admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-15 10:00:38 +00:00
parent 808b982eea
commit 4d2e27c22f
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 74 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2022/32xxx/CVE-2022-32206.json
View File

@ -93,6 +93,11 @@
"refsource": "GENTOO",
"name": "GLSA-202212-01",
"url": "https://security.gentoo.org/glsa/202212-01"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20230215 curl: CVE-2023-23916: HTTP multi-header compression denial of service",
"url": "http://www.openwall.com/lists/oss-security/2023/02/15/3"
}
]
},

69
2022/42xxx/CVE-2022-42735.json
View File

@ -1,18 +1,77 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42735",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 ."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management",
"cweId": "CWE-269"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache ShenYu",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "2.5.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://lists.apache.org/thread/2k8764jmckmc19qc8x51nlnngq71pcf7",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/2k8764jmckmc19qc8x51nlnngq71pcf7"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "xxhzz"
}
]
}

4
2022/45xxx/CVE-2022-45153.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@suse.de",
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2023-01-02T00:00:00.000Z",
"ID": "CVE-2022-45153",
"STATE": "PUBLIC",
@ -75,7 +75,7 @@
"description_data": [
{
"lang": "eng",
"value": "An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created.\nThis issue affects:\nSUSE Linux Enterprise Module for SAP Applications 15-SP1\nsaphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.\nSUSE Linux Enterprise Server for SAP 12-SP5\nsaphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.\nopenSUSE Leap 15.4\nsaphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e."
"value": "An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e."
}
]
},

6
2022/45xxx/CVE-2022-45154.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@suse.de",
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2023-01-26T00:00:00.000Z",
"ID": "CVE-2022-45154",
"STATE": "PUBLIC",
@ -68,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials\nThis issue affects:\nSUSE Linux Enterprise Server 12\nsupportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions.\nSUSE Linux Enterprise Server 15\nsupportutils version 3.1.21-150000.5.44.1 and prior versions.\nSUSE Linux Enterprise Server 15 SP3\nsupportutils version 3.1.21-150300.7.35.15.1 and prior versions."
"value": "A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions."
}
]
},
@ -119,4 +119,4 @@
],
"discovery": "INTERNAL"
}
}
}