admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-03-17 20:00:33 +00:00
parent 716d9e42d3
commit 444a355935
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 398 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
2023/27xxx/CVE-2023-27591.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27591",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Miniflux is a feed reader. Prior to version 2.0.43, an unauthenticated user can retrieve Prometheus metrics from a publicly reachable Miniflux instance where the `METRICS_COLLECTOR` configuration option is enabled and `METRICS_ALLOWED_NETWORKS` is set to `127.0.0.1/8` (the default). A patch is available in Miniflux 2.0.43. As a workaround, set `METRICS_COLLECTOR` to `false` (default) or run Miniflux behind a trusted reverse-proxy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1220: Insufficient Granularity of Access Control",
"cweId": "CWE-1220"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "miniflux",
"product": {
"product_data": [
{
"product_name": "v2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 2.0.43"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/miniflux/v2/security/advisories/GHSA-3qjf-qh38-x73v",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/security/advisories/GHSA-3qjf-qh38-x73v"
},
{
"url": "https://github.com/miniflux/v2/pull/1745",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/pull/1745"
},
{
"url": "https://github.com/miniflux/v2/releases/tag/2.0.43",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/releases/tag/2.0.43"
},
{
"url": "https://miniflux.app/docs/configuration.html#metrics-collector",
"refsource": "MISC",
"name": "https://miniflux.app/docs/configuration.html#metrics-collector"
}
]
},
"source": {
"advisory": "GHSA-3qjf-qh38-x73v",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

106
2023/27xxx/CVE-2023-27592.json
View File

@ -1,17 +1,115 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27592",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Miniflux is a feed reader. Since v2.0.25, Miniflux will automatically proxy images served over HTTP to prevent mixed content errors. When an outbound request made by the Go HTTP client fails, the `html.ServerError` is returned unescaped without the expected Content Security Policy header added to valid responses. By creating an RSS feed item with the inline description containing an `<img>` tag with a `srcset` attribute pointing to an invalid URL like `http:a<script>alert(1)</script>`, we can coerce the proxy handler into an error condition where the invalid URL is returned unescaped and in full. This results in JavaScript execution on the Miniflux instance as soon as the user is convinced (e.g. by a message in the alt text) to open the broken image. An attacker can execute arbitrary JavaScript in the context of a victim Miniflux user when they open a broken image in a crafted RSS feed. This can be used to perform actions on the Miniflux instance as that user and gain administrative access to the Miniflux instance if it is reachable and the victim is an administrator. A patch is available in version 2.0.43. As a workaround sisable image proxy; default value is `http-only`."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "miniflux",
"product": {
"product_data": [
{
"product_name": "v2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 2.0.25, < 2.0.43"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/miniflux/v2/releases/tag/2.0.43",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/releases/tag/2.0.43"
},
{
"url": "https://github.com/miniflux/v2/security/advisories/GHSA-mqqg-xjhj-wfgw",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/security/advisories/GHSA-mqqg-xjhj-wfgw"
},
{
"url": "https://github.com/miniflux/v2/pull/1746",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/pull/1746"
},
{
"url": "https://github.com/miniflux/v2/blob/b2fd84e0d376a3af6329b9bb2e772ce38a25c31c/ui/proxy.go#L76",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/blob/b2fd84e0d376a3af6329b9bb2e772ce38a25c31c/ui/proxy.go#L76"
},
{
"url": "https://github.com/miniflux/v2/blob/b2fd84e0d376a3af6329b9bb2e772ce38a25c31c/ui/proxy.go#L90",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/blob/b2fd84e0d376a3af6329b9bb2e772ce38a25c31c/ui/proxy.go#L90"
},
{
"url": "https://github.com/miniflux/v2/releases/tag/2.0.25",
"refsource": "MISC",
"name": "https://github.com/miniflux/v2/releases/tag/2.0.25"
},
{
"url": "https://miniflux.app/docs/configuration.html#proxy-images",
"refsource": "MISC",
"name": "https://miniflux.app/docs/configuration.html#proxy-images"
}
]
},
"source": {
"advisory": "GHSA-mqqg-xjhj-wfgw",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

109
2023/27xxx/CVE-2023-27593.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27593",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to `/opt/cni/bin` due to a `hostPath` mount of that directory in the agent pod. By replacing the CNI binary with their own malicious binary and waiting for the creation of a new pod on the node, the attacker can gain access to the underlying node. The issue has been fixed and the fix is available on versions 1.11.15, 1.12.8, and 1.13.1. Some workarounds are available. Kubernetes RBAC should be used to deny users and service accounts `exec` access to Cilium agent pods. In cases where a user requires `exec` access to Cilium agent pods, but should not have access to the underlying node, no workaround is possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276: Incorrect Default Permissions",
"cweId": "CWE-276"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "cilium",
"product": {
"product_data": [
{
"product_name": "cilium",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 1.11.15"
},
{
"version_affected": "=",
"version_value": ">= 1.12.0, < 1.12.8"
},
{
"version_affected": "=",
"version_value": ">= 1.13.0, < 1.13.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-4hc4-pgfx-3mrx",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/security/advisories/GHSA-4hc4-pgfx-3mrx"
},
{
"url": "https://github.com/cilium/cilium/pull/24075",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/pull/24075"
},
{
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.15",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/releases/tag/v1.11.15"
},
{
"url": "https://github.com/cilium/cilium/releases/tag/v1.12.8",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/releases/tag/v1.12.8"
},
{
"url": "https://github.com/cilium/cilium/releases/tag/v1.13.1",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/releases/tag/v1.13.1"
},
{
"url": "https://kubernetes.io/docs/reference/access-authn-authz/rbac/",
"refsource": "MISC",
"name": "https://kubernetes.io/docs/reference/access-authn-authz/rbac/"
}
]
},
"source": {
"advisory": "GHSA-4hc4-pgfx-3mrx",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

99
2023/27xxx/CVE-2023-27594.json
View File

@ -1,17 +1,108 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27594",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePorts are used to route traffic to pods. IPv6 and endpoint routes are both disabled by default. The problem has been fixed and is available on versions 1.11.15, 1.12.8, and 1.13.1. As a workaround, disable IPv6 routing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization",
"cweId": "CWE-285"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "cilium",
"product": {
"product_data": [
{
"product_name": "cilium",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 1.11.15"
},
{
"version_affected": "=",
"version_value": ">= 1.12.0, < 1.12.8"
},
{
"version_affected": "=",
"version_value": ">= 1.13.0, < 1.13.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.15",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/releases/tag/v1.11.15"
},
{
"url": "https://github.com/cilium/cilium/releases/tag/v1.12.8",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/releases/tag/v1.12.8"
},
{
"url": "https://github.com/cilium/cilium/releases/tag/v1.13.1",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/releases/tag/v1.13.1"
},
{
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-8fg8-jh2h-f2hc",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/security/advisories/GHSA-8fg8-jh2h-f2hc"
}
]
},
"source": {
"advisory": "GHSA-8fg8-jh2h-f2hc",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
]
}