description": "Download Protections were bypassed by .atloc and .ftploc files on Mac OS", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1786188" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-13" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-46875", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-12-09T00:00:00", "dateUpdated": "2024-08-03T14:39:38.749Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46881
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:39
Severity ?
EPSS score ?
Summary
An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash.
*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 106 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:39:38.732Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770930" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-13" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "106", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Karl and an Anonymous ASAN Nightly User" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash.\u003cbr /\u003e*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6." } ], "value": "An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash.\n*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory corruption in WebGL", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:36:40.873Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1770930" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-13" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-46881", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-12-09T00:00:00", "dateUpdated": "2024-08-03T14:39:38.732Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0891
Vulnerability from cvelistv5
Published
2022-03-09 00:00
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:42.151Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/380" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/382" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221228-0008/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003e=3.9.0, \u003c=4.3.0" } ] } ], "credits": [ { "lang": "en", "value": "shahchintanh@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Heap-based buffer overflow in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-28T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/380" }, { "url": "https://gitlab.com/libtiff/libtiff/-/issues/382" }, { "url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" }, { "url": "https://security.netapp.com/advisory/ntap-20221228-0008/" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-0891", "datePublished": "2022-03-09T00:00:00", "dateReserved": "2022-03-09T00:00:00", "dateUpdated": "2024-08-02T23:47:42.151Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2206
Vulnerability from cvelistv5
Published
2022-06-26 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.643Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/01d01e74-55d0-4d9e-878e-79ba599be668" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e178af5a586ea023622d460779fdcabbbfac0908" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/01d01e74-55d0-4d9e-878e-79ba599be668" }, { "url": "https://github.com/vim/vim/commit/e178af5a586ea023622d460779fdcabbbfac0908" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "01d01e74-55d0-4d9e-878e-79ba599be668", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2206", "datePublished": "2022-06-26T00:00:00", "dateReserved": "2022-06-25T00:00:00", "dateUpdated": "2024-08-03T00:32:08.643Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27406
Vulnerability from cvelistv5
Published
2022-04-22 00:00
Modified
2024-08-03 05:25
Severity ?
EPSS score ?
Summary
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:25:32.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://freetype.com" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140" }, { "name": "FEDORA-2022-2dd60f1f00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" }, { "name": "FEDORA-2022-0985b0cb9f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" }, { "name": "FEDORA-2022-7ece4f6d74", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" }, { "name": "FEDORA-2022-5e45671294", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" }, { "name": "FEDORA-2022-80e1724780", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" }, { "name": "GLSA-202402-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-06" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T10:06:21.607450", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "http://freetype.com" }, { "url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140" }, { "name": "FEDORA-2022-2dd60f1f00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" }, { "name": "FEDORA-2022-0985b0cb9f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" }, { "name": "FEDORA-2022-7ece4f6d74", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" }, { "name": "FEDORA-2022-5e45671294", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" }, { "name": "FEDORA-2022-80e1724780", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" }, { "name": "GLSA-202402-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202402-06" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-27406", "datePublished": "2022-04-22T00:00:00", "dateReserved": "2022-03-21T00:00:00", "dateUpdated": "2024-08-03T05:25:32.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42252
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
Apache Tomcat request smuggling via malformed content-length
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Tomcat |
Version: 10.1.0-M1 Version: 10.0.0-M1 Version: 9.0.0-M1 Version: 8.5.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:03:45.683Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-37" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "10.1.0", "status": "affected", "version": "10.1.0-M1", "versionType": "maven" }, { "lessThanOrEqual": "10.0.26", "status": "affected", "version": "10.0.0-M1", "versionType": "maven" }, { "lessThanOrEqual": "9.0.67", "status": "affected", "version": "9.0.0-M1", "versionType": "maven" }, { "lessThanOrEqual": "8.5.82", "status": "affected", "version": "8.5.0", "versionType": "maven" } ] } ], "credits": [ { "lang": "en", "value": "Thanks to Sam Shahsavar who discovered this issue and reported it to the Apache Tomcat security team." } ], "descriptions": [ { "lang": "en", "value": "If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header." } ], "metrics": [ { "other": { "content": { "other": "low" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-444", "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-20T13:11:31.015Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "url": "https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq" }, { "url": "https://security.gentoo.org/glsa/202305-37" } ], "source": { "discovery": "UNKNOWN" }, "title": "Apache Tomcat request smuggling via malformed content-length", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2022-42252", "datePublished": "2022-11-01T00:00:00", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2024-08-03T13:03:45.683Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-6111
Vulnerability from cvelistv5
Published
2019-01-31 00:00
Modified
2024-08-04 20:16
Severity ?
EPSS score ?
Summary
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:16:23.623Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-4387", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4387" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20190213-0001/" }, { "name": "106741", "tags": [ "vdb-entry", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106741" }, { "tags": [ "x_transferred" ], "url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c" }, { "name": "USN-3885-1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://usn.ubuntu.com/3885-1/" }, { "name": "USN-3885-2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://usn.ubuntu.com/3885-2/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677794" }, { "tags": [ "x_transferred" ], "url": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt" }, { "name": "46193", "tags": [ "exploit", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/46193/" }, { "name": "GLSA-201903-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201903-16" }, { "name": "[debian-lts-announce] 20190325 [SECURITY] [DLA 1728-1] openssh security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html" }, { "name": "[oss-security] 20190417 Announce: OpenSSH 8.0 released", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2019/04/18/1" }, { "name": "FEDORA-2019-0f4190cdb0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/" }, { "name": "[mina-dev] 20190620 [jira] [Created] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E" }, { "name": "[mina-dev] 20190623 [jira] [Comment Edited] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E" }, { "name": "[mina-dev] 20190623 [jira] [Commented] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E" }, { "name": "openSUSE-SU-2019:1602", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html" }, { "name": "FreeBSD-EN-19:10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc" }, { "name": "[mina-dev] 20190820 [jira] [Resolved] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "RHSA-2019:3702", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3702" }, { "name": "[oss-security] 20220802 CVE-2022-29154: Rsync client-side arbitrary file write vulnerability.", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/08/02/1" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2019-01-31T00:00:00", "descriptions": [ { "lang": "en", "value": "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-4387", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2019/dsa-4387" }, { "url": "https://security.netapp.com/advisory/ntap-20190213-0001/" }, { "name": "106741", "tags": [ "vdb-entry" ], "url": "http://www.securityfocus.com/bid/106741" }, { "url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c" }, { "name": "USN-3885-1", "tags": [ "vendor-advisory" ], "url": "https://usn.ubuntu.com/3885-1/" }, { "name": "USN-3885-2", "tags": [ "vendor-advisory" ], "url": "https://usn.ubuntu.com/3885-2/" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677794" }, { "url": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt" }, { "name": "46193", "tags": [ "exploit" ], "url": "https://www.exploit-db.com/exploits/46193/" }, { "name": "GLSA-201903-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/201903-16" }, { "name": "[debian-lts-announce] 20190325 [SECURITY] [DLA 1728-1] openssh security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html" }, { "name": "[oss-security] 20190417 Announce: OpenSSH 8.0 released", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2019/04/18/1" }, { "name": "FEDORA-2019-0f4190cdb0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/" }, { "name": "[mina-dev] 20190620 [jira] [Created] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E" }, { "name": "[mina-dev] 20190623 [jira] [Comment Edited] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E" }, { "name": "[mina-dev] 20190623 [jira] [Commented] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E" }, { "name": "openSUSE-SU-2019:1602", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html" }, { "name": "FreeBSD-EN-19:10", "tags": [ "vendor-advisory" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc" }, { "name": "[mina-dev] 20190820 [jira] [Resolved] (SSHD-925) See if SCP vulnerability CVE-2019-6111 applies and mitigate it if so", "tags": [ "mailing-list" ], "url": "https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E" }, { "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "RHSA-2019:3702", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:3702" }, { "name": "[oss-security] 20220802 CVE-2022-29154: Rsync client-side arbitrary file write vulnerability.", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/08/02/1" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-6111", "datePublished": "2019-01-31T00:00:00", "dateReserved": "2019-01-10T00:00:00", "dateUpdated": "2024-08-04T20:16:23.623Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27404
Vulnerability from cvelistv5
Published
2022-04-22 00:00
Modified
2024-08-03 05:25
Severity ?
EPSS score ?
Summary
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:25:32.670Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138" }, { "name": "FEDORA-2022-2dd60f1f00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" }, { "name": "FEDORA-2022-0985b0cb9f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" }, { "name": "FEDORA-2022-7ece4f6d74", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" }, { "name": "FEDORA-2022-5e45671294", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" }, { "name": "FEDORA-2022-80e1724780", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" }, { "name": "GLSA-202402-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-06" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T10:06:23.309904", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138" }, { "name": "FEDORA-2022-2dd60f1f00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" }, { "name": "FEDORA-2022-0985b0cb9f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" }, { "name": "FEDORA-2022-7ece4f6d74", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" }, { "name": "FEDORA-2022-5e45671294", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" }, { "name": "FEDORA-2022-80e1724780", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" }, { "name": "GLSA-202402-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202402-06" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-27404", "datePublished": "2022-04-22T00:00:00", "dateReserved": "2022-03-21T00:00:00", "dateUpdated": "2024-08-03T05:25:32.670Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-29458
Vulnerability from cvelistv5
Published
2022-04-18 00:00
Modified
2024-08-03 06:26
Severity ?
EPSS score ?
Summary
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:26:05.098Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "[debian-lts-announce] 20221029 [SECURITY] [DLA 3167-1] ncurses security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-30T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00014.html" }, { "url": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "[debian-lts-announce] 20221029 [SECURITY] [DLA 3167-1] ncurses security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00037.html" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-29458", "datePublished": "2022-04-18T00:00:00", "dateReserved": "2022-04-18T00:00:00", "dateUpdated": "2024-08-03T06:26:05.098Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-36059
Vulnerability from cvelistv5
Published
2023-03-28 20:32
Modified
2024-08-03 09:52
Severity ?
EPSS score ?
Summary
Prototype pollution in matrix-js-sdk
References
▼ | URL | Tags |
---|---|---|
https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32 | x_refsource_CONFIRM |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | matrix-org | matrix-js-sdk |
Version: < 19.4.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:52:00.508Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "matrix-js-sdk", "vendor": "matrix-org", "versions": [ { "status": "affected", "version": "\u003c 19.4.0" } ] } ], "descriptions": [ { "lang": "en", "value": "matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer\u0027s ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1321", "description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-28T20:32:18.422Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32" } ], "source": { "advisory": "GHSA-rfv9-x7hh-xc32", "discovery": "UNKNOWN" }, "title": "Prototype pollution in matrix-js-sdk" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-36059", "datePublished": "2023-03-28T20:32:18.422Z", "dateReserved": "2022-07-15T23:52:24.339Z", "dateUpdated": "2024-08-03T09:52:00.508Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0907
Vulnerability from cvelistv5
Published
2022-03-11 00:00
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:42.626Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/392" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/314" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220506-0002/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "=4.3.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Vulnerability in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/392" }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/314" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "url": "https://security.netapp.com/advisory/ntap-20220506-0002/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-0907", "datePublished": "2022-03-11T00:00:00", "dateReserved": "2022-03-10T00:00:00", "dateUpdated": "2024-08-02T23:47:42.626Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21624
Vulnerability from cvelistv5
Published
2022-10-18 00:00
Modified
2024-08-03 02:46
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u341 Version: Oracle Java SE:8u345-perf Version: Oracle Java SE:11.0.16.1 Version: Oracle Java SE:17.0.4.1 Version: Oracle Java SE:19 Version: Oracle GraalVM Enterprise Edition:20.3.7 Version: Oracle GraalVM Enterprise Edition:21.3.3 Version: Oracle GraalVM Enterprise Edition:22.2.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:46:39.430Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "name": "FEDORA-2022-b050ae8974", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "name": "FEDORA-2022-5d494ab9ab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/" }, { "name": "FEDORA-2022-1c07902a5e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "name": "FEDORA-2022-361f34f2a9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "name": "FEDORA-2022-f76014ae17", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/" }, { "name": "FEDORA-2022-d989953883", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-25" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u341" }, { "status": "affected", "version": "Oracle Java SE:8u345-perf" }, { "status": "affected", "version": "Oracle Java SE:11.0.16.1" }, { "status": "affected", "version": "Oracle Java SE:17.0.4.1" }, { "status": "affected", "version": "Oracle Java SE:19" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.7" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.3" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:22.2.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-03T00:00:00", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "name": "FEDORA-2022-b050ae8974", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "name": "FEDORA-2022-5d494ab9ab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/" }, { "name": "FEDORA-2022-1c07902a5e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "name": "FEDORA-2022-361f34f2a9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "name": "FEDORA-2022-f76014ae17", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/" }, { "name": "FEDORA-2022-d989953883", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "url": "https://security.gentoo.org/glsa/202401-25" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2022-21624", "datePublished": "2022-10-18T00:00:00", "dateReserved": "2021-11-15T00:00:00", "dateUpdated": "2024-08-03T02:46:39.430Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41556
Vulnerability from cvelistv5
Published
2022-10-06 00:00
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:42:46.654Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50" }, { "tags": [ "x_transferred" ], "url": "https://github.com/lighttpd/lighttpd1.4/pull/115" }, { "tags": [ "x_transferred" ], "url": "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67" }, { "name": "FEDORA-2022-c26b19568d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/" }, { "name": "GLSA-202210-12", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-12" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50" }, { "url": "https://github.com/lighttpd/lighttpd1.4/pull/115" }, { "url": "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67" }, { "name": "FEDORA-2022-c26b19568d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/" }, { "name": "GLSA-202210-12", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-12" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-41556", "datePublished": "2022-10-06T00:00:00", "dateReserved": "2022-09-26T00:00:00", "dateUpdated": "2024-08-03T12:42:46.654Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1056
Vulnerability from cvelistv5
Published
2022-03-28 00:00
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:43.287Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/391" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/307" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221228-0008/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "=4.3.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-28T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/391" }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/307" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" }, { "url": "https://security.netapp.com/advisory/ntap-20221228-0008/" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-1056", "datePublished": "2022-03-28T00:00:00", "dateReserved": "2022-03-23T00:00:00", "dateUpdated": "2024-08-02T23:47:43.287Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2207
Vulnerability from cvelistv5
Published
2022-06-27 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.718Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/05bc6051-4dc3-483b-ae56-cf23346b97b9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/0971c7a4e537ea120a6bb2195960be8d0815e97b" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/05bc6051-4dc3-483b-ae56-cf23346b97b9" }, { "url": "https://github.com/vim/vim/commit/0971c7a4e537ea120a6bb2195960be8d0815e97b" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "05bc6051-4dc3-483b-ae56-cf23346b97b9", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2207", "datePublished": "2022-06-27T00:00:00", "dateReserved": "2022-06-26T00:00:00", "dateUpdated": "2024-08-03T00:32:08.718Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45413
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 107.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.023Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791201" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Using the \u003ccode\u003eS.browser_fallback_url parameter\u003c/code\u003e parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.\u003cbr\u003e*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "SameSite=Strict cookies could have been sent cross-site via intent URLs", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791201" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45413", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.023Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0561
Vulnerability from cvelistv5
Published
2022-02-11 00:00
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:32:46.253Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/362" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json" }, { "name": "FEDORA-2022-df1df6debd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/" }, { "name": "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220318-0001/" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003e=3.9.0, \u003c=4.3.0" } ] } ], "credits": [ { "lang": "en", "value": "shahchintanh@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Incorrect calculation of buffer size in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/362" }, { "url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json" }, { "name": "FEDORA-2022-df1df6debd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/" }, { "name": "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220318-0001/" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-0561", "datePublished": "2022-02-11T00:00:00", "dateReserved": "2022-02-10T00:00:00", "dateUpdated": "2024-08-02T23:32:46.253Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0908
Vulnerability from cvelistv5
Published
2022-03-11 00:00
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | TIFF Software Distribution | libtiff |
Version: <=4.3.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:42.818Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/383" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220506-0002/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "TIFF Software Distribution", "versions": [ { "status": "affected", "version": "\u003c=4.3.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Null pointer dereference in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/383" }, { "url": "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "url": "https://security.netapp.com/advisory/ntap-20220506-0002/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-0908", "datePublished": "2022-03-11T00:00:00", "dateReserved": "2022-03-10T00:00:00", "dateUpdated": "2024-08-02T23:47:42.818Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-31629
Vulnerability from cvelistv5
Published
2022-09-28 22:25
Modified
2024-10-29 15:05
Severity ?
EPSS score ?
