admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-11-21 18:00:35 +00:00
parent b17700f87e
commit 64dbeb304a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
20 changed files with 1811 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
2021/27xxx/CVE-2021-27502.json
View File

@ -1,17 +1,159 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27502",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Texas Instruments TI-RTOS, when configured to use HeapMem heap(default),\n malloc returns a valid pointer to a small buffer on extremely large \nvalues, which can trigger an integer overflow vulnerability in \n'HeapMem_allocUnprotected' and result in code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190: Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Texas Instruments",
"product": {
"product_data": [
{
"product_name": "CC32XX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.40.00.07"
}
]
}
},
{
"product_name": "SimpleLink MSP432E4XX",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "SimpleLink-CC13XX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.40.00"
}
]
}
},
{
"product_name": "SimpleLink-CC26XX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.40.00"
}
]
}
},
{
"product_name": "SimpleLink-CC32XX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.10.03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04"
},
{
"url": "https://www.ti.com/tool/TI-RTOS-MCU",
"refsource": "MISC",
"name": "https://www.ti.com/tool/TI-RTOS-MCU"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<div>Texas Instruments CC32XX \u2013 Update to v4.40.00.07</div><div>Texas Instruments SimpleLink CC13X0 \u2013 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.10.03</a></div><div>Texas Instruments SimpleLink CC13X2-CC26X2 \u2013 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.40.00</a></div><div>Texas Instruments SimpleLink CC2640R2 \u2013 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.40.00</a></div><div>Texas Instruments SimpleLink MSP432E4 \u2013 Confirmed. No update currently planned</div>\n\n<br>"
}
],
"value": "Texas Instruments CC32XX \u2013 Update to v4.40.00.07\n\nTexas Instruments SimpleLink CC13X0 \u2013 Update to v4.10.03 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink CC13X2-CC26X2 \u2013 Update to v4.40.00 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink CC2640R2 \u2013 Update to v4.40.00 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink MSP432E4 \u2013 Confirmed. No update currently planned"
}
],
"credits": [
{
"lang": "en",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

150
2021/27xxx/CVE-2021-27504.json
View File

@ -1,17 +1,159 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-27504",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Texas Instruments devices running FREERTOS, malloc returns a valid \npointer to a small buffer on extremely large values, which can trigger \nan integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in\n code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190: Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Texas Instruments",
"product": {
"product_data": [
{
"product_name": "CC32XX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.40.00.07"
}
]
}
},
{
"product_name": "SimpleLink MSP432E4XX",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "SimpleLink-CC13XX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.40.00"
}
]
}
},
{
"product_name": "SimpleLink-CC26XX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.40.00"
}
]
}
},
{
"product_name": "SimpleLink-CC32XX",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.10.03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04"
},
{
"url": "https://www.ti.com/tool/TI-RTOS-MCU",
"refsource": "MISC",
"name": "https://www.ti.com/tool/TI-RTOS-MCU"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<div>Texas Instruments CC32XX \u2013 Update to v4.40.00.07</div><div>Texas Instruments SimpleLink CC13X0 \u2013 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.10.03</a></div><div>Texas Instruments SimpleLink CC13X2-CC26X2 \u2013 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.40.00</a></div><div>Texas Instruments SimpleLink CC2640R2 \u2013 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.40.00</a></div><div>Texas Instruments SimpleLink MSP432E4 \u2013 Confirmed. No update currently planned</div>\n\n<br>"
}
],
"value": "Texas Instruments CC32XX \u2013 Update to v4.40.00.07\n\nTexas Instruments SimpleLink CC13X0 \u2013 Update to v4.10.03 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink CC13X2-CC26X2 \u2013 Update to v4.40.00 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink CC2640R2 \u2013 Update to v4.40.00 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink MSP432E4 \u2013 Confirmed. No update currently planned"
}
],
"credits": [
{
"lang": "en",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

5
2022/30xxx/CVE-2022-30067.json
View File

@ -56,6 +56,11 @@
"url": "https://gitlab.gnome.org/GNOME/gimp/-/issues/8120",
"refsource": "MISC",
"name": "https://gitlab.gnome.org/GNOME/gimp/-/issues/8120"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231121 [SECURITY] [DLA 3659-1] gimp security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00015.html"
}
]
}

