From 29730eba4502ac478e51c7f2c07bf371e48f501a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 20 Dec 2023 16:01:06 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/48xxx/CVE-2023-48795.json | 15 ----- 2023/49xxx/CVE-2023-49797.json | 5 -- 2023/50xxx/CVE-2023-50917.json | 5 -- 2023/51xxx/CVE-2023-51457.json | 103 ++------------------------------- 2023/51xxx/CVE-2023-51458.json | 103 ++------------------------------- 2023/51xxx/CVE-2023-51459.json | 103 ++------------------------------- 2023/51xxx/CVE-2023-51460.json | 103 ++------------------------------- 2023/51xxx/CVE-2023-51461.json | 103 ++------------------------------- 2023/51xxx/CVE-2023-51462.json | 103 ++------------------------------- 2023/6xxx/CVE-2023-6377.json | 66 +++++++-------------- 2023/6xxx/CVE-2023-6478.json | 54 +++++------------ 2023/6xxx/CVE-2023-6856.json | 2 +- 2023/6xxx/CVE-2023-6858.json | 2 +- 2023/6xxx/CVE-2023-6860.json | 2 +- 2023/6xxx/CVE-2023-6861.json | 2 +- 2023/6xxx/CVE-2023-6862.json | 2 +- 2023/6xxx/CVE-2023-6863.json | 2 +- 2023/6xxx/CVE-2023-6865.json | 2 +- 2023/6xxx/CVE-2023-6869.json | 2 +- 19 files changed, 66 insertions(+), 713 deletions(-) diff --git a/2023/48xxx/CVE-2023-48795.json b/2023/48xxx/CVE-2023-48795.json index 867ca57dc56..add8ba1746d 100644 --- a/2023/48xxx/CVE-2023-48795.json +++ b/2023/48xxx/CVE-2023-48795.json @@ -346,21 +346,6 @@ "refsource": "MISC", "name": "https://github.com/NixOS/nixpkgs/pull/275249", "url": "https://github.com/NixOS/nixpkgs/pull/275249" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", - "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5" - }, - { - "refsource": "MISC", - "name": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", - "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc" - }, - { - "refsource": "MISC", - "name": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", - "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/" } ] } diff --git a/2023/49xxx/CVE-2023-49797.json b/2023/49xxx/CVE-2023-49797.json index f2f88890cee..3a9d85c5ff6 100644 --- a/2023/49xxx/CVE-2023-49797.json +++ b/2023/49xxx/CVE-2023-49797.json @@ -82,11 +82,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRWT34FAF23PUOLVZ7RVWBZMWPDR5U7/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ISRWT34FAF23PUOLVZ7RVWBZMWPDR5U7/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2K2XIQLEMZIKUQUOWNDYWTEWYQTKMAN7/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2K2XIQLEMZIKUQUOWNDYWTEWYQTKMAN7/" } ] }, diff --git a/2023/50xxx/CVE-2023-50917.json b/2023/50xxx/CVE-2023-50917.json index 7afa14e68c6..ae13f67c463 100644 --- a/2023/50xxx/CVE-2023-50917.json +++ b/2023/50xxx/CVE-2023-50917.json @@ -66,11 +66,6 @@ "refsource": "FULLDISC", "name": "20231219 Disclosure of CVE-2023-50917: RCE Vulnerability in MajorDoM", "url": "http://seclists.org/fulldisclosure/2023/Dec/19" - }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/176273/MajorDoMo-Remote-Code-Execution.html", - "url": "http://packetstormsecurity.com/files/176273/MajorDoMo-Remote-Code-Execution.html" } ] } diff --git a/2023/51xxx/CVE-2023-51457.json b/2023/51xxx/CVE-2023-51457.json index 19d7cda2d07..e2140dc1600 100644 --- a/2023/51xxx/CVE-2023-51457.json +++ b/2023/51xxx/CVE-2023-51457.json @@ -1,112 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-51457", - "ASSIGNER": "psirt@adobe.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site Scripting (Stored XSS) (CWE-79)", - "cweId": "CWE-79" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Adobe", - "product": { - "product_data": [ - { - "product_name": "Adobe Experience Manager", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "lessThanOrEqual": "6.5.18", - "status": "affected", - "version": "0", - "versionType": "semver" - } - ], - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "refsource": "MISC", - "name": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html" - } - ] - }, - "source": { - "discovery": "EXTERNAL" - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 5.4, - "environmentalSeverity": "MEDIUM", - "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "LOW", - "integrityRequirement": "NOT_DEFINED", - "modifiedAttackComplexity": "LOW", - "modifiedAttackVector": "NETWORK", - "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", - "modifiedIntegrityImpact": "LOW", - "modifiedPrivilegesRequired": "LOW", - "modifiedScope": "NOT_DEFINED", - "modifiedUserInteraction": "REQUIRED", - "privilegesRequired": "LOW", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "scope": "CHANGED", - "temporalScore": 5.4, - "temporalSeverity": "MEDIUM", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2023/51xxx/CVE-2023-51458.json b/2023/51xxx/CVE-2023-51458.json index 209819e3e18..a4dc83bf8bd 100644 --- a/2023/51xxx/CVE-2023-51458.json +++ b/2023/51xxx/CVE-2023-51458.json @@ -1,112 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-51458", - "ASSIGNER": "psirt@adobe.