Summary
$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2022-31629", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-16T18:53:33.259759Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1284", "description": "CWE-1284 Improper Validation of Specified Quantity in Input", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-29T15:05:18.365Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T07:26:00.718Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.php.net/bug.php?id=81727" }, { "name": "FEDORA-2022-0b77fbd9e7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/" }, { "name": "FEDORA-2022-afdea1c747", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/" }, { "name": "FEDORA-2022-f204e1d0ed", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/" }, { "name": "DSA-5277", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5277" }, { "name": "GLSA-202211-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202211-03" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221209-0001/" }, { "name": "[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html" }, { "name": "FEDORA-2024-b46619f761", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/" }, { "name": "FEDORA-2024-39d50cc975", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/" }, { "name": "FEDORA-2024-5e8ae0def0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/" }, { "name": "[oss-security] 20240412 PHP security releases 8.1.28, 8.2.18, \u0026 8.3.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/04/12/11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "PHP", "vendor": "PHP Group", "versions": [ { "lessThan": "7.4.31", "status": "affected", "version": "7.4.X", "versionType": "custom" }, { "lessThan": "8.0.24", "status": "affected", "version": "8.0.X", "versionType": "custom" }, { "lessThan": "8.1.11", "status": "affected", "version": "8.1.X", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "reported by squarcina at gmail dot com" } ], "datePublic": "2022-09-27T00:00:00", "descriptions": [ { "lang": "en", "value": "In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim\u0027s browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-01T17:09:26.439685", "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php" }, "references": [ { "url": "https://bugs.php.net/bug.php?id=81727" }, { "name": "FEDORA-2022-0b77fbd9e7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/" }, { "name": "FEDORA-2022-afdea1c747", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/" }, { "name": "FEDORA-2022-f204e1d0ed", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/" }, { "name": "DSA-5277", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5277" }, { "name": "GLSA-202211-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202211-03" }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0001/" }, { "name": "[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html" }, { "name": "FEDORA-2024-b46619f761", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/" }, { "name": "FEDORA-2024-39d50cc975", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/" }, { "name": "FEDORA-2024-5e8ae0def0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/" }, { "name": "[oss-security] 20240412 PHP security releases 8.1.28, 8.2.18, \u0026 8.3.6", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/04/12/11" } ], "solutions": [ { "lang": "en", "value": "Upgrade to PHP 7.4.31, 8.0.24, or 8.1.11." } ], "source": { "advisory": "https://bugs.php.net/bug.php?id=81727", "defect": [ "81727" ], "discovery": "EXTERNAL" }, "title": "$_COOKIE names string replacement (. -\u003e _): cookie integrity vulnerabilities", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "assignerShortName": "php", "cveId": "CVE-2022-31629", "datePublished": "2022-09-28T22:25:10.116784Z", "dateReserved": "2022-05-25T00:00:00", "dateUpdated": "2024-10-29T15:05:18.365Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2056
Vulnerability from cvelistv5
Published
2022-06-30 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.219Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/346" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/415" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2056.json" }, { "name": "FEDORA-2022-edf7301147", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TSS7MJ7OO7JO5BNKCRYSFU7UAYOKLA2/" }, { "name": "FEDORA-2022-b9c2a3a2b7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXUMJXVEAYFWRO3U3YHKSULHIVDOLEQS/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220826-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Divide by zero in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/346" }, { "url": "https://gitlab.com/libtiff/libtiff/-/issues/415" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2056.json" }, { "name": "FEDORA-2022-edf7301147", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TSS7MJ7OO7JO5BNKCRYSFU7UAYOKLA2/" }, { "name": "FEDORA-2022-b9c2a3a2b7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXUMJXVEAYFWRO3U3YHKSULHIVDOLEQS/" }, { "url": "https://security.netapp.com/advisory/ntap-20220826-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-2056", "datePublished": "2022-06-30T00:00:00", "dateReserved": "2022-06-13T00:00:00", "dateUpdated": "2024-08-03T00:24:44.219Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1924
Vulnerability from cvelistv5
Published
2022-07-19 19:13
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5204 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.985Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "GStreamer", "vendor": "n/a", "versions": [ { "status": "affected", "version": "1.20.3" } ] } ], "descriptions": [ { "lang": "en", "value": "DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T02:07:11", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-1924", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "GStreamer", "version": { "version_data": [ { "version_value": "1.20.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122" } ] } ] }, "references": { "reference_data": [ { "name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225", "refsource": "MISC", "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5204" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1924", "datePublished": "2022-07-19T19:13:35", "dateReserved": "2022-05-27T00:00:00", "dateUpdated": "2024-08-03T00:17:00.985Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42928
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 106 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:19:05.486Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791520" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "106", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Samuel Gro\u00df and Carl Smith of Google V8 Security" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4." } ], "value": "Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory Corruption in JS Engine", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:36:31.769Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791520" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-42928", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-10-14T00:00:00", "dateUpdated": "2024-08-03T13:19:05.486Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-10735
Vulnerability from cvelistv5
Published
2022-09-09 00:00
Modified
2024-08-04 11:14
Severity ?
EPSS score ?
Summary
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:14:14.254Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2020-10735" }, { "tags": [ "x_transferred" ], "url": "https://github.com/python/cpython/issues/95778" }, { "tags": [ "x_transferred" ], "url": "https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834423" }, { "name": "FEDORA-2022-46a44a7f83", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/" }, { "name": "FEDORA-2022-66b65beccb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/" }, { "name": "FEDORA-2022-4b31e33ed0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/" }, { "name": "FEDORA-2022-6d57598a23", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/" }, { "name": "FEDORA-2022-f330bbfda2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/" }, { "name": "FEDORA-2022-29d436596f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/" }, { "name": "FEDORA-2022-b01214472e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/" }, { "name": "FEDORA-2022-dd5032bedf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/" }, { "name": "FEDORA-2022-8535093cba", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/" }, { "name": "FEDORA-2022-72213986b8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/" }, { "name": "[oss-security] 20220921 big ints in python: CVE-2020-10735", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/1" }, { "name": "[oss-security] 20220921 Re: big ints in python: CVE-2020-10735", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/4" }, { "name": "FEDORA-2022-f511f8f58b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/" }, { "name": "FEDORA-2022-c072cdc3c8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/" }, { "name": "FEDORA-2022-0b3904c674", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/" }, { "name": "FEDORA-2022-141f632a6f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/" }, { "name": "FEDORA-2022-ac82a548df", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/" }, { "name": "FEDORA-2022-d4570fc1a6", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/" }, { "name": "FEDORA-2022-b8b34e62ab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/" }, { "name": "FEDORA-2022-d1682fef04", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/" }, { "name": "FEDORA-2022-79843dfb3c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/" }, { "name": "FEDORA-2022-958fd7a32e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "python", "vendor": "n/a", "versions": [ { "status": "affected", "version": "python 3.7" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability." } ], "problemTypes": [ { "descriptions": [ { "description": "DoS", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-14T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2020-10735" }, { "url": "https://github.com/python/cpython/issues/95778" }, { "url": "https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834423" }, { "name": "FEDORA-2022-46a44a7f83", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/" }, { "name": "FEDORA-2022-66b65beccb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/" }, { "name": "FEDORA-2022-4b31e33ed0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/" }, { "name": "FEDORA-2022-6d57598a23", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/" }, { "name": "FEDORA-2022-f330bbfda2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/" }, { "name": "FEDORA-2022-29d436596f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/" }, { "name": "FEDORA-2022-b01214472e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/" }, { "name": "FEDORA-2022-dd5032bedf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/" }, { "name": "FEDORA-2022-8535093cba", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/" }, { "name": "FEDORA-2022-72213986b8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/" }, { "name": "[oss-security] 20220921 big ints in python: CVE-2020-10735", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/1" }, { "name": "[oss-security] 20220921 Re: big ints in python: CVE-2020-10735", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/4" }, { "name": "FEDORA-2022-f511f8f58b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/" }, { "name": "FEDORA-2022-c072cdc3c8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/" }, { "name": "FEDORA-2022-0b3904c674", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/" }, { "name": "FEDORA-2022-141f632a6f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/" }, { "name": "FEDORA-2022-ac82a548df", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/" }, { "name": "FEDORA-2022-d4570fc1a6", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/" }, { "name": "FEDORA-2022-b8b34e62ab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/" }, { "name": "FEDORA-2022-d1682fef04", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/" }, { "name": "FEDORA-2022-79843dfb3c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/" }, { "name": "FEDORA-2022-958fd7a32e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-10735", "datePublished": "2022-09-09T00:00:00", "dateReserved": "2020-03-20T00:00:00", "dateUpdated": "2024-08-04T11:14:14.254Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0909
Vulnerability from cvelistv5
Published
2022-03-11 00:00
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:42.113Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/393" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/310" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220506-0002/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "=4.3.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Divide by zero in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/393" }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/310" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "url": "https://security.netapp.com/advisory/ntap-20220506-0002/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-0909", "datePublished": "2022-03-11T00:00:00", "dateReserved": "2022-03-10T00:00:00", "dateUpdated": "2024-08-02T23:47:42.113Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3626
Vulnerability from cvelistv5
Published
2022-10-21 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:03.243Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/426" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003c=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds write in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-21T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/426" }, { "url": "https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-3626", "datePublished": "2022-10-21T00:00:00", "dateReserved": "2022-10-21T00:00:00", "dateUpdated": "2024-08-03T01:14:03.243Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1925
Vulnerability from cvelistv5
Published
2022-07-19 19:10
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5204 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.947Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "GStreamer", "vendor": "n/a", "versions": [ { "status": "affected", "version": "1.20.3" } ] } ], "descriptions": [ { "lang": "en", "value": "DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can\u0027t be triggered, however the matroskaparse element has no size checks." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T02:07:39", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-1925", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "GStreamer", "version": { "version_data": [ { "version_value": "1.20.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can\u0027t be triggered, however the matroskaparse element has no size checks." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122" } ] } ] }, "references": { "reference_data": [ { "name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225", "refsource": "MISC", "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5204" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1925", "datePublished": "2022-07-19T19:10:49", "dateReserved": "2022-05-27T00:00:00", "dateUpdated": "2024-08-03T00:17:00.947Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35255
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 09:29
Severity ?
EPSS score ?
Summary
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/nodejs/node |
Version: Fixed in 16.17.1+,18.9.1+ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:29:17.447Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1690000" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230113-0002/" }, { "name": "DSA-5326", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5326" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/nodejs/node", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 16.17.1+,18.9.1+" } ] } ], "descriptions": [ { "lang": "en", "value": "A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-338", "description": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (CWE-338)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-25T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1690000" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "url": "https://security.netapp.com/advisory/ntap-20230113-0002/" }, { "name": "DSA-5326", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5326" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-35255", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-07-06T00:00:00", "dateUpdated": "2024-08-03T09:29:17.447Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45405
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Freeing arbitrary <code>nsIInputStream</code>'s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:56.990Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791314" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Freeing arbitrary \u003ccode\u003ensIInputStream\u003c/code\u003e\u0027s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Use-after-free in InputStream implementation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791314" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45405", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:56.990Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-31630
Vulnerability from cvelistv5
Published
2022-11-14 06:53
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
OOB read due to insufficient input validation in imageloadfont()
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:26:01.044Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.php.net/bug.php?id=81739" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "modules": [ "gd" ], "product": "PHP", "repo": "https://github.com/php/php-src", "vendor": "PHP Group", "versions": [ { "lessThan": "7.4.33", "status": "affected", "version": "7.4.x", "versionType": "custom" }, { "lessThan": "8.0.25", "status": "affected", "version": "8.0.x", "versionType": "custom" }, { "lessThan": "8.1.12", "status": "affected", "version": "8.1.x", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "gd extension" } ], "value": "gd extension" } ], "credits": [ { "lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "cmb@php.net" }, { "lang": "en", "type": "remediation developer", "user": "00000000-0000-4000-9000-000000000000", "value": "cmb@php.net" } ], "datePublic": "2022-10-24T06:40:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.\u0026nbsp;" } ], "value": "In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.\u00a0" } ], "impacts": [ { "capecId": "CAPEC-540", "descriptions": [ { "lang": "en", "value": "CAPEC-540 Overread Buffers" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-131", "description": "CWE-131 Incorrect Calculation of Buffer Size", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-02T02:38:25.144Z", "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php" }, "references": [ { "url": "https://bugs.php.net/bug.php?id=81739" } ], "source": { "defect": [ "https://bugs.php.net/bug.php?id=81739" ], "discovery": "INTERNAL" }, "title": "OOB read due to insufficient input validation in imageloadfont()", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "assignerShortName": "php", "cveId": "CVE-2022-31630", "datePublished": "2022-11-14T06:53:06.774Z", "dateReserved": "2022-05-25T21:03:32.861Z", "dateUpdated": "2024-08-03T07:26:01.044Z", "requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3598
Vulnerability from cvelistv5
Published
2022-10-21 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:02.094Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/435" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003c=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-21T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/435" }, { "url": "https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-3598", "datePublished": "2022-10-21T00:00:00", "dateReserved": "2022-10-19T00:00:00", "dateUpdated": "2024-08-03T01:14:02.094Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40958
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 12:28
Severity ?
EPSS score ?
Summary
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.3 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:28:42.952Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1779993" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "105", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105." } ], "problemTypes": [ { "descriptions": [ { "description": "Bypassing Secure Context restriction for cookies with __Host and __Secure prefix", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1779993" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-40958", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:28:42.952Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45411
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <code>fetch()</code> and XMLHttpRequest; however some webservers have implemented non-standard headers such as <code>X-Http-Method-Override</code> that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.053Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790311" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on \u003ccode\u003efetch()\u003c/code\u003e and XMLHttpRequest; however some webservers have implemented non-standard headers such as \u003ccode\u003eX-Http-Method-Override\u003c/code\u003e that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Cross-Site Tracing was possible via non-standard override headers", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790311" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45411", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.053Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3034
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Mozilla | Thunderbird |
Version: unspecified < 102.2.1 Version: unspecified < 91.13.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.217Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-38/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-39/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745751" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.2.1", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "91.13.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When receiving an HTML email that specified to load an \u003ccode\u003eiframe\u003c/code\u003e element from a remote location, a request to the remote document was sent. However, Thunderbird didn\u0027t display the document. This vulnerability affects Thunderbird \u003c 102.2.1 and Thunderbird \u003c 91.13.1." } ], "problemTypes": [ { "descriptions": [ { "description": "An iframe element in an HTML email could trigger a network request", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-38/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-39/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1745751" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-3034", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-08-29T00:00:00", "dateUpdated": "2024-08-03T01:00:10.217Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3190
Vulnerability from cvelistv5
Published
2022-09-13 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | SharkFest Foundation | Wireshark |
Version: >=3.6.0, <3.6.8 Version: >=3.4.0, <3.4.16 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.864Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wireshark.org/security/wnpa-sec-2022-06.html" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/wireshark/wireshark/-/issues/18307" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3190.json" }, { "name": "FEDORA-2022-1f2fbb087e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/" }, { "name": "FEDORA-2022-9d4aa8a486", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Wireshark", "vendor": "SharkFest Foundation", "versions": [ { "status": "affected", "version": "\u003e=3.6.0, \u003c3.6.8" }, { "status": "affected", "version": "\u003e=3.4.0, \u003c3.4.16" } ] } ], "credits": [ { "lang": "en", "value": "Jason Cohen" } ], "descriptions": [ { "lang": "en", "value": "Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Loop with unreachable exit condition (\u0027infinite loop\u0027) in Wireshark", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-17T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://www.wireshark.org/security/wnpa-sec-2022-06.html" }, { "url": "https://gitlab.com/wireshark/wireshark/-/issues/18307" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3190.json" }, { "name": "FEDORA-2022-1f2fbb087e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/" }, { "name": "FEDORA-2022-9d4aa8a486", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-3190", "datePublished": "2022-09-13T00:00:00", "dateReserved": "2022-09-12T00:00:00", "dateUpdated": "2024-08-03T01:00:10.864Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21830
Vulnerability from cvelistv5
Published
2023-01-17 23:35
Modified
2024-08-02 09:51
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com/security-alerts/cpujan2023.html | vendor-advisory | |
https://www.oracle.com/security-alerts/cpujul2023.html | vendor-advisory | |
https://security.gentoo.org/glsa/202401-25 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u351 Version: Oracle Java SE:8u351-perf Version: Oracle GraalVM Enterprise Edition:20.3.8 Version: Oracle GraalVM Enterprise Edition:21.3.4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:51:51.152Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" }, { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-25" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u351" }, { "status": "affected", "version": "Oracle Java SE:8u351-perf" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.8" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.4" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-18T21:05:23.145Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" }, { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "url": "https://security.gentoo.org/glsa/202401-25" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-21830", "datePublished": "2023-01-17T23:35:07.212Z", "dateReserved": "2022-12-17T19:26:00.689Z", "dateUpdated": "2024-08-02T09:51:51.152Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21835
Vulnerability from cvelistv5
Published
2023-01-17 23:35
Modified
2024-08-02 09:51
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com/security-alerts/cpujan2023.html | vendor-advisory | |
https://security.gentoo.org/glsa/202401-25 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:11.0.17 Version: Oracle Java SE:17.0.5 Version: Oracle Java SE:19.0.1 Version: Oracle GraalVM Enterprise Edition:20.3.8 Version: Oracle GraalVM Enterprise Edition:21.3.4 Version: Oracle GraalVM Enterprise Edition:22.3.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:51:50.877Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-25" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:11.0.17" }, { "status": "affected", "version": "Oracle Java SE:17.0.5" }, { "status": "affected", "version": "Oracle Java SE:19.0.1" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.8" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.4" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:22.3.0" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-23T23:37:28.716Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" }, { "url": "https://security.gentoo.org/glsa/202401-25" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-21835", "datePublished": "2023-01-17T23:35:08.523Z", "dateReserved": "2022-12-17T19:26:00.690Z", "dateUpdated": "2024-08-02T09:51:50.877Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27405
Vulnerability from cvelistv5
Published
2022-04-22 00:00
Modified
2024-08-03 05:25
Severity ?
