From 5db0666b842a92f47126e7049a63a9f4796f5506 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 14 Jul 2023 22:00:44 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/34xxx/CVE-2023-34236.json | 110 +++++++++++++++++++++++++++++++-- 2023/36xxx/CVE-2023-36466.json | 84 +++++++++++++++++++++++-- 2023/36xxx/CVE-2023-36818.json | 81 ++++++++++++++++++++++-- 2023/37xxx/CVE-2023-37268.json | 81 ++++++++++++++++++++++-- 2023/38xxx/CVE-2023-38336.json | 62 +++++++++++++++++++ 2023/38xxx/CVE-2023-38337.json | 67 ++++++++++++++++++++ 2023/38xxx/CVE-2023-38338.json | 18 ++++++ 7 files changed, 487 insertions(+), 16 deletions(-) create mode 100644 2023/38xxx/CVE-2023-38336.json create mode 100644 2023/38xxx/CVE-2023-38337.json create mode 100644 2023/38xxx/CVE-2023-38338.json diff --git a/2023/34xxx/CVE-2023-34236.json b/2023/34xxx/CVE-2023-34236.json index 200565bbfca..7f300be6be7 100644 --- a/2023/34xxx/CVE-2023-34236.json +++ b/2023/34xxx/CVE-2023-34236.json @@ -1,17 +1,119 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-34236", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Weave GitOps Terraform Controller (aka Weave TF-controller) is a controller for Flux to reconcile Terraform resources in a GitOps way. A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This vulnerability stems from Weave GitOps Terraform Runners (`tf-runner`), where sensitive data is inadvertently printed - potentially revealing sensitive user data in their pod logs. In particular, functions `tfexec.ShowPlan`, `tfexec.ShowPlanRaw`, and `tfexec.Output` are implicated when the `tfexec` object set its `Stdout` and `Stderr` to be `os.Stdout` and `os.Stderr`. An unauthorized remote attacker could exploit this vulnerability by accessing these prints of sensitive information, which may contain configurations or tokens that could be used to gain unauthorized control or access to resources managed by the Terraform controller. A successful exploit could allow the attacker to utilize this sensitive data, potentially leading to unauthorized access or control of the system. This vulnerability has been addressed in Weave GitOps Terraform Controller versions `v0.14.4` and `v0.15.0-rc.5`. Users are urged to upgrade to one of these versions to mitigate the vulnerability. As a temporary measure until the patch can be applied, users can add the environment variable `DISABLE_TF_LOGS` to the tf-runners via the runner pod template of the Terraform Custom Resource. This will prevent the logging of sensitive information and mitigate the risk of this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "weaveworks", + "product": { + "product_data": [ + { + "product_name": "tf-controller", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.14.4" + }, + { + "version_affected": "=", + "version_value": ">= 0.15.0-rc.1, < 0.15.0-rc.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/weaveworks/tf-controller/security/advisories/GHSA-6hvv-j432-23cv", + "refsource": "MISC", + "name": "https://github.com/weaveworks/tf-controller/security/advisories/GHSA-6hvv-j432-23cv" + }, + { + "url": "https://github.com/weaveworks/tf-controller/issues/637", + "refsource": "MISC", + "name": "https://github.com/weaveworks/tf-controller/issues/637" + }, + { + "url": "https://github.com/weaveworks/tf-controller/issues/649", + "refsource": "MISC", + "name": "https://github.com/weaveworks/tf-controller/issues/649" + }, + { + "url": "https://github.com/weaveworks/tf-controller/commit/28282bc644054e157c3b9a3d38f1f9551ce09074", + "refsource": "MISC", + "name": "https://github.com/weaveworks/tf-controller/commit/28282bc644054e157c3b9a3d38f1f9551ce09074" + }, + { + "url": "https://github.com/weaveworks/tf-controller/commit/6323b355bd7f5d2ce85d0244fe0883af3881df4e", + "refsource": "MISC", + "name": "https://github.com/weaveworks/tf-controller/commit/6323b355bd7f5d2ce85d0244fe0883af3881df4e" + }, + { + "url": "https://github.com/weaveworks/tf-controller/commit/9708fda28ccd0466cb0a8fd409854ab4d92f7dca", + "refsource": "MISC", + "name": "https://github.com/weaveworks/tf-controller/commit/9708fda28ccd0466cb0a8fd409854ab4d92f7dca" + }, + { + "url": "https://github.com/weaveworks/tf-controller/commit/98a0688036e9dbcf43fa84960d9a1ef3e09a69cf", + "refsource": "MISC", + "name": "https://github.com/weaveworks/tf-controller/commit/98a0688036e9dbcf43fa84960d9a1ef3e09a69cf" + } + ] + }, + "source": { + "advisory": "GHSA-6hvv-j432-23cv", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", + "version": "3.1" } ] } diff --git a/2023/36xxx/CVE-2023-36466.json b/2023/36xxx/CVE-2023-36466.json index 010da92de5f..afef329eb87 100644 --- a/2023/36xxx/CVE-2023-36466.json +++ b/2023/36xxx/CVE-2023-36466.