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site Scripting (Stored XSS) (CWE-79)", - "cweId": "CWE-79" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Adobe", - "product": { - "product_data": [ - { - "product_name": "Adobe Experience Manager", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "lessThanOrEqual": "6.5.18", - "status": "affected", - "version": "0", - "versionType": "semver" - } - ], - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "refsource": "MISC", - "name": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html" - } - ] - }, - "source": { - "discovery": "EXTERNAL" - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 5.4, - "environmentalSeverity": "MEDIUM", - "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "LOW", - "integrityRequirement": "NOT_DEFINED", - "modifiedAttackComplexity": "LOW", - "modifiedAttackVector": "NETWORK", - "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", - "modifiedIntegrityImpact": "LOW", - "modifiedPrivilegesRequired": "LOW", - "modifiedScope": "NOT_DEFINED", - "modifiedUserInteraction": "REQUIRED", - "privilegesRequired": "LOW", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "scope": "CHANGED", - "temporalScore": 5.4, - "temporalSeverity": "MEDIUM", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2023/51xxx/CVE-2023-51459.json b/2023/51xxx/CVE-2023-51459.json index a456b7b043c..222cee7a60e 100644 --- a/2023/51xxx/CVE-2023-51459.json +++ b/2023/51xxx/CVE-2023-51459.json @@ -1,112 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-51459", - "ASSIGNER": "psirt@adobe.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site Scripting (Reflected XSS) (CWE-79)", - "cweId": "CWE-79" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Adobe", - "product": { - "product_data": [ - { - "product_name": "Adobe Experience Manager", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "lessThanOrEqual": "6.5.18", - "status": "affected", - "version": "0", - "versionType": "semver" - } - ], - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "refsource": "MISC", - "name": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html" - } - ] - }, - "source": { - "discovery": "EXTERNAL" - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 5.4, - "environmentalSeverity": "MEDIUM", - "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "LOW", - "integrityRequirement": "NOT_DEFINED", - "modifiedAttackComplexity": "LOW", - "modifiedAttackVector": "NETWORK", - "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", - "modifiedIntegrityImpact": "LOW", - "modifiedPrivilegesRequired": "LOW", - "modifiedScope": "NOT_DEFINED", - "modifiedUserInteraction": "REQUIRED", - "privilegesRequired": "LOW", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "scope": "CHANGED", - "temporalScore": 5.4, - "temporalSeverity": "MEDIUM", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2023/51xxx/CVE-2023-51460.json b/2023/51xxx/CVE-2023-51460.json index aaf0553e2b3..a022d871bd8 100644 --- a/2023/51xxx/CVE-2023-51460.json +++ b/2023/51xxx/CVE-2023-51460.json @@ -1,112 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-51460", - "ASSIGNER": "psirt@adobe.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site Scripting (Stored XSS) (CWE-79)", - "cweId": "CWE-79" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Adobe", - "product": { - "product_data": [ - { - "product_name": "Adobe Experience Manager", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "lessThanOrEqual": "6.5.18", - "status": "affected", - "version": "0", - "versionType": "semver" - } - ], - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "refsource": "MISC", - "name": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html" - } - ] - }, - "source": { - "discovery": "EXTERNAL" - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 5.4, - "environmentalSeverity": "MEDIUM", - "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "LOW", - "integrityRequirement": "NOT_DEFINED", - "modifiedAttackComplexity": "LOW", - "modifiedAttackVector": "NETWORK", - "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", - "modifiedIntegrityImpact": "LOW", - "modifiedPrivilegesRequired": "LOW", - "modifiedScope": "NOT_DEFINED", - "modifiedUserInteraction": "REQUIRED", - "privilegesRequired": "LOW", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "scope": "CHANGED", - "temporalScore": 5.4, - "temporalSeverity": "MEDIUM", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2023/51xxx/CVE-2023-51461.json b/2023/51xxx/CVE-2023-51461.json index 06cdaadfe0d..0ad720f54cb 100644 --- a/2023/51xxx/CVE-2023-51461.json +++ b/2023/51xxx/CVE-2023-51461.json @@ -1,112 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-51461", - "ASSIGNER": "psirt@adobe.