EPSS score ?
Summary
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:25:32.685Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://freetype.com" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139" }, { "name": "FEDORA-2022-2dd60f1f00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" }, { "name": "FEDORA-2022-0985b0cb9f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" }, { "name": "FEDORA-2022-7ece4f6d74", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" }, { "name": "FEDORA-2022-5e45671294", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" }, { "name": "FEDORA-2022-80e1724780", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" }, { "name": "GLSA-202402-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202402-06" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-03T10:06:19.900131", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "http://freetype.com" }, { "url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139" }, { "name": "FEDORA-2022-2dd60f1f00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/" }, { "name": "FEDORA-2022-0985b0cb9f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/" }, { "name": "FEDORA-2022-7ece4f6d74", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/" }, { "name": "FEDORA-2022-5e45671294", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/" }, { "name": "FEDORA-2022-80e1724780", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/" }, { "name": "GLSA-202402-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202402-06" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-27405", "datePublished": "2022-04-22T00:00:00", "dateReserved": "2022-03-21T00:00:00", "dateUpdated": "2024-08-03T05:25:32.685Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32213
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.1+, 16.17.1+,18.9.1+ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.004Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/" }, { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1524555" }, { "name": "FEDORA-2022-52dec6351a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/" }, { "name": "FEDORA-2022-1667f7b60a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/" }, { "name": "FEDORA-2022-de515f765f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "name": "DSA-5326", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5326" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/nodejs/node", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 14.20.1+, 16.17.1+,18.9.1+" } ] } ], "descriptions": [ { "lang": "en", "value": "The llhttp parser \u003cv14.20.1, \u003cv16.17.1 and \u003cv18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS)." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-444", "description": "HTTP Request Smuggling (CWE-444)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-25T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/" }, { "url": "https://hackerone.com/reports/1524555" }, { "name": "FEDORA-2022-52dec6351a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/" }, { "name": "FEDORA-2022-1667f7b60a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/" }, { "name": "FEDORA-2022-de515f765f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "name": "DSA-5326", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5326" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32213", "datePublished": "2022-07-14T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.004Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-43548
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 13:32
Severity ?
EPSS score ?
Summary
A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.The fix for this issue in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212 was incomplete and this new CVE is to complete the fix.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/nodejs/node |
Version: Fixed in 19.0.1, 18.12.1, 16.18.1, 14.21.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:32:59.546Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230120-0004/" }, { "name": "DSA-5326", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5326" }, { "name": "[debian-lts-announce] 20230226 [SECURITY] [DLA 3344-1] nodejs security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/nodejs/node", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 19.0.1, 18.12.1, 16.18.1, 14.21.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A OS Command Injection vulnerability exists in Node.js versions \u003c14.21.1, \u003c16.18.1, \u003c18.12.1, \u003c19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.The fix for this issue in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212 was incomplete and this new CVE is to complete the fix." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "OS Command Injection (CWE-78)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-27T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/" }, { "url": "https://security.netapp.com/advisory/ntap-20230120-0004/" }, { "name": "DSA-5326", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5326" }, { "name": "[debian-lts-announce] 20230226 [SECURITY] [DLA 3344-1] nodejs security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html" }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0007/" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-43548", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-10-20T00:00:00", "dateUpdated": "2024-08-03T13:32:59.546Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-26981
Vulnerability from cvelistv5
Published
2022-03-13 00:00
Modified
2024-08-03 05:18
Severity ?
EPSS score ?
Summary
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:18:39.309Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/liblouis/liblouis/issues/1171" }, { "name": "FEDORA-2022-81110193e5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213340" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213345" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213342" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213346" }, { "name": "20220721 APPLE-SA-2022-07-20-5 tvOS 15.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/15" }, { "name": "20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/18" }, { "name": "20220721 APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/12" }, { "name": "20220721 APPLE-SA-2022-07-20-6 watchOS 8.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/16" }, { "name": "GLSA-202301-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202301-06" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-11T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/liblouis/liblouis/issues/1171" }, { "name": "FEDORA-2022-81110193e5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L/" }, { "url": "https://support.apple.com/kb/HT213340" }, { "url": "https://support.apple.com/kb/HT213345" }, { "url": "https://support.apple.com/kb/HT213342" }, { "url": "https://support.apple.com/kb/HT213346" }, { "name": "20220721 APPLE-SA-2022-07-20-5 tvOS 15.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/15" }, { "name": "20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/18" }, { "name": "20220721 APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/12" }, { "name": "20220721 APPLE-SA-2022-07-20-6 watchOS 8.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/16" }, { "name": "GLSA-202301-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202301-06" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-26981", "datePublished": "2022-03-13T00:00:00", "dateReserved": "2022-03-13T00:00:00", "dateUpdated": "2024-08-03T05:18:39.309Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3627
Vulnerability from cvelistv5
Published
2022-10-21 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:02.492Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/411" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003c=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047" }, { "url": "https://gitlab.com/libtiff/libtiff/-/issues/411" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-3627", "datePublished": "2022-10-21T00:00:00", "dateReserved": "2022-10-21T00:00:00", "dateUpdated": "2024-08-03T01:14:02.492Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32212
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.1+, 16.17.1+,18.9.1+ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.009Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1632921" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/nodejs/node", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 14.20.1+, 16.17.1+,18.9.1+" } ] } ], "descriptions": [ { "lang": "en", "value": "A OS Command Injection vulnerability exists in Node.js versions \u003c14.20.0, \u003c16.20.0, \u003c18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "Improper Access Control - Generic (CWE-284)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-23T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://hackerone.com/reports/1632921" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32212", "datePublished": "2022-07-14T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.009Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-32215
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.1+, 16.17.1+,18.9.1+ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:32:56.008Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/" }, { "tags": [ "x_transferred" ], "url": "https://hackerone.com/reports/1501679" }, { "name": "FEDORA-2022-52dec6351a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/" }, { "name": "FEDORA-2022-1667f7b60a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/" }, { "name": "FEDORA-2022-de515f765f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "name": "DSA-5326", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5326" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "https://github.com/nodejs/node", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in 14.20.1+, 16.17.1+,18.9.1+" } ] } ], "descriptions": [ { "lang": "en", "value": "The llhttp parser \u003cv14.20.1, \u003cv16.17.1 and \u003cv18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS)." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-444", "description": "HTTP Request Smuggling (CWE-444)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-25T00:00:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone" }, "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/" }, { "url": "https://hackerone.com/reports/1501679" }, { "name": "FEDORA-2022-52dec6351a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/" }, { "name": "FEDORA-2022-1667f7b60a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/" }, { "name": "FEDORA-2022-de515f765f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" }, { "name": "DSA-5326", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5326" } ] } }, "cveMetadata": { "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2022-32215", "datePublished": "2022-07-14T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T07:32:56.008Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45415
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox < 107.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.034Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1793551" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Downloaded file may have been saved with malicious extension", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1793551" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45415", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.034Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3970
Vulnerability from cvelistv5
Published
2022-11-13 00:00
Modified
2024-08-03 01:27
Severity ?
EPSS score ?
Summary
LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | unspecified | LibTIFF |
Version: n/a |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:27:53.968Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137" }, { "tags": [ "x_transferred" ], "url": "https://oss-fuzz.com/download?testcase_id=5738253143900160" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be" }, { "tags": [ "x_transferred" ], "url": "https://vuldb.com/?id.213549" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221215-0009/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213843" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213841" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "LibTIFF", "vendor": "unspecified", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-189", "description": "CWE-189 Numeric Error -\u003e CWE-190 Integer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-31T23:06:22.614192", "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB" }, "references": [ { "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137" }, { "url": "https://oss-fuzz.com/download?testcase_id=5738253143900160" }, { "url": "https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be" }, { "url": "https://vuldb.com/?id.213549" }, { "url": "https://security.netapp.com/advisory/ntap-20221215-0009/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "url": "https://support.apple.com/kb/HT213843" }, { "url": "https://support.apple.com/kb/HT213841" } ], "title": "LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow", "x_generator": "vuldb.com" } }, "cveMetadata": { "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "assignerShortName": "VulDB", "cveId": "CVE-2022-3970", "datePublished": "2022-11-13T00:00:00", "dateReserved": "2022-11-13T00:00:00", "dateUpdated": "2024-08-03T01:27:53.968Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1923
Vulnerability from cvelistv5
Published
2022-07-19 19:13
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5204 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.909Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "GStreamer", "vendor": "n/a", "versions": [ { "status": "affected", "version": "1.20.3" } ] } ], "descriptions": [ { "lang": "en", "value": "DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T02:08:19", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-1923", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "GStreamer", "version": { "version_data": [ { "version_value": "1.20.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122" } ] } ] }, "references": { "reference_data": [ { "name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225", "refsource": "MISC", "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5204" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1923", "datePublished": "2022-07-19T19:13:29", "dateReserved": "2022-05-27T00:00:00", "dateUpdated": "2024-08-03T00:17:00.909Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-29154
Vulnerability from cvelistv5
Published
2022-08-02 14:22
Modified
2024-08-03 06:10
Severity ?
EPSS score ?
Summary
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file).
References
▼ | URL | Tags |
---|---|---|
https://github.com/WayneD/rsync/tags | x_refsource_MISC | |
http://www.openwall.com/lists/oss-security/2022/08/02/1 | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/ | vendor-advisory, x_refsource_FEDORA |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:10:59.386Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/WayneD/rsync/tags" }, { "name": "[oss-security] 20220802 CVE-2022-29154: Rsync client-side arbitrary file write vulnerability.", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/08/02/1" }, { "name": "FEDORA-2022-25e4dbedf9", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/" }, { "name": "FEDORA-2022-15da0cf165", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-31T11:06:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/WayneD/rsync/tags" }, { "name": "[oss-security] 20220802 CVE-2022-29154: Rsync client-side arbitrary file write vulnerability.", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/08/02/1" }, { "name": "FEDORA-2022-25e4dbedf9", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/" }, { "name": "FEDORA-2022-15da0cf165", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-29154", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/WayneD/rsync/tags", "refsource": "MISC", "url": "https://github.com/WayneD/rsync/tags" }, { "name": "[oss-security] 20220802 CVE-2022-29154: Rsync client-side arbitrary file write vulnerability.", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/08/02/1" }, { "name": "FEDORA-2022-25e4dbedf9", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/" }, { "name": "FEDORA-2022-15da0cf165", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-29154", "datePublished": "2022-08-02T14:22:52", "dateReserved": "2022-04-13T00:00:00", "dateUpdated": "2024-08-03T06:10:59.386Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3276
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 01:07
Severity ?
EPSS score ?
Summary
Puppetlabs-mysql Command Injection
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Puppet | puppetlabs-mysql |
Version: unspecified < 13.0.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:07:05.971Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://puppet.com/security/cve/CVE-2022-3276" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "puppetlabs-mysql", "vendor": "Puppet", "versions": [ { "lessThan": "13.0.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Tam\u00e1s Koczka and the Google Security Team" } ], "descriptions": [ { "lang": "en", "value": "Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78 OS Command Injection", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-07T00:00:00", "orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e", "shortName": "puppet" }, "references": [ { "url": "https://puppet.com/security/cve/CVE-2022-3276" } ], "source": { "discovery": "EXTERNAL" }, "title": "Puppetlabs-mysql Command Injection", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e", "assignerShortName": "puppet", "cveId": "CVE-2022-3276", "datePublished": "2022-10-07T00:00:00", "dateReserved": "2022-09-22T00:00:00", "dateUpdated": "2024-08-03T01:07:05.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0562
Vulnerability from cvelistv5
Published
2022-02-11 00:00
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:32:46.296Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/362" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json" }, { "name": "FEDORA-2022-df1df6debd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/" }, { "name": "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220318-0001/" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003e=4.0, \u003c=4.3.0" } ] } ], "credits": [ { "lang": "en", "value": "shahchintanh@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Null pointer dereference in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/362" }, { "url": "https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json" }, { "name": "FEDORA-2022-df1df6debd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/" }, { "name": "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220318-0001/" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-0562", "datePublished": "2022-02-11T00:00:00", "dateReserved": "2022-02-10T00:00:00", "dateUpdated": "2024-08-02T23:32:46.296Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40959
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 12:28
Severity ?
EPSS score ?
Summary
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.3 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:28:42.944Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1782211" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "105", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105." } ], "problemTypes": [ { "descriptions": [ { "description": "Bypassing FeaturePolicy restrictions on transient pages", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1782211" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-40959", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:28:42.944Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24765
Vulnerability from cvelistv5
Published
2022-04-12 00:00
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
Uncontrolled search for the Git directory in Git for Windows
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | git-for-windows | git |
Version: < 2.35.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:20:50.377Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2" }, { "tags": [ "x_transferred" ], "url": "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash" }, { "tags": [ "x_transferred" ], "url": "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode" }, { "name": "[oss-security] 20220412 git v2.35.2 and friends for CVE-2022-24765", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/04/12/7" }, { "name": "FEDORA-2022-e99ae504f5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/" }, { "name": "FEDORA-2022-3759ebabd2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/" }, { "name": "FEDORA-2022-2fec5f30be", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213261" }, { "name": "20220516 APPLE-SA-2022-05-16-8 Xcode 13.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/31" }, { "name": "FEDORA-2022-dfd7e7fc0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/" }, { "name": "FEDORA-2022-2a5de7cb8b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/" }, { "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html" }, { "name": "FEDORA-2023-470c7ea49e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/" }, { "name": "FEDORA-2023-e3c8abd37e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/" }, { "name": "FEDORA-2023-1068309389", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/" }, { "name": "FEDORA-2023-3ec32f6d4e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/" }, { "name": "GLSA-202312-15", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202312-15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "git", "vendor": "git-for-windows", "versions": [ { "status": "affected", "version": "\u003c 2.35.2" } ] } ], "descriptions": [ { "lang": "en", "value": "Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\\.git\\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\\Users` if the user profile is located in `C:\\Users\\my-user-name`." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-427", "description": "CWE-427: Uncontrolled Search Path Element", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-27T10:06:30.486675", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2" }, { "url": "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash" }, { "url": "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode" }, { "name": "[oss-security] 20220412 git v2.35.2 and friends for CVE-2022-24765", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/04/12/7" }, { "name": "FEDORA-2022-e99ae504f5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/" }, { "name": "FEDORA-2022-3759ebabd2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/" }, { "name": "FEDORA-2022-2fec5f30be", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/" }, { "url": "https://support.apple.com/kb/HT213261" }, { "name": "20220516 APPLE-SA-2022-05-16-8 Xcode 13.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/31" }, { "name": "FEDORA-2022-dfd7e7fc0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/" }, { "name": "FEDORA-2022-2a5de7cb8b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/" }, { "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html" }, { "name": "FEDORA-2023-470c7ea49e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/" }, { "name": "FEDORA-2023-e3c8abd37e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/" }, { "name": "FEDORA-2023-1068309389", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/" }, { "name": "FEDORA-2023-3ec32f6d4e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/" }, { "name": "GLSA-202312-15", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202312-15" } ], "source": { "advisory": "GHSA-vw2c-22j4-2fh2", "discovery": "UNKNOWN" }, "title": "Uncontrolled search for the Git directory in Git for Windows" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24765", "datePublished": "2022-04-12T00:00:00", "dateReserved": "2022-02-10T00:00:00", "dateUpdated": "2024-08-03T04:20:50.377Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46878
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:39
Severity ?
EPSS score ?