427
2023/22xxx/CVE-2023-22516.json
View File

@ -1,17 +1,436 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22516",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@atlassian.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\r\n\r\nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.7.\r\n JDK 1.8u121+ should be used in case Java 8 used to run Bamboo Data Center and Server. See Bamboo 9.2 Upgrade notes (https://confluence.atlassian.com/bambooreleases/bamboo-9-2-upgrade-notes-1207179212.html)\r\n\r\n Bamboo Data Center and Server 9.3: Upgrade to a release greater than or equal to 9.3.4\r\n\r\nSee the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).\r\n\r\nThis vulnerability was discovered by a private user and reported via our Bug Bounty program"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "RCE (Remote Code Execution)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlassian",
"product": {
"product_data": [
{
"product_name": "Bamboo Data Center",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "< 8.1.0",
"status": "unaffected"
},
{
"version": ">= 8.1.0",
"status": "affected"
},
{
"version": ">= 8.1.1",
"status": "affected"
},
{
"version": ">= 8.1.10",
"status": "affected"
},
{
"version": ">= 8.1.11",
"status": "affected"
},
{
"version": ">= 8.1.12",
"status": "affected"
},
{
"version": ">= 8.1.2",
"status": "affected"
},
{
"version": ">= 8.1.3",
"status": "affected"
},
{
"version": ">= 8.1.4",
"status": "affected"
},
{
"version": ">= 8.1.5",
"status": "affected"
},
{
"version": ">= 8.1.6",
"status": "affected"
},
{
"version": ">= 8.1.7",
"status": "affected"
},
{
"version": ">= 8.1.9",
"status": "affected"
},
{
"version": ">= 8.2.0",
"status": "affected"
},
{
"version": ">= 8.2.1",
"status": "affected"
},
{
"version": ">= 8.2.2",
"status": "affected"
},
{
"version": ">= 8.2.3",
"status": "affected"
},
{
"version": ">= 8.2.4",
"status": "affected"
},
{
"version": ">= 8.2.5",
"status": "affected"
},
{
"version": ">= 8.2.6",
"status": "affected"
},
{
"version": ">= 8.2.7",
"status": "affected"
},
{
"version": ">= 8.2.8",
"status": "affected"
},
{
"version": ">= 8.2.9",
"status": "affected"
},
{
"version": ">= 9.0.0",
"status": "affected"
},
{
"version": ">= 9.0.1",
"status": "affected"
},
{
"version": ">= 9.0.2",
"status": "affected"
},
{
"version": ">= 9.0.3",
"status": "affected"
},
{
"version": ">= 9.1.0",
"status": "affected"
},
{
"version": ">= 9.1.1",
"status": "affected"
},
{
"version": ">= 9.1.2",
"status": "affected"
},
{
"version": ">= 9.1.3",
"status": "affected"
},
{
"version": ">= 9.2.1",
"status": "affected"
},
{
"version": ">= 9.2.3",
"status": "affected"
},
{
"version": ">= 9.2.4",
"status": "affected"
},
{
"version": ">= 9.2.5",
"status": "affected"
},
{
"version": ">= 9.2.6",
"status": "affected"
},
{
"version": ">= 9.3.0",
"status": "affected"
},
{
"version": ">= 9.3.1",
"status": "affected"
},
{
"version": ">= 9.3.2",
"status": "affected"
},
{
"version": ">= 9.3.3",
"status": "affected"
},
{
"version": ">= 9.2.7",
"status": "unaffected"
},
{
"version": ">= 9.3.4",
"status": "unaffected"
}
]
}
}
]
}
},
{
"product_name": "Bamboo Server",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "< 8.1.0",
"status": "unaffected"
},
{
"version": ">= 8.1.0",
"status": "affected"
},
{
"version": ">= 8.1.1",
"status": "affected"
},
{
"version": ">= 8.1.10",
"status": "affected"
},
{
"version": ">= 8.1.11",
"status": "affected"
},
{
"version": ">= 8.1.12",
"status": "affected"
},
{
"version": ">= 8.1.2",
"status": "affected"
},
{
"version": ">= 8.1.3",
"status": "affected"
},
{
"version": ">= 8.1.4",
"status": "affected"
},
{
"version": ">= 8.1.5",
"status": "affected"
},
{
"version": ">= 8.1.6",
"status": "affected"
},
{
"version": ">= 8.1.7",
"status": "affected"
},
{
"version": ">= 8.1.9",
"status": "affected"
},
{
"version": ">= 8.2.0",
"status": "affected"
},
{
"version": ">= 8.2.1",
"status": "affected"
},
{
"version": ">= 8.2.2",
"status": "affected"
},
{
"version": ">= 8.2.3",
"status": "affected"
},
{
"version": ">= 8.2.4",
"status": "affected"
},
{
"version": ">= 8.2.5",
"status": "affected"
},
{
"version": ">= 8.2.6",
"status": "affected"
},
{
"version": ">= 8.2.7",
"status": "affected"
},
{
"version": ">= 8.2.8",
"status": "affected"
},
{
"version": ">= 8.2.9",
"status": "affected"
},
{
"version": ">= 9.0.0",
"status": "affected"
},
{
"version": ">= 9.0.1",
"status": "affected"
},
{
"version": ">= 9.0.2",
"status": "affected"
},
{
"version": ">= 9.0.3",
"status": "affected"
},
{
"version": ">= 9.1.0",
"status": "affected"
},
{
"version": ">= 9.1.1",
"status": "affected"
},
{
"version": ">= 9.1.2",
"status": "affected"
},
{
"version": ">= 9.1.3",
"status": "affected"
},
{
"version": ">= 9.2.1",
"status": "affected"
},
{
"version": ">= 9.2.3",
"status": "affected"
},
{
"version": ">= 9.2.4",
"status": "affected"
},
{
"version": ">= 9.2.5",
"status": "affected"
},
{
"version": ">= 9.2.6",
"status": "affected"
},
{
"version": ">= 9.3.0",
"status": "affected"
},
{
"version": ">= 9.3.1",
"status": "affected"
},
{
"version": ">= 9.3.2",
"status": "affected"
},
{
"version": ">= 9.3.3",
"status": "affected"
},
{
"version": ">= 9.2.7",
"status": "unaffected"
},
{
"version": ">= 9.3.4",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1318881573",
"refsource": "MISC",
"name": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1318881573"
},
{
"url": "https://jira.atlassian.com/browse/BAM-25168",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/BAM-25168"
}
]
},
"credits": [
{
"lang": "en",
"value": "a private user"
}
],
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.5,
"baseSeverity": "HIGH"
}
]
}