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site Scripting (Stored XSS) (CWE-79)", - "cweId": "CWE-79" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Adobe", - "product": { - "product_data": [ - { - "product_name": "Adobe Experience Manager", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "lessThanOrEqual": "6.5.18", - "status": "affected", - "version": "0", - "versionType": "semver" - } - ], - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "refsource": "MISC", - "name": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html" - } - ] - }, - "source": { - "discovery": "EXTERNAL" - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 5.4, - "environmentalSeverity": "MEDIUM", - "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "LOW", - "integrityRequirement": "NOT_DEFINED", - "modifiedAttackComplexity": "LOW", - "modifiedAttackVector": "NETWORK", - "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", - "modifiedIntegrityImpact": "LOW", - "modifiedPrivilegesRequired": "LOW", - "modifiedScope": "NOT_DEFINED", - "modifiedUserInteraction": "REQUIRED", - "privilegesRequired": "LOW", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "scope": "CHANGED", - "temporalScore": 5.4, - "temporalSeverity": "MEDIUM", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2023/51xxx/CVE-2023-51462.json b/2023/51xxx/CVE-2023-51462.json index dfdf471ba5c..cb32b682bc1 100644 --- a/2023/51xxx/CVE-2023-51462.json +++ b/2023/51xxx/CVE-2023-51462.json @@ -1,112 +1,17 @@ { - "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", + "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-51462", - "ASSIGNER": "psirt@adobe.com", - "STATE": "PUBLIC" + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" }, "description": { "description_data": [ { "lang": "eng", - "value": "Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross-site Scripting (Reflected XSS) (CWE-79)", - "cweId": "CWE-79" - } - ] - } - ] - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Adobe", - "product": { - "product_data": [ - { - "product_name": "Adobe Experience Manager", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "lessThanOrEqual": "6.5.18", - "status": "affected", - "version": "0", - "versionType": "semver" - } - ], - "defaultStatus": "affected" - } - } - ] - } - } - ] - } - } - ] - } - }, - "references": { - "reference_data": [ - { - "url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html", - "refsource": "MISC", - "name": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html" - } - ] - }, - "source": { - "discovery": "EXTERNAL" - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 5.4, - "environmentalSeverity": "MEDIUM", - "exploitCodeMaturity": "NOT_DEFINED", - "integrityImpact": "LOW", - "integrityRequirement": "NOT_DEFINED", - "modifiedAttackComplexity": "LOW", - "modifiedAttackVector": "NETWORK", - "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", - "modifiedIntegrityImpact": "LOW", - "modifiedPrivilegesRequired": "LOW", - "modifiedScope": "NOT_DEFINED", - "modifiedUserInteraction": "REQUIRED", - "privilegesRequired": "LOW", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "scope": "CHANGED", - "temporalScore": 5.4, - "temporalSeverity": "MEDIUM", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2023/6xxx/CVE-2023-6377.json b/2023/6xxx/CVE-2023-6377.json index 5a45910ac7e..05855baf28e 100644 --- a/2023/6xxx/CVE-2023-6377.json +++ b/2023/6xxx/CVE-2023-6377.json @@ -78,27 +78,6 @@ "vendor_name": "Red Hat", "product": { "product_data": [ - { - "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "0:1.12.0-14.el9_2.2", - "lessThan": "*", - "versionType": "rpm", - "status": "unaffected" - } - ], - "defaultStatus": "affected" - } - } - ] - } - }, { "product_name": "Red Hat Enterprise Linux 6", "version": { @@ -221,16 +200,6 @@ }, "references": { "reference_data": [ - { - "url": "http://www.openwall.com/lists/oss-security/2023/12/13/1", - "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2023/12/13/1" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2023:7886", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2023:7886" - }, { "url": "https://access.redhat.com/security/cve/CVE-2023-6377", "refsource": "MISC", @@ -246,11 +215,31 @@ "refsource": "MISC", "name": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd" }, + { + "url": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html", + "refsource": "MISC", + "name": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html" + }, { "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html" }, + { + "url": "https://www.debian.org/security/2023/dsa-5576", + "refsource": "MISC", + "name": "https://www.debian.org/security/2023/dsa-5576" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/12/13/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2023/12/13/1" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/" + }, { "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00013.html", "refsource": "MISC", @@ -260,21 +249,6 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/" - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/", - "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/" - }, - { - "url": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html", - "refsource": "MISC", - "name": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html" - }, - { - "url": "https://www.debian.org/security/2023/dsa-5576", - "refsource": "MISC", - "name": "https://www.debian.org/security/2023/dsa-5576" } ] }, diff --git