Summary
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 108 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:39:39.118Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1782219%2C1797370%2C1797685%2C1801102%2C1801315%2C1802395" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-13" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "108", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 108, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Thunderbird 102.6", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1782219%2C1797370%2C1797685%2C1801102%2C1801315%2C1802395" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-13" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-46878", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-12-09T00:00:00", "dateUpdated": "2024-08-03T14:39:39.118Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45417
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.018Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794508" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Service Workers in Private Browsing Mode may have been written to disk", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794508" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45417", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.018Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2208
Vulnerability from cvelistv5
Published
2022-06-27 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.726Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.5163", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1" }, { "url": "https://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7bfe3d5b-568f-4c34-908f-a39909638cc1", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2208", "datePublished": "2022-06-27T00:00:00", "dateReserved": "2022-06-26T00:00:00", "dateUpdated": "2024-08-03T00:32:08.726Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45406
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.001Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791975" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Use-after-free of a JavaScript Realm", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791975" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45406", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.001Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21843
Vulnerability from cvelistv5
Published
2023-01-17 23:35
Modified
2024-09-23 18:48
Severity ?
EPSS score ?
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com/security-alerts/cpujan2023.html | vendor-advisory | |
https://security.gentoo.org/glsa/202401-25 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Oracle Java SE:8u351 Version: Oracle Java SE:8u351-perf Version: Oracle Java SE:11.0.17 Version: Oracle Java SE:17.0.5 Version: Oracle Java SE:19.0.1 Version: Oracle GraalVM Enterprise Edition:20.3.8 Version: Oracle GraalVM Enterprise Edition:21.3.4 Version: Oracle GraalVM Enterprise Edition:22.3.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:51:51.130Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-25" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-21843", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-21T19:28:28.287371Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-23T18:48:27.789Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Oracle Java SE:8u351" }, { "status": "affected", "version": "Oracle Java SE:8u351-perf" }, { "status": "affected", "version": "Oracle Java SE:11.0.17" }, { "status": "affected", "version": "Oracle Java SE:17.0.5" }, { "status": "affected", "version": "Oracle Java SE:19.0.1" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.8" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.3.4" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:22.3.0" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-23T23:37:31.579Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" }, { "url": "https://security.gentoo.org/glsa/202401-25" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-21843", "datePublished": "2023-01-17T23:35:11.096Z", "dateReserved": "2022-12-17T19:26:00.691Z", "dateUpdated": "2024-09-23T18:48:27.789Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0865
Vulnerability from cvelistv5
Published
2022-03-07 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:04.554Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/385" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/306" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221228-0008/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "=4.3.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Reachable assertion in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-28T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/385" }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/306" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "FEDORA-2022-e2996202a0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" }, { "name": "FEDORA-2022-c39720a0ed", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" }, { "url": "https://security.netapp.com/advisory/ntap-20221228-0008/" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-0865", "datePublished": "2022-03-07T00:00:00", "dateReserved": "2022-03-04T00:00:00", "dateUpdated": "2024-08-02T23:40:04.554Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-43680
Vulnerability from cvelistv5
Published
2022-10-24 00:00
Modified
2024-08-03 13:40
Severity ?
EPSS score ?
Summary
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:40:06.144Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/650" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/issues/649" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/616" }, { "name": "[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html" }, { "name": "DSA-5266", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5266" }, { "name": "GLSA-202210-38", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-38" }, { "name": "FEDORA-2022-ae2559a8f4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/" }, { "name": "FEDORA-2022-3cf0e7ebc7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/" }, { "name": "FEDORA-2022-f3a939e960", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/" }, { "name": "FEDORA-2022-5f1e2e9016", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/" }, { "name": "FEDORA-2022-49db80f821", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/" }, { "name": "FEDORA-2022-c43235716e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221118-0007/" }, { "name": "[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/28/5" }, { "name": "[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/01/03/5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-03T12:06:22.913559", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/libexpat/libexpat/pull/650" }, { "url": "https://github.com/libexpat/libexpat/issues/649" }, { "url": "https://github.com/libexpat/libexpat/pull/616" }, { "name": "[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html" }, { "name": "DSA-5266", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5266" }, { "name": "GLSA-202210-38", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-38" }, { "name": "FEDORA-2022-ae2559a8f4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/" }, { "name": "FEDORA-2022-3cf0e7ebc7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/" }, { "name": "FEDORA-2022-f3a939e960", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/" }, { "name": "FEDORA-2022-5f1e2e9016", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/" }, { "name": "FEDORA-2022-49db80f821", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/" }, { "name": "FEDORA-2022-c43235716e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/" }, { "url": "https://security.netapp.com/advisory/ntap-20221118-0007/" }, { "name": "[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/28/5" }, { "name": "[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: \"Use after free\" fixed in libexpat", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/01/03/5" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-43680", "datePublished": "2022-10-24T00:00:00", "dateReserved": "2022-10-24T00:00:00", "dateUpdated": "2024-08-03T13:40:06.144Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2057
Vulnerability from cvelistv5
Published
2022-06-30 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.313Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/346" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/427" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2057.json" }, { "name": "FEDORA-2022-edf7301147", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TSS7MJ7OO7JO5BNKCRYSFU7UAYOKLA2/" }, { "name": "FEDORA-2022-b9c2a3a2b7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXUMJXVEAYFWRO3U3YHKSULHIVDOLEQS/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220826-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Divide by zero in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/346" }, { "url": "https://gitlab.com/libtiff/libtiff/-/issues/427" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2057.json" }, { "name": "FEDORA-2022-edf7301147", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TSS7MJ7OO7JO5BNKCRYSFU7UAYOKLA2/" }, { "name": "FEDORA-2022-b9c2a3a2b7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXUMJXVEAYFWRO3U3YHKSULHIVDOLEQS/" }, { "url": "https://security.netapp.com/advisory/ntap-20220826-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-2057", "datePublished": "2022-06-30T00:00:00", "dateReserved": "2022-06-13T00:00:00", "dateUpdated": "2024-08-03T00:24:44.313Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24070
Vulnerability from cvelistv5
Published
2022-04-12 17:50
Modified
2024-08-03 03:59
Severity ?
EPSS score ?
Summary
Apache Subversion mod_dav_svn is vulnerable to memory corruption
References
▼ | URL | Tags |
---|---|---|
https://issues.apache.org/jira/browse/SVN-4880 | x_refsource_MISC | |
https://bz.apache.org/bugzilla/show_bug.cgi?id=65861 | x_refsource_MISC | |
https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife | x_refsource_MISC | |
https://www.debian.org/security/2022/dsa-5119 | vendor-advisory, x_refsource_DEBIAN | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/ | vendor-advisory, x_refsource_FEDORA | |
https://support.apple.com/kb/HT213345 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jul/18 | mailing-list, x_refsource_FULLDISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Subversion |
Version: 1.10.0 to 1.14.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:59:23.785Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://issues.apache.org/jira/browse/SVN-4880" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=65861" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife" }, { "name": "DSA-5119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5119" }, { "name": "FEDORA-2022-13cc09ecf2", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/" }, { "name": "FEDORA-2022-2af658b090", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213345" }, { "name": "20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/18" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache Subversion", "vendor": "Apache Software Foundation", "versions": [ { "status": "affected", "version": "1.10.0 to 1.14.1" } ] } ], "credits": [ { "lang": "en", "value": "Apache Subversion would like to thank Thomas Wei\u00dfschuh, cis-solutions.eu." } ], "descriptions": [ { "lang": "en", "value": "Subversion\u0027s mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-22T05:06:35", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://issues.apache.org/jira/browse/SVN-4880" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=65861" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife" }, { "name": "DSA-5119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5119" }, { "name": "FEDORA-2022-13cc09ecf2", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/" }, { "name": "FEDORA-2022-2af658b090", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213345" }, { "name": "20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/18" } ], "source": { "discovery": "UNKNOWN" }, "title": "Apache Subversion mod_dav_svn is vulnerable to memory corruption", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2022-24070", "STATE": "PUBLIC", "TITLE": "Apache Subversion mod_dav_svn is vulnerable to memory corruption" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache Subversion", "version": { "version_data": [ { "version_value": "1.10.0 to 1.14.1" } ] } } ] }, "vendor_name": "Apache Software Foundation" } ] } }, "credit": [ { "lang": "eng", "value": "Apache Subversion would like to thank Thomas Wei\u00dfschuh, cis-solutions.eu." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Subversion\u0027s mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": [ {} ], "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-416 Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://issues.apache.org/jira/browse/SVN-4880", "refsource": "MISC", "url": "https://issues.apache.org/jira/browse/SVN-4880" }, { "name": "https://bz.apache.org/bugzilla/show_bug.cgi?id=65861", "refsource": "MISC", "url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=65861" }, { "name": "https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife", "refsource": "MISC", "url": "https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife" }, { "name": "DSA-5119", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5119" }, { "name": "FEDORA-2022-13cc09ecf2", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/" }, { "name": "FEDORA-2022-2af658b090", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/" }, { "name": "https://support.apple.com/kb/HT213345", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213345" }, { "name": "20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/18" } ] }, "source": { "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2022-24070", "datePublished": "2022-04-12T17:50:14", "dateReserved": "2022-01-27T00:00:00", "dateUpdated": "2024-08-03T03:59:23.785Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1920
Vulnerability from cvelistv5
Published
2022-07-19 19:08
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5204 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.985Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "GStreamer", "vendor": "n/a", "versions": [ { "status": "affected", "version": "1.20.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T02:07:53", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-1920", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "GStreamer", "version": { "version_data": [ { "version_value": "1.20.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122" } ] } ] }, "references": { "reference_data": [ { "name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226", "refsource": "MISC", "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5204" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1920", "datePublished": "2022-07-19T19:08:30", "dateReserved": "2022-05-27T00:00:00", "dateUpdated": "2024-08-03T00:17:00.985Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37436
Vulnerability from cvelistv5
Published
2023-01-17 19:12
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting
References
▼ | URL | Tags |
---|---|---|
https://httpd.apache.org/security/vulnerabilities_24.html | vendor-advisory | |
https://security.gentoo.org/glsa/202309-01 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:20.979Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThan": "2.4.55", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Dimas Fariski Setyawan Putra (@nyxsorcerer)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client." } ], "value": "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client." } ], "metrics": [ { "other": { "content": { "text": "moderate" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-113", "description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-17T19:12:59.968Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "url": "https://security.gentoo.org/glsa/202309-01" } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2022-07-14T06:22:00.000Z", "value": "Reported to security team" } ], "title": "Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2022-37436", "datePublished": "2023-01-17T19:12:59.968Z", "dateReserved": "2022-08-05T12:37:59.731Z", "dateUpdated": "2024-08-03T10:29:20.979Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2122
Vulnerability from cvelistv5
Published
2022-07-19 19:10
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5204 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.188Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "GStreamer", "vendor": "n/a", "versions": [ { "status": "affected", "version": "1.20.3" } ] } ], "descriptions": [ { "lang": "en", "value": "DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T02:06:59", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-2122", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "GStreamer", "version": { "version_data": [ { "version_value": "1.20.3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122" } ] } ] }, "references": { "reference_data": [ { "name": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225", "refsource": "MISC", "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5204" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-2122", "datePublished": "2022-07-19T19:10:55", "dateReserved": "2022-06-17T00:00:00", "dateUpdated": "2024-08-03T00:24:44.188Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3599
Vulnerability from cvelistv5
Published
2022-10-21 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:02.344Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/398" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003c=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/398" }, { "url": "https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-3599", "datePublished": "2022-10-21T00:00:00", "dateReserved": "2022-10-19T00:00:00", "dateUpdated": "2024-08-03T01:14:02.344Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22844
Vulnerability from cvelistv5
Published
2022-01-08 00:00
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:28:42.461Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/355" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/287" }, { "name": "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220311-0002/" }, { "name": "DSA-5108", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-31T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/355" }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/287" }, { "name": "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220311-0002/" }, { "name": "DSA-5108", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5108" }, { "name": "GLSA-202210-10", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-10" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-22844", "datePublished": "2022-01-08T00:00:00", "dateReserved": "2022-01-08T00:00:00", "dateUpdated": "2024-08-03T03:28:42.461Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42574
Vulnerability from cvelistv5
Published
2021-11-01 00:00
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard and the Unicode Bidirectional Algorithm (all versions). Due to text display behavior when text includes left-to-right and right-to-left characters, the visual order of tokens may be different from their logical order. Additionally, control characters needed to fully support the requirements of bidirectional text can further obfuscate the logical order of tokens. Unless mitigated, an adversary could craft source code such that the ordering of tokens perceived by human reviewers does not match what will be processed by a compiler/interpreter/etc. The Unicode Consortium has documented this class of vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms, and in Unicode Standard Annex #31, Unicode Identifier and Pattern Syntax. Also, the BIDI specification allows applications to tailor the implementation in ways that can mitigate misleading visual reordering in program text; see HL4 in Unicode Standard Annex #9, Unicode Bidirectional Algorithm.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-42574", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T15:16:49.504878Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T15:17:01.399Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T03:38:49.283Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://www.unicode.org/versions/Unicode14.0.0/" }, { "tags": [ "x_transferred" ], "url": "https://trojansource.codes" }, { "name": "[oss-security] 20211101 CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/1" }, { "name": "[oss-security] 20211101 Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/4" }, { "name": "[oss-security] 20211101 Trojan Source Attacks", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/6" }, { "name": "[oss-security] 20211102 Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/5" }, { "name": "[oss-security] 20211102 Re: Trojan Source Attacks", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/02/10" }, { "name": "FEDORA-2021-0578e23912", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/" }, { "name": "FEDORA-2021-7ad3a01f6a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/" }, { "name": "VU#999008", "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/999008" }, { "name": "FEDORA-2021-443139f67c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/" }, { "tags": [ "x_transferred" ], "url": "https://www.scyon.nl/post/trojans-in-your-source-code" }, { "tags": [ "x_transferred" ], "url": "https://www.unicode.org/reports/tr36/" }, { "tags": [ "x_transferred" ], "url": "https://www.unicode.org/reports/tr39/" }, { "tags": [ "x_transferred" ], "url": "https://www.unicode.org/reports/tr31/" }, { "tags": [ "x_transferred" ], "url": "https://www.unicode.org/reports/tr9/tr9-44.html#HL4" }, { "tags": [ "x_transferred" ], "url": "https://www.starwindsoftware.com/security/sw-20220804-0002/" }, { "name": "GLSA-202210-09", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard and the Unicode Bidirectional Algorithm (all versions). Due to text display behavior when text includes left-to-right and right-to-left characters, the visual order of tokens may be different from their logical order. Additionally, control characters needed to fully support the requirements of bidirectional text can further obfuscate the logical order of tokens. Unless mitigated, an adversary could craft source code such that the ordering of tokens perceived by human reviewers does not match what will be processed by a compiler/interpreter/etc. The Unicode Consortium has documented this class of vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms, and in Unicode Standard Annex #31, Unicode Identifier and Pattern Syntax. Also, the BIDI specification allows applications to tailor the implementation in ways that can mitigate misleading visual reordering in program text; see HL4 in Unicode Standard Annex #9, Unicode Bidirectional Algorithm." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "http://www.unicode.org/versions/Unicode14.0.0/" }, { "url": "https://trojansource.codes" }, { "name": "[oss-security] 20211101 CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/1" }, { "name": "[oss-security] 20211101 Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/4" }, { "name": "[oss-security] 20211101 Trojan Source Attacks", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/6" }, { "name": "[oss-security] 20211102 Re: CVE-2021-42574: rustc 1.56.0 and bidirectional-override codepoints in source code", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/01/5" }, { "name": "[oss-security] 20211102 Re: Trojan Source Attacks", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/11/02/10" }, { "name": "FEDORA-2021-0578e23912", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/" }, { "name": "FEDORA-2021-7ad3a01f6a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/" }, { "name": "VU#999008", "tags": [ "third-party-advisory" ], "url": "https://www.kb.cert.org/vuls/id/999008" }, { "name": "FEDORA-2021-443139f67c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/" }, { "url": "https://www.scyon.nl/post/trojans-in-your-source-code" }, { "url": "https://www.unicode.org/reports/tr36/" }, { "url": "https://www.unicode.org/reports/tr39/" }, { "url": "https://www.unicode.org/reports/tr31/" }, { "url": "https://www.unicode.org/reports/tr9/tr9-44.html#HL4" }, { "url": "https://www.starwindsoftware.com/security/sw-20220804-0002/" }, { "name": "GLSA-202210-09", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-09" } ], "tags": [ "disputed" ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-42574", "datePublished": "2021-11-01T00:00:00", "dateReserved": "2021-10-18T00:00:00", "dateUpdated": "2024-08-04T03:38:49.283Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45410
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
When a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.033Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1658869" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When a ServiceWorker intercepted a request with \u003ccode\u003eFetchEvent\u003c/code\u003e, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "ServiceWorker-intercepted requests bypassed SameSite cookie policy", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1658869" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45410", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.033Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42932
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 106 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:19:05.524Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4", "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789729%2C1791363%2C1792041" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "106", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Mozilla developers and community" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4." } ], "value": "Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:37:26.597Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "name": "Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4", "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789729%2C1791363%2C1792041" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-42932", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-10-14T00:00:00", "dateUpdated": "2024-08-03T13:19:05.524Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46880
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:39
Severity ?