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-36466", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "discourse", + "product": { + "product_data": [ + { + "product_name": "discourse", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "stable < 3.0.5" + }, + { + "version_affected": "=", + "version_value": "beta < 3.1.0.beta6" + }, + { + "version_affected": "=", + "version_value": "tests-passed < 3.1.0.beta6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/discourse/discourse/security/advisories/GHSA-4hjh-wg43-p932", + "refsource": "MISC", + "name": "https://github.com/discourse/discourse/security/advisories/GHSA-4hjh-wg43-p932" + } + ] + }, + "source": { + "advisory": "GHSA-4hjh-wg43-p932", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2023/36xxx/CVE-2023-36818.json b/2023/36xxx/CVE-2023-36818.json index f55792a9ea3..83310cf7892 100644 --- a/2023/36xxx/CVE-2023-36818.json +++ b/2023/36xxx/CVE-2023-36818.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-36818", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400: Uncontrolled Resource Consumption", + "cweId": "CWE-400" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "discourse", + "product": { + "product_data": [ + { + "product_name": "discourse", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "= 3.1.0beta5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/discourse/discourse/security/advisories/GHSA-gxqx-3q2p-37gm", + "refsource": "MISC", + "name": "https://github.com/discourse/discourse/security/advisories/GHSA-gxqx-3q2p-37gm" + }, + { + "url": "https://github.com/discourse/discourse/commit/52b003d915761f1581ae2d105f3cbe76df7bf1ff", + "refsource": "MISC", + "name": "https://github.com/discourse/discourse/commit/52b003d915761f1581ae2d105f3cbe76df7bf1ff" + } + ] + }, + "source": { + "advisory": "GHSA-gxqx-3q2p-37gm", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2023/37xxx/CVE-2023-37268.json b/2023/37xxx/CVE-2023-37268.json index a92a3723f69..9e4790b9bdc 100644 --- a/2023/37xxx/CVE-2023-37268.json +++ b/2023/37xxx/CVE-2023-37268.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-37268", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Warpgate is an SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. When logging in as a user with SSO enabled an attacker may authenticate as an other user. Any user account which does not have a second factor enabled could be compromised. This issue has been addressed in commit `8173f6512a` and in releases starting with version 0.7.3. Users are advised to upgrade. Users unable to upgrade should require their users to use a second factor in authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-287: Improper Authentication", + "cweId": "CWE-287" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "warp-tech", + "product": { + "product_data": [ + { + "product_name": "warpgate", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/warp-tech/warpgate/security/advisories/GHSA-868r-97g5-r9g4", + "refsource": "MISC", + "name": "https://github.com/warp-tech/warpgate/security/advisories/GHSA-868r-97g5-r9g4" + }, + { + "url": "https://github.com/warp-tech/warpgate/commit/8173f6512ab6183fa5edc5c9a5f3760b8979271e", + "refsource": "MISC", + "name": "https://github.com/warp-tech/warpgate/commit/8173f6512ab6183fa5edc5c9a5f3760b8979271e" + } + ] + }, + "source": { + "advisory": "GHSA-868r-97g5-r9g4", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2023/38xxx/CVE-2023-38336.json b/2023/38xxx/CVE-2023-38336.json new file mode 100644 index 00000000000..2dd2cb289b2 --- /dev/null +++ b/2023/38xxx/CVE-2023-38336.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38336", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039689", + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039689" + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38337.json b/2023/38xxx/CVE-2023-38337.json new file mode 100644 index 00000000000..befc198a525 --- /dev/null +++ b/2023/38xxx/CVE-2023-38337.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-38337", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rswag/rswag/issues/653", + "refsource": "MISC", + "name": "https://github.com/rswag/rswag/issues/653" + }, + { + "url": "https://github.com/rswag/rswag/compare/2.9.0...2.10.1", + "refsource": "MISC", + "name": "https://github.com/rswag/rswag/compare/2.9.0...2.10.1" + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38338.json b/2023/38xxx/CVE-2023-38338.json new file mode 100644 index 00000000000..ca74af62dd8 --- /dev/null +++ b/2023/38xxx/CVE-2023-38338.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-38338", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file