a/2023/6xxx/CVE-2023-6478.json b/2023/6xxx/CVE-2023-6478.json index 188fbeb3d90..bcde9dc88b5 100644 --- a/2023/6xxx/CVE-2023-6478.json +++ b/2023/6xxx/CVE-2023-6478.json @@ -78,27 +78,6 @@ "vendor_name": "Red Hat", "product": { "product_data": [ - { - "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "version": "0:1.12.0-14.el9_2.2", - "lessThan": "*", - "versionType": "rpm", - "status": "unaffected" - } - ], - "defaultStatus": "affected" - } - } - ] - } - }, { "product_name": "Red Hat Enterprise Linux 6", "version": { @@ -221,16 +200,6 @@ }, "references": { "reference_data": [ - { - "url": "http://www.openwall.com/lists/oss-security/2023/12/13/1", - "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2023/12/13/1" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2023:7886", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2023:7886" - }, { "url": "https://access.redhat.com/security/cve/CVE-2023-6478", "refsource": "MISC", @@ -246,15 +215,25 @@ "refsource": "MISC", "name": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632" }, + { + "url": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html", + "refsource": "MISC", + "name": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html" + }, { "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html" }, { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/", + "url": "https://www.debian.org/security/2023/dsa-5576", "refsource": "MISC", - "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/" + "name": "https://www.debian.org/security/2023/dsa-5576" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/12/13/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2023/12/13/1" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/", @@ -262,14 +241,9 @@ "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/" }, { - "url": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/", "refsource": "MISC", - "name": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html" - }, - { - "url": "https://www.debian.org/security/2023/dsa-5576", - "refsource": "MISC", - "name": "https://www.debian.org/security/2023/dsa-5576" + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/" } ] }, diff --git a/2023/6xxx/CVE-2023-6856.json b/2023/6xxx/CVE-2023-6856.json index ede6267c469..a5e9bc39db0 100644 --- a/2023/6xxx/CVE-2023-6856.json +++ b/2023/6xxx/CVE-2023-6856.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Heap-buffer-overflow affecting WebGL `DrawElementsInstanced` method with Mesa VM driver" + "value": "Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver" } ] } diff --git a/2023/6xxx/CVE-2023-6858.json b/2023/6xxx/CVE-2023-6858.json index 8914bf858ae..2740100886f 100644 --- a/2023/6xxx/CVE-2023-6858.json +++ b/2023/6xxx/CVE-2023-6858.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Heap buffer overflow in `nsTextFragment`" + "value": "Heap buffer overflow in nsTextFragment" } ] } diff --git a/2023/6xxx/CVE-2023-6860.json b/2023/6xxx/CVE-2023-6860.json index f960f338761..1645b0a854a 100644 --- a/2023/6xxx/CVE-2023-6860.json +++ b/2023/6xxx/CVE-2023-6860.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Potential sandbox escape due to `VideoBridge` lack of texture validation" + "value": "Potential sandbox escape due to VideoBridge lack of texture validation" } ] } diff --git a/2023/6xxx/CVE-2023-6861.json b/2023/6xxx/CVE-2023-6861.json index 8c27e33c777..ba29bee84d0 100644 --- a/2023/6xxx/CVE-2023-6861.json +++ b/2023/6xxx/CVE-2023-6861.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Heap buffer overflow affected `nsWindow::PickerOpen(void)` in headless mode" + "value": "Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode" } ] } diff --git a/2023/6xxx/CVE-2023-6862.json b/2023/6xxx/CVE-2023-6862.json index c54cb3ad005..af7a29b762b 100644 --- a/2023/6xxx/CVE-2023-6862.json +++ b/2023/6xxx/CVE-2023-6862.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Use-after-free in `nsDNSService`" + "value": "Use-after-free in nsDNSService" } ] } diff --git a/2023/6xxx/CVE-2023-6863.json b/2023/6xxx/CVE-2023-6863.json index 2c500aac380..8f7c26c7a71 100644 --- a/2023/6xxx/CVE-2023-6863.json +++ b/2023/6xxx/CVE-2023-6863.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Undefined behavior in `ShutdownObserver()`" + "value": "Undefined behavior in ShutdownObserver()" } ] } diff --git a/2023/6xxx/CVE-2023-6865.json b/2023/6xxx/CVE-2023-6865.json index d7c0d03294d..57cb653bc87 100644 --- a/2023/6xxx/CVE-2023-6865.json +++ b/2023/6xxx/CVE-2023-6865.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Potential exposure of uninitialized data in `EncryptingOutputStream`" + "value": "Potential exposure of uninitialized data in EncryptingOutputStream" } ] } diff --git a/2023/6xxx/CVE-2023-6869.json b/2023/6xxx/CVE-2023-6869.json index 84c3ba819c0..cd15414618a 100644 --- a/2023/6xxx/CVE-2023-6869.json +++ b/2023/6xxx/CVE-2023-6869.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A `` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121." + "value": "A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121." } ] },