EPSS score ?
Summary
A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.6 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:39:38.591Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1749292" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-13" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "105", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.\u003cbr /\u003e*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR \u003c 102.6, Firefox \u003c 105, and Thunderbird \u003c 102.6." } ], "problemTypes": [ { "descriptions": [ { "description": "Use-after-free in WebGL", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1749292" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-13" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-46880", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-12-09T00:00:00", "dateUpdated": "2024-08-03T14:39:38.591Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40674
Vulnerability from cvelistv5
Published
2022-09-14 00:00
Modified
2024-08-03 12:21
Severity ?
EPSS score ?
Summary
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:21:46.545Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/629" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libexpat/libexpat/pull/640" }, { "name": "DSA-5236", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5236" }, { "name": "[debian-lts-announce] 20220925 [SECURITY] [DLA 3119-1] expat security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html" }, { "name": "GLSA-202209-24", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202209-24" }, { "name": "FEDORA-2022-15ec504440", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/" }, { "name": "FEDORA-2022-c68d90efc3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221028-0008/" }, { "name": "FEDORA-2022-d93b3bd8b9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/" }, { "name": "FEDORA-2022-c22feb71ba", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/" }, { "name": "FEDORA-2022-dcb1d7bcb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/" }, { "name": "GLSA-202211-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202211-06" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-22T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/libexpat/libexpat/pull/629" }, { "url": "https://github.com/libexpat/libexpat/pull/640" }, { "name": "DSA-5236", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5236" }, { "name": "[debian-lts-announce] 20220925 [SECURITY] [DLA 3119-1] expat security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html" }, { "name": "GLSA-202209-24", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202209-24" }, { "name": "FEDORA-2022-15ec504440", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/" }, { "name": "FEDORA-2022-c68d90efc3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/" }, { "url": "https://security.netapp.com/advisory/ntap-20221028-0008/" }, { "name": "FEDORA-2022-d93b3bd8b9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/" }, { "name": "FEDORA-2022-c22feb71ba", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/" }, { "name": "FEDORA-2022-dcb1d7bcb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/" }, { "name": "GLSA-202211-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202211-06" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-40674", "datePublished": "2022-09-14T00:00:00", "dateReserved": "2022-09-14T00:00:00", "dateUpdated": "2024-08-03T12:21:46.545Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3155
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird < 102.3.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Mozilla | Thunderbird |
Version: unspecified < 102.3 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.866Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789061" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird \u003c 102.3." } ], "problemTypes": [ { "descriptions": [ { "description": "Attachment files saved to disk on macOS could be executed without warning", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789061" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-3155", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-09-07T00:00:00", "dateUpdated": "2024-08-03T01:00:10.866Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2125
Vulnerability from cvelistv5
Published
2022-06-19 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.280Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705" }, { "url": "https://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "17dab24d-beec-464d-9a72-5b6b11283705", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2125", "datePublished": "2022-06-19T00:00:00", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-03T00:24:44.280Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2015-20107
Vulnerability from cvelistv5
Published
2022-04-13 00:00
Modified
2024-08-06 08:58
Severity ?
EPSS score ?
Summary
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:58:26.556Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.python.org/issue24778" }, { "tags": [ "x_transferred" ], "url": "https://github.com/python/cpython/issues/68966" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220616-0001/" }, { "name": "FEDORA-2022-5ad25e3d3c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCIO2W4DUVVMI6L52QCC4TT2B3K5VWHS/" }, { "name": "FEDORA-2022-cece1d07d9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERYMM2QVDPOJLX4LYXWYIQN5FOIJLDRY/" }, { "name": "FEDORA-2022-2e1d1205cf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FIRUTX47BJD2HYJDLMI7JJBVCYFAPKAQ/" }, { "name": "FEDORA-2022-4b0dfda810", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46KWPTI72SSEOF53DOYQBQOCN4QQB2GE/" }, { "name": "FEDORA-2022-1358cedf2d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONXSGLASNLGFL57YU6WT6Y5YURSFV43U/" }, { "name": "FEDORA-2022-0be85556b4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYG3EMFR7ZHC46TDNM7SNWO64A3W7EUF/" }, { "name": "FEDORA-2022-a8e50dc83e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4E2WBEJ42CGLGDHD6ZXOLZ2W6G3YOVD/" }, { "name": "FEDORA-2022-4c788bdc40", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO2H6CKWLRGTTZCGUQVELW6LUH437Q3O/" }, { "name": "FEDORA-2022-9da5703d22", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5664BGZVTA46LQDNTYX5THG6CN4FYJX/" }, { "name": "FEDORA-2022-4a69d20cf4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UIOJUZ5JMEMGSKNISTOVI4PDP36FDL5Y/" }, { "name": "FEDORA-2022-5ea8aa7518", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAY6VBNVEFUXKJF37WFHYXUSRDEK34N3/" }, { "name": "FEDORA-2022-ec74ac4079", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3LNY2NHM6J22O6Q5ANOE3SZRK3OACKR/" }, { "name": "FEDORA-2022-17a1bb7e78", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPCLGZZJPVXFWUWVV5WCD5FNUAFLKBDN/" }, { "name": "FEDORA-2022-dbe9a8f9ac", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DBVY4YC2P6EPZZ2DROOXHDOWZ4BJFLW/" }, { "name": "FEDORA-2022-9dd70781cb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HAI2GBC7WKH7J5NH6J2IW5RT3VF2SF5M/" }, { "name": "FEDORA-2022-20e87fb0d1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIKVSW3H6W2GQGDE5DTIWLGFNH6KKEW/" }, { "name": "FEDORA-2022-9cd41b6709", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AKGMYDVKI3XNM27B6I6RQ6QV3TVJAUCG/" }, { "name": "FEDORA-2022-d157a91e10", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57NECACX333A3BBZM2TR2VZ4ZE3UG3SN/" }, { "name": "FEDORA-2022-ce55d01569", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTTZGLD2YBMMG6U6F5HOTPOGGPBIURMA/" }, { "name": "FEDORA-2022-b499f2a9c6", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/53TQZFLS6O3FLIMVSXFEEPZSWLDZLBOX/" }, { "name": "FEDORA-2022-d1682fef04", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/" }, { "name": "FEDORA-2022-79843dfb3c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/" }, { "tags": [ "x_transferred" ], "url": "https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html" }, { "name": "GLSA-202305-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-02" }, { "name": "[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html" }, { "name": "[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-30T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://bugs.python.org/issue24778" }, { "url": "https://github.com/python/cpython/issues/68966" }, { "url": "https://security.netapp.com/advisory/ntap-20220616-0001/" }, { "name": "FEDORA-2022-5ad25e3d3c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCIO2W4DUVVMI6L52QCC4TT2B3K5VWHS/" }, { "name": "FEDORA-2022-cece1d07d9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERYMM2QVDPOJLX4LYXWYIQN5FOIJLDRY/" }, { "name": "FEDORA-2022-2e1d1205cf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FIRUTX47BJD2HYJDLMI7JJBVCYFAPKAQ/" }, { "name": "FEDORA-2022-4b0dfda810", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46KWPTI72SSEOF53DOYQBQOCN4QQB2GE/" }, { "name": "FEDORA-2022-1358cedf2d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONXSGLASNLGFL57YU6WT6Y5YURSFV43U/" }, { "name": "FEDORA-2022-0be85556b4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYG3EMFR7ZHC46TDNM7SNWO64A3W7EUF/" }, { "name": "FEDORA-2022-a8e50dc83e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4E2WBEJ42CGLGDHD6ZXOLZ2W6G3YOVD/" }, { "name": "FEDORA-2022-4c788bdc40", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO2H6CKWLRGTTZCGUQVELW6LUH437Q3O/" }, { "name": "FEDORA-2022-9da5703d22", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5664BGZVTA46LQDNTYX5THG6CN4FYJX/" }, { "name": "FEDORA-2022-4a69d20cf4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UIOJUZ5JMEMGSKNISTOVI4PDP36FDL5Y/" }, { "name": "FEDORA-2022-5ea8aa7518", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAY6VBNVEFUXKJF37WFHYXUSRDEK34N3/" }, { "name": "FEDORA-2022-ec74ac4079", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3LNY2NHM6J22O6Q5ANOE3SZRK3OACKR/" }, { "name": "FEDORA-2022-17a1bb7e78", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPCLGZZJPVXFWUWVV5WCD5FNUAFLKBDN/" }, { "name": "FEDORA-2022-dbe9a8f9ac", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DBVY4YC2P6EPZZ2DROOXHDOWZ4BJFLW/" }, { "name": "FEDORA-2022-9dd70781cb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HAI2GBC7WKH7J5NH6J2IW5RT3VF2SF5M/" }, { "name": "FEDORA-2022-20e87fb0d1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIKVSW3H6W2GQGDE5DTIWLGFNH6KKEW/" }, { "name": "FEDORA-2022-9cd41b6709", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AKGMYDVKI3XNM27B6I6RQ6QV3TVJAUCG/" }, { "name": "FEDORA-2022-d157a91e10", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57NECACX333A3BBZM2TR2VZ4ZE3UG3SN/" }, { "name": "FEDORA-2022-ce55d01569", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTTZGLD2YBMMG6U6F5HOTPOGGPBIURMA/" }, { "name": "FEDORA-2022-b499f2a9c6", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/53TQZFLS6O3FLIMVSXFEEPZSWLDZLBOX/" }, { "name": "FEDORA-2022-d1682fef04", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/" }, { "name": "FEDORA-2022-79843dfb3c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/" }, { "url": "https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html" }, { "name": "GLSA-202305-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-02" }, { "name": "[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html" }, { "name": "[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-20107", "datePublished": "2022-04-13T00:00:00", "dateReserved": "2022-04-13T00:00:00", "dateUpdated": "2024-08-06T08:58:26.556Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2058
Vulnerability from cvelistv5
Published
2022-06-30 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.171Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/428" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/346" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2058.json" }, { "name": "FEDORA-2022-edf7301147", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TSS7MJ7OO7JO5BNKCRYSFU7UAYOKLA2/" }, { "name": "FEDORA-2022-b9c2a3a2b7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXUMJXVEAYFWRO3U3YHKSULHIVDOLEQS/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220826-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Divide by zero in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/428" }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/346" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2058.json" }, { "name": "FEDORA-2022-edf7301147", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TSS7MJ7OO7JO5BNKCRYSFU7UAYOKLA2/" }, { "name": "FEDORA-2022-b9c2a3a2b7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OXUMJXVEAYFWRO3U3YHKSULHIVDOLEQS/" }, { "url": "https://security.netapp.com/advisory/ntap-20220826-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-2058", "datePublished": "2022-06-30T00:00:00", "dateReserved": "2022-06-13T00:00:00", "dateUpdated": "2024-08-03T00:24:44.171Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23901
Vulnerability from cvelistv5
Published
2022-03-29 11:12
Modified
2024-08-03 03:59
Severity ?
EPSS score ?
Summary
A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc.
References
▼ | URL | Tags |
---|---|---|
https://github.com/skvadrik/re2c/issues/394 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:59:22.904Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/skvadrik/re2c/issues/394" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-29T11:12:40", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/skvadrik/re2c/issues/394" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-23901", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/skvadrik/re2c/issues/394", "refsource": "MISC", "url": "https://github.com/skvadrik/re2c/issues/394" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-23901", "datePublished": "2022-03-29T11:12:41", "dateReserved": "2022-01-24T00:00:00", "dateUpdated": "2024-08-03T03:59:22.904Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40962
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 12:28
Severity ?
EPSS score ?
Summary
Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.3 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:28:42.984Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1776655%2C1777574%2C1784835%2C1785109%2C1786502%2C1789440" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "105", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1776655%2C1777574%2C1784835%2C1785109%2C1786502%2C1789440" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-40962", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:28:42.984Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45407
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
If an attacker loaded a font using <code>FontFace()</code> on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.038Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1793314" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "If an attacker loaded a font using \u003ccode\u003eFontFace()\u003c/code\u003e on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Loading fonts on workers was not thread-safe", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1793314" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45407", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.038Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45412
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>*This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.043Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791029" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When resolving a symlink such as \u003ccode\u003efile:///proc/self/fd/1\u003c/code\u003e, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. \u003cbr\u003e*This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Symlinks may resolve to partially uninitialized buffers", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1791029" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45412", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.043Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-28544
Vulnerability from cvelistv5
Published
2022-04-12 17:50
Modified
2024-08-03 21:47
Severity ?
EPSS score ?
Summary
Apache Subversion SVN authz protected copyfrom paths regression
References
▼ | URL | Tags |
---|---|---|
https://subversion.apache.org/security/CVE-2021-28544-advisory.txt | x_refsource_MISC | |
https://www.debian.org/security/2022/dsa-5119 | vendor-advisory, x_refsource_DEBIAN | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/ | vendor-advisory, x_refsource_FEDORA | |
https://support.apple.com/kb/HT213345 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jul/18 | mailing-list, x_refsource_FULLDISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Subversion |
Version: 1.10.0 to 1.14.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T21:47:32.637Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://subversion.apache.org/security/CVE-2021-28544-advisory.txt" }, { "name": "DSA-5119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5119" }, { "name": "FEDORA-2022-13cc09ecf2", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/" }, { "name": "FEDORA-2022-2af658b090", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213345" }, { "name": "20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/18" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache Subversion", "vendor": "Apache Software Foundation", "versions": [ { "status": "affected", "version": "1.10.0 to 1.14.1" } ] } ], "credits": [ { "lang": "en", "value": "Apache Subversion would like to thank Evgeny Kotkov, visualsvn.com." } ], "descriptions": [ { "lang": "en", "value": "Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal \u0027copyfrom\u0027 paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the \u0027copyfrom\u0027 path of the original. This also reveals the fact that the node was copied. Only the \u0027copyfrom\u0027 path is revealed; not its contents. Both httpd and svnserve servers are vulnerable." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-20T13:11:27.211Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://subversion.apache.org/security/CVE-2021-28544-advisory.txt" }, { "name": "DSA-5119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5119" }, { "name": "FEDORA-2022-13cc09ecf2", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/" }, { "name": "FEDORA-2022-2af658b090", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213345" }, { "name": "20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/18" } ], "source": { "discovery": "UNKNOWN" }, "title": "Apache Subversion SVN authz protected copyfrom paths regression", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2021-28544", "STATE": "PUBLIC", "TITLE": "Apache Subversion SVN authz protected copyfrom paths regression" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache Subversion", "version": { "version_data": [ { "version_value": "1.10.0 to 1.14.1" } ] } } ] }, "vendor_name": "Apache Software Foundation" } ] } }, "credit": [ { "lang": "eng", "value": "Apache Subversion would like to thank Evgeny Kotkov, visualsvn.com." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal \u0027copyfrom\u0027 paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the \u0027copyfrom\u0027 path of the original. This also reveals the fact that the node was copied. Only the \u0027copyfrom\u0027 path is revealed; not its contents. Both httpd and svnserve servers are vulnerable." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": [ {} ], "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor" } ] } ] }, "references": { "reference_data": [ { "name": "https://subversion.apache.org/security/CVE-2021-28544-advisory.txt", "refsource": "MISC", "url": "https://subversion.apache.org/security/CVE-2021-28544-advisory.txt" }, { "name": "DSA-5119", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5119" }, { "name": "FEDORA-2022-13cc09ecf2", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/" }, { "name": "FEDORA-2022-2af658b090", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/" }, { "name": "https://support.apple.com/kb/HT213345", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213345" }, { "name": "20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/18" } ] }, "source": { "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2021-28544", "datePublished": "2022-04-12T17:50:13", "dateReserved": "2021-03-16T00:00:00", "dateUpdated": "2024-08-03T21:47:32.637Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-37750
Vulnerability from cvelistv5
Published
2021-08-23 00:00
Modified
2024-08-04 01:30
Severity ?
EPSS score ?
Summary
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:30:08.497Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://web.mit.edu/kerberos/advisories/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/krb5/krb5/releases" }, { "name": "FEDORA-2021-f2c8514f02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210923-0002/" }, { "tags": [ "x_transferred" ], "url": "https://www.starwindsoftware.com/security/sw-20220817-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-11T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://web.mit.edu/kerberos/advisories/" }, { "url": "https://github.com/krb5/krb5/releases" }, { "name": "FEDORA-2021-f2c8514f02", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/" }, { "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2771-1] krb5 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49" }, { "url": "https://security.netapp.com/advisory/ntap-20210923-0002/" }, { "url": "https://www.starwindsoftware.com/security/sw-20220817-0004/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-37750", "datePublished": "2021-08-23T00:00:00", "dateReserved": "2021-07-30T00:00:00", "dateUpdated": "2024-08-04T01:30:08.497Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-31628
Vulnerability from cvelistv5
Published
2022-09-28 22:25
Modified
2024-09-16 23:36
Severity ?
