admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-04-20 18:00:36 +00:00
parent 2e2355db84
commit 0225905afd
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 255 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2023/25xxx/CVE-2023-25601.json
View File

@ -59,6 +59,11 @@
"url": "https://lists.apache.org/thread/25g77jqczp3t8cz56hk1p65q7m6c64rf",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/25g77jqczp3t8cz56hk1p65q7m6c64rf"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/20/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/04/20/10"
}
]
},

90
2023/27xxx/CVE-2023-27495.json
View File

@ -1,17 +1,99 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27495",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "@fastify/csrf-protection is a plugin which helps protect Fastify servers against CSRF attacks. The CSRF protection enforced by the @fastify/csrf-protection library in combination with @fastify/cookie can be bypassed from network and same-site attackers under certain conditions. @fastify/csrf-protection supports an optional userInfo parameter that binds the CSRF token to the user. This parameter has been introduced to prevent cookie-tossing attacks as a fix for CVE-2021-29624. Whenever userInfo parameter is missing, or its value can be predicted for the target user account, network and same-site attackers can 1. fixate a _csrf cookie in the victim's browser, and 2. forge CSRF tokens that are valid for the victim's session. This allows attackers to bypass the CSRF protection mechanism. As a fix, @fastify/csrf-protection starting from version 6.3.0 (and v4.1.0) includes a server-defined secret hmacKey that cryptographically binds the CSRF token to the value of the _csrf cookie and the userInfo parameter, making tokens non-spoofable by attackers. This protection is effective as long as the userInfo parameter is unique for each user. This is patched in versions 6.3.0 and v4.1.0. Users are advised to upgrade. Users unable to upgrade may use a random, non-predictable userInfo parameter for each user as a mitigation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "fastify",
"product": {
"product_data": [
{
"product_name": "csrf-protection",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 4.1.0"
},
{
"version_affected": "=",
"version_value": ">= 5.0.0, < 6.3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/fastify/csrf-protection/security/advisories/GHSA-qrgf-9gpc-vrxw",
"refsource": "MISC",
"name": "https://github.com/fastify/csrf-protection/security/advisories/GHSA-qrgf-9gpc-vrxw"
},
{
"url": "https://github.com/fastify/csrf-protection/commit/be3e5761f37aa05c7c1ac8ed44499c51ecec8058",
"refsource": "MISC",
"name": "https://github.com/fastify/csrf-protection/commit/be3e5761f37aa05c7c1ac8ed44499c51ecec8058"
},
{
"url": "https://www.cvedetails.com/cve/CVE-2021-29624",
"refsource": "MISC",
"name": "https://www.cvedetails.com/cve/CVE-2021-29624"
}
]
},
"source": {
"advisory": "GHSA-qrgf-9gpc-vrxw",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

91
2023/29xxx/CVE-2023-29528.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29528",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "XWiki Commons are technical libraries common to several other top level XWiki projects. The \"restricted\" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1 and massively improved in version 14.6-rc-1, allowed the injection of arbitrary HTML code and thus cross-site scripting via invalid HTML comments. As a consequence, any code relying on this \"restricted\" mode for security is vulnerable to JavaScript injection (\"cross-site scripting\"/XSS). When a privileged user with programming rights visits such a comment in XWiki, the malicious JavaScript code is executed in the context of the user session. This allows server-side code execution with programming rights, impacting the confidentiality, integrity and availability of the XWiki instance. This problem has been patched in XWiki 14.10, HTML comments are now removed in restricted mode and a check has been introduced that ensures that comments don't start with `>`. There are no known workarounds apart from upgrading to a version including the fix.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "xwiki",
"product": {
"product_data": [
{
"product_name": "xwiki-commons",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 4.2-milestone-1, < 14.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-x37v-36wv-6v6h",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-x37v-36wv-6v6h"
},
{
"url": "https://github.com/xwiki/xwiki-commons/commit/8ff1a9d7e5d7b45b690134a537d53dc05cae04ab",
"refsource": "MISC",
"name": "https://github.com/xwiki/xwiki-commons/commit/8ff1a9d7e5d7b45b690134a537d53dc05cae04ab"
},
{
"url": "https://jira.xwiki.org/browse/XCOMMONS-2568",
"refsource": "MISC",
"name": "https://jira.xwiki.org/browse/XCOMMONS-2568"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20348",
"refsource": "MISC",
"name": "https://jira.xwiki.org/browse/XWIKI-20348"
}
]
},
"source": {
"advisory": "GHSA-x37v-36wv-6v6h",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

81
2023/30xxx/CVE-2023-30616.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-30616",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Form block is a wordpress plugin designed to make form creation easier. Versions prior to 1.0.2 are subject to a Cross-Site Request Forgery due to a missing nonce check. There is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any website without a user noticing. Users are advised to upgrade to version 1.0.2. There are no known workarounds for this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "epiphyt",
"product": {
"product_data": [
{
"product_name": "form-block",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 1.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/epiphyt/form-block/security/advisories/GHSA-j4c2-7p87-q824",
"refsource": "MISC",
"name": "https://github.com/epiphyt/form-block/security/advisories/GHSA-j4c2-7p87-q824"
},
{
"url": "https://github.com/epiphyt/form-block/commit/cf0012fa0710d906c594346ba775c5dc433a9426",
"refsource": "MISC",
"name": "https://github.com/epiphyt/form-block/commit/cf0012fa0710d906c594346ba775c5dc433a9426"
}
]
},
"source": {
"advisory": "GHSA-j4c2-7p87-q824",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}