"-Synchronized-Data."

2025-07-29 05:56:59 +00:00 · 2023-10-10 00:00:37 +00:00 · 2023-10-10 00:00:37 +00:00 · 28e4e43f79
commit 28e4e43f79
parent 57d41a7da9
5 changed files with 26 additions and 1 deletions
--- a/2022/41xxx/CVE-2022-41352.json
+++ b/2022/41xxx/CVE-2022-41352.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavisd automatically prefers it over cpio."
+                "value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavis automatically prefers it over cpio."
            }
        ]
    },
@ -71,6 +71,11 @@
                "refsource": "MISC",
                "name": "http://packetstormsecurity.com/files/169458/Zimbra-Collaboration-Suite-TAR-Path-Traversal.html",
                "url": "http://packetstormsecurity.com/files/169458/Zimbra-Collaboration-Suite-TAR-Path-Traversal.html"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://www.secpod.com/blog/unpatched-rce-bug-in-zimbra-collaboration-suite-exploited-in-wild/",
+                "url": "https://www.secpod.com/blog/unpatched-rce-bug-in-zimbra-collaboration-suite-exploited-in-wild/"
            }
        ]
    }
--- a/2023/42xxx/CVE-2023-42754.json
+++ b/2023/42xxx/CVE-2023-42754.json
@ -172,6 +172,11 @@
                "url": "https://seclists.org/oss-sec/2023/q4/14",
                "refsource": "MISC",
                "name": "https://seclists.org/oss-sec/2023/q4/14"
+            },
+            {
+                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/",
+                "refsource": "MISC",
+                "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/"
            }
        ]
    },
--- a/2023/42xxx/CVE-2023-42756.json
+++ b/2023/42xxx/CVE-2023-42756.json
@ -172,6 +172,11 @@
                "url": "https://seclists.org/oss-sec/2023/q3/242",
                "refsource": "MISC",
                "name": "https://seclists.org/oss-sec/2023/q3/242"
+            },
+            {
+                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/",
+                "refsource": "MISC",
+                "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/"
            }
        ]
    },
--- a/2023/45xxx/CVE-2023-45239.json
+++ b/2023/45xxx/CVE-2023-45239.json
@ -72,6 +72,11 @@
                "url": "https://github.com/facebook/tac_plus/security/advisories/GHSA-p334-5r3g-4vx3",
                "refsource": "MISC",
                "name": "https://github.com/facebook/tac_plus/security/advisories/GHSA-p334-5r3g-4vx3"
+            },
+            {
+                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4J7ZYMFZB4G4OU5EDJPQLP6F6RKDGIH/",
+                "refsource": "MISC",
+                "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4J7ZYMFZB4G4OU5EDJPQLP6F6RKDGIH/"
            }
        ]
    }
--- a/2023/5xxx/CVE-2023-5345.json
+++ b/2023/5xxx/CVE-2023-5345.json
@ -64,6 +64,11 @@
                "url": "https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705",
                "refsource": "MISC",
                "name": "https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705"
+            },
+            {
+                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/",
+                "refsource": "MISC",
+                "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/"
            }
        ]
    },