EPSS score ?
Summary
phar wrapper can occur dos when using quine gzip file
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:25:59.512Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugs.php.net/bug.php?id=81726" }, { "name": "FEDORA-2022-0b77fbd9e7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/" }, { "name": "FEDORA-2022-afdea1c747", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/" }, { "name": "FEDORA-2022-f204e1d0ed", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/" }, { "name": "DSA-5277", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5277" }, { "name": "GLSA-202211-03", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202211-03" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221209-0001/" }, { "name": "[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "PHP", "vendor": "PHP Group", "versions": [ { "lessThan": "7.4.31", "status": "affected", "version": "7.4.X", "versionType": "custom" }, { "lessThan": "8.0.24", "status": "affected", "version": "8.0.X", "versionType": "custom" }, { "lessThan": "8.1.11", "status": "affected", "version": "8.1.X", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "reported by ohseungju5 at gmail dot com" } ], "datePublic": "2022-09-27T00:00:00", "descriptions": [ { "lang": "en", "value": "In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress \"quines\" gzip files, resulting in an infinite loop." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-15T00:00:00", "orgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "shortName": "php" }, "references": [ { "url": "https://bugs.php.net/bug.php?id=81726" }, { "name": "FEDORA-2022-0b77fbd9e7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/" }, { "name": "FEDORA-2022-afdea1c747", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/" }, { "name": "FEDORA-2022-f204e1d0ed", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/" }, { "name": "DSA-5277", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5277" }, { "name": "GLSA-202211-03", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202211-03" }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0001/" }, { "name": "[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html" } ], "solutions": [ { "lang": "en", "value": "Upgrade to PHP 7.4.31, 8.0.24, or 8.1.11." } ], "source": { "advisory": "https://bugs.php.net/bug.php?id=81726", "defect": [ "81726" ], "discovery": "EXTERNAL" }, "title": "phar wrapper can occur dos when using quine gzip file", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "dd77f84a-d19a-4638-8c3d-a322d820ed2b", "assignerShortName": "php", "cveId": "CVE-2022-31628", "datePublished": "2022-09-28T22:25:09.309824Z", "dateReserved": "2022-05-25T00:00:00", "dateUpdated": "2024-09-16T23:36:22.115Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2183
Vulnerability from cvelistv5
Published
2022-06-23 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.693Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d74ca3f9-380d-4c0a-b61c-11113cc98975" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8eba2bd291b347e3008aa9e565652d51ad638cfa" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d74ca3f9-380d-4c0a-b61c-11113cc98975" }, { "url": "https://github.com/vim/vim/commit/8eba2bd291b347e3008aa9e565652d51ad638cfa" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "d74ca3f9-380d-4c0a-b61c-11113cc98975", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2183", "datePublished": "2022-06-23T00:00:00", "dateReserved": "2022-06-22T00:00:00", "dateUpdated": "2024-08-03T00:32:08.693Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2869
Vulnerability from cvelistv5
Published
2022-08-17 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.054Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118869" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "n/a", "versions": [ { "status": "affected", "version": "libtiff 4.4.0rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "libtiff\u0027s tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191-\u003e(CWE-125|CWE-787)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118869" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-2869", "datePublished": "2022-08-17T00:00:00", "dateReserved": "2022-08-17T00:00:00", "dateUpdated": "2024-08-03T00:52:59.054Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3602
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
X.509 Email Address 4-byte Buffer Overflow
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:02.712Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20221101.txt" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3" }, { "name": "[oss-security] 20221101 OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/15" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/16" }, { "name": "20221028 Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/21" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/19" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/18" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/20" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/24" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/17" }, { "name": "GLSA-202211-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202211-01" }, { "tags": [ "x_transferred" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023" }, { "name": "VU#794340", "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/794340" }, { "name": "FEDORA-2022-0f1d2e0537", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/" }, { "name": "FEDORA-2022-502f096dce", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/2" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/6" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/5" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/1" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/3" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/7" }, { "name": "[oss-security] 20221102 Re: Fwd: Node.js security updates for all active release lines, November 2022", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/10" }, { "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/9" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html" }, { "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/12" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/11" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/15" }, { "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/14" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/13" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221102-0001/" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/1" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/2" }, { "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/3" }, { "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/5" }, { "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/7" }, { "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/6" }, { "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/9" }, { "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/10" }, { "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "status": "affected", "version": "Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)" } ] } ], "credits": [ { "lang": "en", "value": "Polar Bear" } ], "datePublic": "2022-11-01T00:00:00", "descriptions": [ { "lang": "en", "value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)." } ], "metrics": [ { "other": { "content": { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#HIGH", "value": "HIGH" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer overflow", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-03T00:00:00", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "url": "https://www.openssl.org/news/secadv/20221101.txt" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3" }, { "name": "[oss-security] 20221101 OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/15" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/16" }, { "name": "20221028 Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022", "tags": [ "vendor-advisory" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/21" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/19" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/18" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/20" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/24" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/01/17" }, { "name": "GLSA-202211-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202211-01" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023" }, { "name": "VU#794340", "tags": [ "third-party-advisory" ], "url": "https://www.kb.cert.org/vuls/id/794340" }, { "name": "FEDORA-2022-0f1d2e0537", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/" }, { "name": "FEDORA-2022-502f096dce", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/2" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/6" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/5" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/1" }, { "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/3" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/7" }, { "name": "[oss-security] 20221102 Re: Fwd: Node.js security updates for all active release lines, November 2022", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/10" }, { "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/9" }, { "url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html" }, { "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/12" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/11" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/15" }, { "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/14" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/02/13" }, { "url": "https://security.netapp.com/advisory/ntap-20221102-0001/" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/1" }, { "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/2" }, { "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/3" }, { "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/5" }, { "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/7" }, { "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/6" }, { "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/9" }, { "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/10" }, { "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/03/11" } ], "title": "X.509 Email Address 4-byte Buffer Overflow" } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2022-3602", "datePublished": "2022-11-01T00:00:00", "dateReserved": "2022-10-19T00:00:00", "dateUpdated": "2024-08-03T01:14:02.712Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2006-20001
Vulnerability from cvelistv5
Published
2023-01-17 19:07
Modified
2024-08-07 20:57
Severity ?
EPSS score ?
Summary
Apache HTTP Server: mod_dav out of bounds read, or write of zero byte
References
▼ | URL | Tags |
---|---|---|
https://httpd.apache.org/security/vulnerabilities_24.html | vendor-advisory | |
https://security.gentoo.org/glsa/202309-01 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 2.4 ≤ 2.4.54 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:57:41.059Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20230316-0005/" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2006-20001", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-01T15:32:06.669346Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-01T15:32:39.476Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.54", "status": "affected", "version": "2.4", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\u003cbr\u003e\u003cbr\u003eThis issue affects Apache HTTP Server 2.4.54 and earlier.\u003cbr\u003e" } ], "value": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.\n" } ], "metrics": [ { "other": { "content": { "text": "moderate" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-17T19:07:27.136Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "url": "https://security.gentoo.org/glsa/202309-01" } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2006-10-31T09:00:00.000Z", "value": "Described in first edition of \"The Art of Software Security Assessment\"" }, { "lang": "en", "time": "2022-08-10T12:00:00.000Z", "value": "Reported to security team" } ], "title": "Apache HTTP Server: mod_dav out of bounds read, or write of zero byte", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2006-20001", "datePublished": "2023-01-17T19:07:27.136Z", "dateReserved": "2022-09-01T14:24:05.065Z", "dateUpdated": "2024-08-07T20:57:41.059Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3032
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-11-19 20:05
Severity ?
EPSS score ?
Summary
When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Mozilla | Thunderbird |
Version: unspecified < 102.2.1 Version: unspecified < 91.13.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.746Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-38/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-39/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783831" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-3032", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-09T19:56:21.830155Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T20:05:21.268Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.2.1", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "91.13.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "When receiving an HTML email that contained an \u003ccode\u003eiframe\u003c/code\u003e element, which used a \u003ccode\u003esrcdoc\u003c/code\u003e attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird \u003c 102.2.1 and Thunderbird \u003c 91.13.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote content specified in an HTML document that was nested inside an iframe\u0027s srcdoc attribute was not blocked", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-38/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-39/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783831" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-3032", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-08-29T00:00:00", "dateUpdated": "2024-11-19T20:05:21.268Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45409
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.042Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1796901" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "The garbage collector could have been aborted in several states and zones and \u003ccode\u003eGCRuntime::finishCollection\u003c/code\u003e may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Use-after-free in Garbage Collection", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1796901" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45409", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.042Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1921
Vulnerability from cvelistv5
Published
2022-07-19 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "GStreamer", "vendor": "n/a", "versions": [ { "status": "affected", "version": "1.20.3" } ] } ], "descriptions": [ { "lang": "en", "value": "Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-07T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224" }, { "name": "[debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00001.html" }, { "name": "DSA-5204", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5204" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1921", "datePublished": "2022-07-19T00:00:00", "dateReserved": "2022-05-27T00:00:00", "dateUpdated": "2024-08-03T00:17:00.938Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2868
Vulnerability from cvelistv5
Published
2022-08-17 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118863" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "n/a", "versions": [ { "status": "affected", "version": "libtiff 4.4.0rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "libtiff\u0027s tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20-\u003eCWE-125", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118863" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-2868", "datePublished": "2022-08-17T00:00:00", "dateReserved": "2022-08-16T00:00:00", "dateUpdated": "2024-08-03T00:52:59.323Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-29187
Vulnerability from cvelistv5
Published
2022-07-12 00:00
Modified
2024-08-03 06:17
Severity ?
EPSS score ?
Summary
Bypass of safe.directory protections in Git
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:17:54.233Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/git/git/security/advisories/GHSA-j342-m5hw-rr3v" }, { "tags": [ "x_transferred" ], "url": "https://github.blog/2022-04-12-git-security-vulnerability-announced" }, { "tags": [ "x_transferred" ], "url": "https://lore.kernel.org/git/xmqqv8s2fefi.fsf%40gitster.g/T/#u" }, { "name": "[oss-security] 20220713 Git v2.37.1 and friends for CVE-2022-29187", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/14/1" }, { "name": "FEDORA-2022-dfd7e7fc0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/" }, { "name": "FEDORA-2022-2a5de7cb8b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213496" }, { "name": "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Nov/1" }, { "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html" }, { "name": "FEDORA-2023-470c7ea49e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/" }, { "name": "FEDORA-2023-e3c8abd37e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/" }, { "name": "FEDORA-2023-1068309389", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/" }, { "name": "FEDORA-2023-3ec32f6d4e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/" }, { "name": "GLSA-202312-15", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202312-15" }, { "name": "GLSA-202401-17", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-17" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "git", "vendor": "git", "versions": [ { "status": "affected", "version": "\u003e= 2.30.3, \u003c 2.30.5" }, { "status": "affected", "version": "\u003e= 2.31.2, \u003c 2.31.4" }, { "status": "affected", "version": "\u003e= 2.32.1, \u003c 2.32.3" }, { "status": "affected", "version": "\u003e= 2.33.2, \u003c 2.33.4" }, { "status": "affected", "version": "\u003e= 2.34.2, \u003c 2.34.4" }, { "status": "affected", "version": "\u003e= 2.35.2, \u003c 2.35.4" }, { "status": "affected", "version": "\u003e= 2.36, \u003c 2.36.2" }, { "status": "affected", "version": "\u003e= 2.37, \u003c 2.37.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-282", "description": "CWE-282: Improper Ownership Management", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-427", "description": "CWE-427: Uncontrolled Search Path Element", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-14T10:06:22.426428", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/git/git/security/advisories/GHSA-j342-m5hw-rr3v" }, { "url": "https://github.blog/2022-04-12-git-security-vulnerability-announced" }, { "url": "https://lore.kernel.org/git/xmqqv8s2fefi.fsf%40gitster.g/T/#u" }, { "name": "[oss-security] 20220713 Git v2.37.1 and friends for CVE-2022-29187", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/14/1" }, { "name": "FEDORA-2022-dfd7e7fc0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/" }, { "name": "FEDORA-2022-2a5de7cb8b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/" }, { "url": "https://support.apple.com/kb/HT213496" }, { "name": "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Nov/1" }, { "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html" }, { "name": "FEDORA-2023-470c7ea49e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/" }, { "name": "FEDORA-2023-e3c8abd37e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/" }, { "name": "FEDORA-2023-1068309389", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/" }, { "name": "FEDORA-2023-3ec32f6d4e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/" }, { "name": "GLSA-202312-15", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202312-15" }, { "name": "GLSA-202401-17", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202401-17" } ], "source": { "advisory": "GHSA-j342-m5hw-rr3v", "discovery": "UNKNOWN" }, "title": "Bypass of safe.directory protections in Git" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-29187", "datePublished": "2022-07-12T00:00:00", "dateReserved": "2022-04-13T00:00:00", "dateUpdated": "2024-08-03T06:17:54.233Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40960
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 12:28
Severity ?
EPSS score ?
Summary
Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.3 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:28:42.942Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1787633" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "105", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105." } ], "problemTypes": [ { "descriptions": [ { "description": "Data-race when parsing non-UTF-8 URLs in threads", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1787633" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-40960", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:28:42.942Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45421
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.067Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1767920%2C1789808%2C1794061" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Memory safety bugs fixed in Thunderbird 102.5", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1767920%2C1789808%2C1794061" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45421", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.067Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45063
Vulnerability from cvelistv5
Published
2022-11-10 00:00
Modified
2024-08-03 14:01
Severity ?
EPSS score ?
Summary
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2022-45063", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T14:34:56.736041Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T14:35:05.675Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-03T14:01:31.513Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://invisible-island.net/xterm/xterm.log.html" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/11/10/1" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=33546415" }, { "name": "[oss-security] 20221110 CVE-2022-45063: xterm \u003c375 code execution via font ops", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/1" }, { "name": "[oss-security] 20221110 Re: CVE-2022-45063: xterm \u003c375 code execution via font ops", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/5" }, { "name": "FEDORA-2022-681bbe67b6", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/" }, { "name": "GLSA-202211-09", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202211-09" }, { "name": "FEDORA-2022-8cf76a9ceb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/" }, { "name": "FEDORA-2022-af5f1eee2c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/" }, { "name": "[oss-security] 20240615 iTerm2 3.5.x title reporting bug", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/06/15/1" }, { "name": "[oss-security] 20240617 Re: iTerm2 3.5.x title reporting bug", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/06/17/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-17T15:05:58.315934", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://invisible-island.net/xterm/xterm.log.html" }, { "url": "https://www.openwall.com/lists/oss-security/2022/11/10/1" }, { "url": "https://news.ycombinator.com/item?id=33546415" }, { "name": "[oss-security] 20221110 CVE-2022-45063: xterm \u003c375 code execution via font ops", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/1" }, { "name": "[oss-security] 20221110 Re: CVE-2022-45063: xterm \u003c375 code execution via font ops", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/5" }, { "name": "FEDORA-2022-681bbe67b6", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/" }, { "name": "GLSA-202211-09", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202211-09" }, { "name": "FEDORA-2022-8cf76a9ceb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/" }, { "name": "FEDORA-2022-af5f1eee2c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/" }, { "name": "[oss-security] 20240615 iTerm2 3.5.x title reporting bug", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/06/15/1" }, { "name": "[oss-security] 20240617 Re: iTerm2 3.5.x title reporting bug", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/06/17/1" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-45063", "datePublished": "2022-11-10T00:00:00", "dateReserved": "2022-11-09T00:00:00", "dateUpdated": "2024-08-03T14:01:31.513Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45418
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:56.990Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1795815" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Custom mouse cursor could have been drawn over browser UI", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1795815" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45418", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:56.990Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-46823
Vulnerability from cvelistv5
Published
2022-06-18 15:27
Modified
2024-08-04 05:17
Severity ?
EPSS score ?
Summary
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
References
▼ | URL | Tags |
---|---|---|
https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm | x_refsource_MISC | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/221507 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:17:42.836Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221507" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-18T15:27:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm" }, { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221507" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-46823", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm", "refsource": "MISC", "url": "https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm" }, { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221507", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221507" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-46823", "datePublished": "2022-06-18T15:27:17", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-04T05:17:42.836Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3204
Vulnerability from cvelistv5
Published
2022-09-26 13:41
Modified
2024-09-17 03:19
Severity ?
EPSS score ?
Summary
NRDelegation Attack
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | NLnet Labs | Unbound |
Version: unspecified < |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.542Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt" }, { "name": "FEDORA-2022-1326d2815c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3G2HS6CYPSIGAKO6QLEZPG3RD6AMPB7B/" }, { "name": "FEDORA-2022-164cf7837e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35QGS5FBQTG3DBSK7QV67PA64P24ABHY/" }, { "name": "FEDORA-2022-204ee3da84", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4S4EU6DMJXQFMAIE6SLAH4H5RNRU6VQL/" }, { "name": "GLSA-202212-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202212-02" }, { "name": "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Unbound", "vendor": "NLnet Labs", "versions": [ { "lessThanOrEqual": "1.16.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "We would like to thank Yehuda Afek from Tel-Aviv University, Anat Bremler-Barr and Shani Stajnrod from Reichman University for discovering and disclosing the vulnerability." } ], "datePublic": "2022-09-21T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability named \u0027Non-Responsive Delegation Attack\u0027 (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies on those unresponsive nameservers. The attack can cause a resolver to spend a lot of time/resources resolving records under a malicious delegation point where a considerable number of unresponsive NS records reside. It can trigger high CPU usage in some resolver implementations that continually look in the cache for resolved NS records in that delegation. This can lead to degraded performance and eventually denial of service in orchestrated attacks. Unbound does not suffer from high CPU usage, but resources are still needed for resolving the malicious delegation. Unbound will keep trying to resolve the record until hard limits are reached. Based on the nature of the attack and the replies, different limits could be reached. From version 1.16.3 on, Unbound introduces fixes for better performance when under load, by cutting opportunistic queries for nameserver discovery and DNSKEY prefetching and limiting the number of times a delegation point can issue a cache lookup for missing records." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-29T00:00:00", "orgId": "206fc3a0-e175-490b-9eaa-a5738056c9f6", "shortName": "NLnet Labs" }, "references": [ { "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt" }, { "name": "FEDORA-2022-1326d2815c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3G2HS6CYPSIGAKO6QLEZPG3RD6AMPB7B/" }, { "name": "FEDORA-2022-164cf7837e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35QGS5FBQTG3DBSK7QV67PA64P24ABHY/" }, { "name": "FEDORA-2022-204ee3da84", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4S4EU6DMJXQFMAIE6SLAH4H5RNRU6VQL/" }, { "name": "GLSA-202212-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202212-02" }, { "name": "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html" } ], "title": "NRDelegation Attack" } }, "cveMetadata": { "assignerOrgId": "206fc3a0-e175-490b-9eaa-a5738056c9f6", "assignerShortName": "NLnet Labs", "cveId": "CVE-2022-3204", "datePublished": "2022-09-26T13:41:46.275188Z", "dateReserved": "2022-09-13T00:00:00", "dateUpdated": "2024-09-17T03:19:03.035Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45416
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:56.986Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1793676" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Keyboard events reference strings like \"KeyA\" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Keystroke Side-Channel Leakage", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1793676" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45416", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:56.986Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3570
Vulnerability from cvelistv5
Published
2022-10-21 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:02.491Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/381" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/386" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3570.json" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230203-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003e=3.9.0, \u003c=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "shahchintanh@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Heap-based buffer overflow in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-03T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/381" }, { "url": "https://gitlab.com/libtiff/libtiff/-/issues/386" }, { "url": "https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3570.json" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" }, { "url": "https://security.netapp.com/advisory/ntap-20230203-0002/" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-3570", "datePublished": "2022-10-21T00:00:00", "dateReserved": "2022-10-17T00:00:00", "dateUpdated": "2024-08-03T01:14:02.491Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41323
Vulnerability from cvelistv5
Published
2022-10-16 00:00
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:42:45.749Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/forum/#%21forum/django-announce" }, { "tags": [ "x_transferred" ], "url": "https://docs.djangoproject.com/en/4.0/releases/security/" }, { "tags": [ "x_transferred" ], "url": "https://www.djangoproject.com/weblog/2022/oct/04/security-releases/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/django/django/commit/5b6b257fa7ec37ff27965358800c67e2dd11c924" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221124-0001/" }, { "name": "FEDORA-2023-3d775d93be", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77/" }, { "name": "FEDORA-2023-bde7913e5a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B/" }, { "name": "FEDORA-2023-a74513bda8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP/" }, { "name": "FEDORA-2023-8fed428c5e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/" }, { "name": "FEDORA-2023-a53ab7c969", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-28T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/forum/#%21forum/django-announce" }, { "url": "https://docs.djangoproject.com/en/4.0/releases/security/" }, { "url": "https://www.djangoproject.com/weblog/2022/oct/04/security-releases/" }, { "url": "https://github.com/django/django/commit/5b6b257fa7ec37ff27965358800c67e2dd11c924" }, { "url": "https://security.netapp.com/advisory/ntap-20221124-0001/" }, { "name": "FEDORA-2023-3d775d93be", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77/" }, { "name": "FEDORA-2023-bde7913e5a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B/" }, { "name": "FEDORA-2023-a74513bda8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP/" }, { "name": "FEDORA-2023-8fed428c5e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/" }, { "name": "FEDORA-2023-a53ab7c969", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-41323", "datePublished": "2022-10-16T00:00:00", "dateReserved": "2022-09-23T00:00:00", "dateUpdated": "2024-08-03T12:42:45.749Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37454
Vulnerability from cvelistv5
Published
2022-10-21 00:00
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:21.027Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20230203-0001/" }, { "name": "https://csrc.nist.gov/projects/hash-functions/sha-3-project", "tags": [ "x_transferred" ], "url": "https://csrc.nist.gov/projects/hash-functions/sha-3-project" }, { "name": "https://mouha.be/sha-3-buffer-overflow/", "tags": [ "x_transferred" ], "url": "https://mouha.be/sha-3-buffer-overflow/" }, { "name": "https://news.ycombinator.com/item?id=33281106", "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=33281106" }, { "name": "https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658", "tags": [ "x_transferred" ], "url": "https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658" }, { "name": "https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html", "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html" }, { "name": "https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html", "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html" }, { "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/", "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/" }, { "name": "https://www.debian.org/security/2022/dsa-5267", "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5267" }, { "name": "https://www.debian.org/security/2022/dsa-5269", "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5269" }, { "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/", "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/" }, { "tags": [ "x_transferred" ], "url": "https://eprint.iacr.org/2023/331" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=35050307" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-02" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "unknown", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-07T03:42:54.794928Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "https://csrc.nist.gov/projects/hash-functions/sha-3-project", "url": "https://csrc.nist.gov/projects/hash-functions/sha-3-project" }, { "name": "https://mouha.be/sha-3-buffer-overflow/", "url": "https://mouha.be/sha-3-buffer-overflow/" }, { "name": "https://news.ycombinator.com/item?id=33281106", "url": "https://news.ycombinator.com/item?id=33281106" }, { "name": "https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658", "url": "https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658" }, { "name": "https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html" }, { "name": "https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html" }, { "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/" }, { "name": "https://www.debian.org/security/2022/dsa-5267", "url": "https://www.debian.org/security/2022/dsa-5267" }, { "name": "https://www.debian.org/security/2022/dsa-5269", "url": "https://www.debian.org/security/2022/dsa-5269" }, { "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/" }, { "url": "https://eprint.iacr.org/2023/331" }, { "url": "https://news.ycombinator.com/item?id=35050307" }, { "url": "https://security.gentoo.org/glsa/202305-02" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37454", "datePublished": "2022-10-21T00:00:00", "dateReserved": "2022-08-07T00:00:00", "dateUpdated": "2024-08-03T10:29:21.027Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45420
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.035Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1792643" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Iframe contents could be rendered outside the iframe", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1792643" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45420", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.035Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-36087
Vulnerability from cvelistv5
Published
2022-09-09 00:00
Modified
2024-08-03 09:52
Severity ?
EPSS score ?
Summary
OAuthLib vulnerable DoS when attacker provides malicious IPV6 URI
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:52:00.509Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/oauthlib/oauthlib/security/advisories/GHSA-3pgj-pg6c-r5p7" }, { "tags": [ "x_transferred" ], "url": "https://github.com/oauthlib/oauthlib/commit/2e40b412c844ecc4673c3fa3f72181f228bdbacd" }, { "tags": [ "x_transferred" ], "url": "https://github.com/oauthlib/oauthlib/blob/2b8a44855a51ad5a5b0c348a08c2564a2e197ea2/oauthlib/uri_validate.py" }, { "tags": [ "x_transferred" ], "url": "https://github.com/oauthlib/oauthlib/blob/d4bafd9f1d0eba3766e933b1ac598cbbf37b8914/oauthlib/oauth2/rfc6749/grant_types/base.py#L232" }, { "tags": [ "x_transferred" ], "url": "https://github.com/oauthlib/oauthlib/releases/tag/v3.2.1" }, { "name": "FEDORA-2022-5a74a5eea7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRYLYHE5HWF6R2CRLJFUK4PILR47WXOE/" }, { "name": "FEDORA-2023-da094276a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X2CQZM5CKOUM4GW2GTAPQEQFPITQ6F7S/" }, { "name": "FEDORA-2023-49ded4c9a5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBCQJR3ZF7FVNTJYRVPVSQEQRAYZIUHU/" }, { "name": "FEDORA-2023-5ab7049a59", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LXOPIA6M57CFQPUT6HHSNXCTV6QA3UDI/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "oauthlib", "vendor": "oauthlib", "versions": [ { "status": "affected", "version": "\u003e= 3.1.1, \u003c 3.2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of `uri_validate` functions depending where it is used. OAuthLib applications using OAuth2.0 provider support or use directly `uri_validate` are affected by this issue. Version 3.2.1 contains a patch. There are no known workarounds." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-28T03:06:20.018141", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/oauthlib/oauthlib/security/advisories/GHSA-3pgj-pg6c-r5p7" }, { "url": "https://github.com/oauthlib/oauthlib/commit/2e40b412c844ecc4673c3fa3f72181f228bdbacd" }, { "url": "https://github.com/oauthlib/oauthlib/blob/2b8a44855a51ad5a5b0c348a08c2564a2e197ea2/oauthlib/uri_validate.py" }, { "url": "https://github.com/oauthlib/oauthlib/blob/d4bafd9f1d0eba3766e933b1ac598cbbf37b8914/oauthlib/oauth2/rfc6749/grant_types/base.py#L232" }, { "url": "https://github.com/oauthlib/oauthlib/releases/tag/v3.2.1" }, { "name": "FEDORA-2022-5a74a5eea7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRYLYHE5HWF6R2CRLJFUK4PILR47WXOE/" }, { "name": "FEDORA-2023-da094276a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X2CQZM5CKOUM4GW2GTAPQEQFPITQ6F7S/" }, { "name": "FEDORA-2023-49ded4c9a5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBCQJR3ZF7FVNTJYRVPVSQEQRAYZIUHU/" }, { "name": "FEDORA-2023-5ab7049a59", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LXOPIA6M57CFQPUT6HHSNXCTV6QA3UDI/" } ], "source": { "advisory": "GHSA-3pgj-pg6c-r5p7", "discovery": "UNKNOWN" }, "title": "OAuthLib vulnerable DoS when attacker provides malicious IPV6 URI" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-36087", "datePublished": "2022-09-09T00:00:00", "dateReserved": "2022-07-15T00:00:00", "dateUpdated": "2024-08-03T09:52:00.509Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45404
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.5 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.044Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790815" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Through a series of popup and \u003ccode\u003ewindow.print()\u003c/code\u003e calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR \u003c 102.5, Thunderbird \u003c 102.5, and Firefox \u003c 107." } ], "problemTypes": [ { "descriptions": [ { "description": "Fullscreen notification bypass", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-49/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-48/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790815" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45404", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.044Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-36760
Vulnerability from cvelistv5
Published
2023-01-17 19:11
Modified
2024-08-03 10:14
Severity ?
EPSS score ?
Summary
Apache HTTP Server: mod_proxy_ajp Possible request smuggling
References
▼ | URL | Tags |
---|---|---|
https://httpd.apache.org/security/vulnerabilities_24.html | vendor-advisory | |
https://security.gentoo.org/glsa/202309-01 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache HTTP Server |
Version: 2.4 ≤ 2.4.54 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:14:28.094Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202309-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.54", "status": "affected", "version": "2.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "ZeddYu_Lu from Qi\u0027anxin Research Institute of Legendsec at Qi\u0027anxin Group" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027) vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions." } ], "value": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027) vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions." } ], "metrics": [ { "other": { "content": { "text": "moderate" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-444", "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-17T19:11:55.106Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "url": "https://security.gentoo.org/glsa/202309-01" } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2022-07-12T11:00:00.000Z", "value": "Reported to security team" } ], "title": "Apache HTTP Server: mod_proxy_ajp Possible request smuggling", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2022-36760", "datePublished": "2023-01-17T19:11:55.106Z", "dateReserved": "2022-07-25T12:18:16.655Z", "dateUpdated": "2024-08-03T10:14:28.094Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45061
Vulnerability from cvelistv5
Published
2022-11-09 00:00
Modified
2024-08-03 14:01
Severity ?
EPSS score ?
Summary
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:01:31.434Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/python/cpython/issues/98433" }, { "name": "FEDORA-2022-45d2cfdfa4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/" }, { "name": "FEDORA-2022-3e859b6bc6", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/" }, { "name": "FEDORA-2022-e1ce71ff40", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/" }, { "name": "FEDORA-2022-fdb2739feb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221209-0007/" }, { "name": "FEDORA-2022-6f4e6120d7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/" }, { "name": "FEDORA-2022-e6d0495206", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/" }, { "name": "FEDORA-2022-6d51289820", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/" }, { "name": "FEDORA-2022-50deb53896", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/" }, { "name": "FEDORA-2022-93c6916349", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/" }, { "name": "FEDORA-2022-18b234c18b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/" }, { "name": "FEDORA-2022-de755fd092", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/" }, { "name": "FEDORA-2022-fd3771db30", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/" }, { "name": "FEDORA-2022-6b8b96f883", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/" }, { "name": "FEDORA-2022-3d7e44dbd5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/" }, { "name": "FEDORA-2022-b2f06fbb62", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/" }, { "name": "FEDORA-2022-6ba889e0e3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/" }, { "name": "FEDORA-2022-dbb811d203", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/" }, { "name": "FEDORA-2022-e699dd5247", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/" }, { "name": "FEDORA-2022-fbf6a320fe", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/" }, { "name": "FEDORA-2022-bcf089dd07", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/" }, { "name": "FEDORA-2023-a990c93ed0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/" }, { "name": "FEDORA-2023-78b4ce2f23", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/" }, { "name": "FEDORA-2023-af5206f71d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/" }, { "name": "FEDORA-2023-943556a733", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/" }, { "name": "FEDORA-2023-097dd40685", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/" }, { "name": "FEDORA-2023-f1381c83af", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/" }, { "name": "GLSA-202305-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-02" }, { "name": "[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html" }, { "name": "[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" }, { "name": "FEDORA-2023-129178fd27", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/" }, { "name": "FEDORA-2023-c43a940a93", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/" }, { "name": "FEDORA-2023-5460cf6dfb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-15T21:07:33.878146", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/python/cpython/issues/98433" }, { "name": "FEDORA-2022-45d2cfdfa4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/" }, { "name": "FEDORA-2022-3e859b6bc6", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/" }, { "name": "FEDORA-2022-e1ce71ff40", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/" }, { "name": "FEDORA-2022-fdb2739feb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/" }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0007/" }, { "name": "FEDORA-2022-6f4e6120d7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/" }, { "name": "FEDORA-2022-e6d0495206", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/" }, { "name": "FEDORA-2022-6d51289820", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/" }, { "name": "FEDORA-2022-50deb53896", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/" }, { "name": "FEDORA-2022-93c6916349", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/" }, { "name": "FEDORA-2022-18b234c18b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/" }, { "name": "FEDORA-2022-de755fd092", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/" }, { "name": "FEDORA-2022-fd3771db30", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/" }, { "name": "FEDORA-2022-6b8b96f883", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/" }, { "name": "FEDORA-2022-3d7e44dbd5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/" }, { "name": "FEDORA-2022-b2f06fbb62", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/" }, { "name": "FEDORA-2022-6ba889e0e3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/" }, { "name": "FEDORA-2022-dbb811d203", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/" }, { "name": "FEDORA-2022-e699dd5247", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/" }, { "name": "FEDORA-2022-fbf6a320fe", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/" }, { "name": "FEDORA-2022-bcf089dd07", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/" }, { "name": "FEDORA-2023-a990c93ed0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/" }, { "name": "FEDORA-2023-78b4ce2f23", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/" }, { "name": "FEDORA-2023-af5206f71d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/" }, { "name": "FEDORA-2023-943556a733", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/" }, { "name": "FEDORA-2023-097dd40685", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/" }, { "name": "FEDORA-2023-f1381c83af", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/" }, { "name": "GLSA-202305-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-02" }, { "name": "[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html" }, { "name": "[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" }, { "name": "FEDORA-2023-129178fd27", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/" }, { "name": "FEDORA-2023-c43a940a93", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/" }, { "name": "FEDORA-2023-5460cf6dfb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-45061", "datePublished": "2022-11-09T00:00:00", "dateReserved": "2022-11-09T00:00:00", "dateUpdated": "2024-08-03T14:01:31.434Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21658
Vulnerability from cvelistv5
Published
2022-01-20 00:00
Modified
2024-08-03 02:46
Severity ?
EPSS score ?
Summary
Race condition in std::fs::remove_dir_all in rustlang
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:46:39.244Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/rust-lang/rust/security/advisories/GHSA-r9cc-f5pr-p3j2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/rust-lang/rust/pull/93110" }, { "tags": [ "x_transferred" ], "url": "https://github.com/rust-lang/rust/pull/93110/commits/32ed6e599bb4722efefd78bbc9cd7ec4613cb946" }, { "tags": [ "x_transferred" ], "url": "https://github.com/rust-lang/rust/pull/93110/commits/406cc071d6cfdfdb678bf3d83d766851de95abaf" }, { "tags": [ "x_transferred" ], "url": "https://github.com/rust-lang/rust/pull/93110/commits/4f0ad1c92ca08da6e8dc17838070975762f59714" }, { "tags": [ "x_transferred" ], "url": "https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html" }, { "name": "FEDORA-2022-1bafa3fc91", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BK32QZLHDC2OVLPKTUHNT2G3VHWHD4LX/" }, { "name": "FEDORA-2022-2c73789458", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C63NH72Q7UHJM5V3IVYRI7LVBGGFQMSQ/" }, { "name": "FEDORA-2022-1b76e3a192", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CKGTACKMKAPRDPWPTU26GYWBELIRFF5N/" }, { "name": "FEDORA-2022-06569a0a60", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JKZDTBMGAWIFJSNWKBMPO5EAKRR4BEW/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213182" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213186" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213193" }, { "name": "GLSA-202210-09", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "rust", "vendor": "rust-lang", "versions": [ { "status": "affected", "version": "\u003c 1.58.1" } ] } ], "descriptions": [ { "lang": "en", "value": "Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn\u0027t otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don\u0027t have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being affected by this. Note that adding checks in your codebase before calling remove_dir_all will not mitigate the vulnerability, as they would also be vulnerable to race conditions like remove_dir_all itself. The existing mitigation is working as intended outside of race conditions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-363", "description": "CWE-363: Race Condition Enabling Link Following", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-367", "description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-16T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/rust-lang/rust/security/advisories/GHSA-r9cc-f5pr-p3j2" }, { "url": "https://github.com/rust-lang/rust/pull/93110" }, { "url": "https://github.com/rust-lang/rust/pull/93110/commits/32ed6e599bb4722efefd78bbc9cd7ec4613cb946" }, { "url": "https://github.com/rust-lang/rust/pull/93110/commits/406cc071d6cfdfdb678bf3d83d766851de95abaf" }, { "url": "https://github.com/rust-lang/rust/pull/93110/commits/4f0ad1c92ca08da6e8dc17838070975762f59714" }, { "url": "https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html" }, { "name": "FEDORA-2022-1bafa3fc91", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BK32QZLHDC2OVLPKTUHNT2G3VHWHD4LX/" }, { "name": "FEDORA-2022-2c73789458", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C63NH72Q7UHJM5V3IVYRI7LVBGGFQMSQ/" }, { "name": "FEDORA-2022-1b76e3a192", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CKGTACKMKAPRDPWPTU26GYWBELIRFF5N/" }, { "name": "FEDORA-2022-06569a0a60", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JKZDTBMGAWIFJSNWKBMPO5EAKRR4BEW/" }, { "url": "https://support.apple.com/kb/HT213183" }, { "url": "https://support.apple.com/kb/HT213182" }, { "url": "https://support.apple.com/kb/HT213186" }, { "url": "https://support.apple.com/kb/HT213193" }, { "name": "GLSA-202210-09", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-09" } ], "source": { "advisory": "GHSA-r9cc-f5pr-p3j2", "discovery": "UNKNOWN" }, "title": "Race condition in std::fs::remove_dir_all in rustlang" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-21658", "datePublished": "2022-01-20T00:00:00", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2024-08-03T02:46:39.244Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-44638
Vulnerability from cvelistv5
Published
2022-11-03 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:54:03.999Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.freedesktop.org/pixman/pixman/-/issues/63" }, { "name": "[oss-security] 20221104 Fwd: [ANNOUNCE] pixman release 0.42.2 now available", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/05/1" }, { "name": "[debian-lts-announce] 20221107 [SECURITY] [DLA 3179-1] pixman security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html" }, { "name": "FEDORA-2022-ae2559a8f4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/" }, { "name": "DSA-5276", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5276" }, { "name": "FEDORA-2022-3cf0e7ebc7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/" }, { "name": "FEDORA-2022-f3a939e960", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-07T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.freedesktop.org/pixman/pixman/-/issues/63" }, { "name": "[oss-security] 20221104 Fwd: [ANNOUNCE] pixman release 0.42.2 now available", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/05/1" }, { "name": "[debian-lts-announce] 20221107 [SECURITY] [DLA 3179-1] pixman security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html" }, { "name": "FEDORA-2022-ae2559a8f4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/" }, { "name": "DSA-5276", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5276" }, { "name": "FEDORA-2022-3cf0e7ebc7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/" }, { "name": "FEDORA-2022-f3a939e960", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/" }, { "url": "http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-44638", "datePublished": "2022-11-03T00:00:00", "dateReserved": "2022-11-03T00:00:00", "dateUpdated": "2024-08-03T13:54:03.999Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-45414
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Mozilla | Thunderbird |
Version: unspecified < 102.5.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:09:57.041Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-50/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1788096" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.5.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird \u003c 102.5.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-50/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1788096" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-45414", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-11-14T00:00:00", "dateUpdated": "2024-08-03T14:09:57.041Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-39260
Vulnerability from cvelistv5
Published
2022-10-19 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Git vulnerable to Remote Code Execution via Heap overflow in `git shell`
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:00:43.573Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6" }, { "name": "FEDORA-2022-8b58806840", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213496" }, { "name": "FEDORA-2022-53aadd995f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/" }, { "name": "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Nov/1" }, { "name": "FEDORA-2022-fb088df94c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/" }, { "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html" }, { "name": "GLSA-202312-15", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202312-15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "git", "vendor": "git", "versions": [ { "status": "affected", "version": "\u003c 2.30.6" }, { "status": "affected", "version": "\u003e 2.31.0, \u003c 2.31.5" }, { "status": "affected", "version": "\u003e 2.32.0, \u003c 2.32.4" }, { "status": "affected", "version": "\u003e 2.33.0, \u003c 2.33.5" }, { "status": "affected", "version": "\u003e 2.34.0, \u003c 2.34.5" }, { "status": "affected", "version": "\u003e 2.34.0, \u003c 2.35.5" }, { "status": "affected", "version": "\u003e 2.35.0, \u003c 2.36.3" }, { "status": "affected", "version": "\u003e 2.37.0, \u003c 2.37.4" } ] } ], "descriptions": [ { "lang": "en", "value": "Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git\u0027s push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-27T10:06:16.422068", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6" }, { "name": "FEDORA-2022-8b58806840", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/" }, { "url": "https://support.apple.com/kb/HT213496" }, { "name": "FEDORA-2022-53aadd995f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/" }, { "name": "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Nov/1" }, { "name": "FEDORA-2022-fb088df94c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/" }, { "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html" }, { "name": "GLSA-202312-15", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202312-15" } ], "source": { "advisory": "GHSA-rjr6-wcq6-83p6", "discovery": "UNKNOWN" }, "title": "Git vulnerable to Remote Code Execution via Heap overflow in `git shell`" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-39260", "datePublished": "2022-10-19T00:00:00", "dateReserved": "2022-09-02T00:00:00", "dateUpdated": "2024-08-03T12:00:43.573Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-40957
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 12:28
Severity ?
EPSS score ?
Summary
Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox ESR |
Version: unspecified < 102.3 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:28:43.078Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1777604" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "105", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.\u003cbr\u003e*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR \u003c 102.3, Thunderbird \u003c 102.3, and Firefox \u003c 105." } ], "problemTypes": [ { "descriptions": [ { "description": "Incoherent instruction cache when building WASM on ARM64", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-40/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-41/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-42/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1777604" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-40957", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:28:43.078Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1348
Vulnerability from cvelistv5
Published
2022-05-25 15:13
Modified
2024-08-03 00:03
Severity ?
EPSS score ?
Summary
A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1348 | x_refsource_MISC | |
http://www.openwall.com/lists/oss-security/2022/05/25/3 | mailing-list, x_refsource_MLIST | |
http://www.openwall.com/lists/oss-security/2022/05/25/4 | mailing-list, x_refsource_MLIST | |
http://www.openwall.com/lists/oss-security/2022/05/25/5 | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZYEB4F37BY6GLEJKP2EPVAVQ6TA3HQKR/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7EHGYRE6DSFSBXQIWYDGTSXKO6IFSJQ/ | vendor-advisory, x_refsource_FEDORA |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:03:05.887Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1348" }, { "name": "[oss-security] 20220525 Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/05/25/3" }, { "name": "[oss-security] 20220525 Re: Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/05/25/4" }, { "name": "[oss-security] 20220525 Re: Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/05/25/5" }, { "name": "FEDORA-2022-87c0f05204", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZYEB4F37BY6GLEJKP2EPVAVQ6TA3HQKR/" }, { "name": "FEDORA-2022-ff0188b37c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7EHGYRE6DSFSBXQIWYDGTSXKO6IFSJQ/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "logrotate", "vendor": "n/a", "versions": [ { "status": "affected", "version": "logrotate versions before 3.20.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-732", "description": "CWE-732", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-12T02:06:09", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1348" }, { "name": "[oss-security] 20220525 Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/05/25/3" }, { "name": "[oss-security] 20220525 Re: Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/05/25/4" }, { "name": "[oss-security] 20220525 Re: Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/05/25/5" }, { "name": "FEDORA-2022-87c0f05204", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZYEB4F37BY6GLEJKP2EPVAVQ6TA3HQKR/" }, { "name": "FEDORA-2022-ff0188b37c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7EHGYRE6DSFSBXQIWYDGTSXKO6IFSJQ/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-1348", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "logrotate", "version": { "version_data": [ { "version_value": "logrotate versions before 3.20.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-732" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1348", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-1348" }, { "name": "[oss-security] 20220525 Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/05/25/3" }, { "name": "[oss-security] 20220525 Re: Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/05/25/4" }, { "name": "[oss-security] 20220525 Re: Re: CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/05/25/5" }, { "name": "FEDORA-2022-87c0f05204", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYEB4F37BY6GLEJKP2EPVAVQ6TA3HQKR/" }, { "name": "FEDORA-2022-ff0188b37c", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7EHGYRE6DSFSBXQIWYDGTSXKO6IFSJQ/" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1348", "datePublished": "2022-05-25T15:13:39", "dateReserved": "2022-04-13T00:00:00", "dateUpdated": "2024-08-03T00:03:05.887Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3033
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in the document. This bug doesn't affect users who have changed the default Message Body display setting to 'simple html' or 'plain text'. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Mozilla | Thunderbird |
Version: unspecified < 102.2.1 Version: unspecified < 91.13.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.849Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-38/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-39/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784838" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.2.1", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "91.13.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "If a Thunderbird user replied to a crafted HTML email containing a \u003ccode\u003emeta\u003c/code\u003e tag, with the \u003ccode\u003emeta\u003c/code\u003e tag having the \u003ccode\u003ehttp-equiv=\"refresh\"\u003c/code\u003e attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in the document. This bug doesn\u0027t affect users who have changed the default Message Body display setting to \u0027simple html\u0027 or \u0027plain text\u0027. This vulnerability affects Thunderbird \u003c 102.2.1 and Thunderbird \u003c 91.13.1." } ], "problemTypes": [ { "descriptions": [ { "description": "Leaking of sensitive information when composing a response to an HTML email with a META refresh tag", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-22T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-38/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-39/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784838" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-3033", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-08-29T00:00:00", "dateUpdated": "2024-08-03T00:53:00.849Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46882
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:39
Severity ?
EPSS score ?
Summary
A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 107 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:39:39.130Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789371" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-13" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "107", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox \u003c 107, Firefox ESR \u003c 102.6, and Thunderbird \u003c 102.6." } ], "problemTypes": [ { "descriptions": [ { "description": "Use-after-free in WebGL", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-47/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789371" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-13" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-46882", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-12-09T00:00:00", "dateUpdated": "2024-08-03T14:39:39.130Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-46874
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 14:39
Severity ?
EPSS score ?
Summary
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.<br/>*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 108 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:39:38.960Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-54/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1746139" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-13" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "108", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6.1", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.6", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.\u003cbr/\u003e*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox \u003c 108, Thunderbird \u003c 102.6.1, Thunderbird \u003c 102.6, and Firefox ESR \u003c 102.6." } ], "problemTypes": [ { "descriptions": [ { "description": "Drag and Dropped Filenames could have been truncated to malicious extensions", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2022-52/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-53/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-54/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1746139" }, { "name": "GLSA-202305-06", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-06" }, { "name": "GLSA-202305-13", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-13" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-46874", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-12-09T00:00:00", "dateUpdated": "2024-08-03T14:39:38.960Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42927
Vulnerability from cvelistv5
Published
2022-12-22 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 106 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:19:05.529Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789128" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "106", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "James Lee" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via \u003ccode\u003eperformance.getEntries()\u003c/code\u003e. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4." } ], "value": "A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox \u003c 106, Firefox ESR \u003c 102.4, and Thunderbird \u003c 102.4." } ], "problemTypes": [ { "descriptions": [ { "description": "Same-origin policy violation could have leaked cross-origin URLs", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-13T10:36:17.164Z", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1789128" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-45/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2022-46/" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2022-42927", "datePublished": "2022-12-22T00:00:00", "dateReserved": "2022-10-14T00:00:00", "dateUpdated": "2024-08-03T13:19:05.529Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-46848
Vulnerability from cvelistv5
Published
2022-10-24 00:00
Modified
2024-08-04 05:17
Severity ?
EPSS score ?
Summary
GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:17:42.362Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gnutls/libtasn1/-/issues/32" }, { "tags": [ "x_transferred" ], "url": "https://bugs.gentoo.org/866237" }, { "name": "FEDORA-2022-061f857481", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/" }, { "name": "FEDORA-2022-3c933ffaca", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/" }, { "name": "FEDORA-2022-19056934a7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221118-0006/" }, { "name": "FEDORA-2022-3f9ee1ad91", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/" }, { "name": "[debian-lts-announce] 20230109 [SECURITY] [DLA 3263-1] libtasn1-6 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-09T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5" }, { "url": "https://gitlab.com/gnutls/libtasn1/-/issues/32" }, { "url": "https://bugs.gentoo.org/866237" }, { "name": "FEDORA-2022-061f857481", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/" }, { "name": "FEDORA-2022-3c933ffaca", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/" }, { "name": "FEDORA-2022-19056934a7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/" }, { "url": "https://security.netapp.com/advisory/ntap-20221118-0006/" }, { "name": "FEDORA-2022-3f9ee1ad91", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/" }, { "name": "[debian-lts-announce] 20230109 [SECURITY] [DLA 3263-1] libtasn1-6 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-46848", "datePublished": "2022-10-24T00:00:00", "dateReserved": "2022-10-24T00:00:00", "dateUpdated": "2024-08-04T05:17:42.362Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3597
Vulnerability from cvelistv5
Published
2022-10-21 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:01.975Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libtiff/libtiff/-/issues/413" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libtiff", "vendor": "libtiff", "versions": [ { "status": "affected", "version": "\u003c=4.4.0" } ] } ], "credits": [ { "lang": "en", "value": "wangdw.augustus@gmail.com" } ], "descriptions": [ { "lang": "en", "value": "LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Out-of-bounds read in libtiff", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-30T00:00:00", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047" }, { "url": "https://gitlab.com/libtiff/libtiff/-/issues/413" }, { "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json" }, { "url": "https://security.netapp.com/advisory/ntap-20230110-0001/" }, { "name": "[debian-lts-announce] 20230120 [SECURITY] [DLA 3278-1] tiff security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "name": "DSA-5333", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5333" } ] } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2022-3597", "datePublished": "2022-10-21T00:00:00", "dateReserved": "2022-10-19T00:00:00", "dateUpdated": "2024-08-03T01:14:01.975Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.