131
2023/22xxx/CVE-2023-22521.json
View File

@ -1,17 +1,140 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22521",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@atlassian.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\r\n\r\nAtlassian recommends that Crowd Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Crowd Data Center and Server 3.4: Upgrade to a release greater than or equal to 5.1.6\r\n Crowd Data Center and Server 5.2: Upgrade to a release greater than or equal to 5.2.1\r\n\r\nSee the release notes ([https://confluence.atlassian.com/crowd/crowd-release-notes-199094.html]). You can download the latest version of Crowd Data Center and Server from the download center ([https://www.atlassian.com/software/crowd/download-archive]).\r\n\r\nThis vulnerability was discovered by m1sn0w and reported via our Bug Bounty program"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "RCE (Remote Code Execution)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlassian",
"product": {
"product_data": [
{
"product_name": "Crowd Data Center",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "< 3.4.6",
"status": "unaffected"
},
{
"version": ">= 3.4.6",
"status": "affected"
},
{
"version": ">= 5.2.0",
"status": "affected"
},
{
"version": ">= 5.1.6",
"status": "unaffected"
},
{
"version": ">= 5.2.1",
"status": "unaffected"
}
]
}
}
]
}
},
{
"product_name": "Crowd Server",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "< 3.4.6",
"status": "unaffected"
},
{
"version": ">= 3.4.6",
"status": "affected"
},
{
"version": ">= 5.2.0",
"status": "affected"
},
{
"version": ">= 5.1.6",
"status": "unaffected"
},
{
"version": ">= 5.2.1",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1318881573",
"refsource": "MISC",
"name": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1318881573"
},
{
"url": "https://jira.atlassian.com/browse/CWD-6139",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CWD-6139"
}
]
},
"credits": [
{
"lang": "en",
"value": "m1sn0w"
}
],
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8,
"baseSeverity": "HIGH"
}
]
}

86
2023/3xxx/CVE-2023-3812.json
View File

@ -87,10 +87,65 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-70.80.1.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-70.80.1.rt21.151.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.40.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
@ -104,6 +159,12 @@
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
@ -216,11 +277,36 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:6813"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7370",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7370"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7379",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7379"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7382",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7382"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7389",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7389"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7411",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7411"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7418",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7418"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3812",
"refsource": "MISC",

86
2023/3xxx/CVE-2023-3961.json
View File

@ -68,6 +68,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.5-13.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -124,6 +145,48 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.17.5-104.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.5-13.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -156,19 +219,6 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Storage 3",
"version": {
@ -220,6 +270,16 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:6744"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7371",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7371"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7408",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7408"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3961",
"refsource": "MISC",

86
2023/42xxx/CVE-2023-42669.json
View File

@ -68,6 +68,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.5-13.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -124,6 +145,48 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.17.5-104.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.5-13.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -156,19 +219,6 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Storage 3",
"version": {
@ -220,6 +270,16 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:6744"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7371",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7371"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7408",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7408"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-42669",
"refsource": "MISC",

86
2023/42xxx/CVE-2023-42753.json
View File

@ -60,10 +60,65 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-70.80.1.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-70.80.1.rt21.151.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.40.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
@ -77,6 +132,12 @@
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
@ -179,11 +240,36 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7370",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7370"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7379",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7379"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7382",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7382"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7389",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7389"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7411",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7411"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7418",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7418"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-42753",
"refsource": "MISC",

2
2023/45xxx/CVE-2023-45161.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the URL parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions.\n\nTo remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-URLResponseTime instruction to v20.1 by uploading it through the 1E Platform instruction upload UI"
"value": "The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the URL parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients.\n\nTo remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-URLResponseTime instruction to v20.1 by uploading it through the 1E Platform instruction upload UI"
}
]
},

2
2023/45xxx/CVE-2023-45163.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "\nThe 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions.\n\nTo remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-CommandLinePing instruction to v18.1 by uploading it through the 1E Platform instruction upload UI\n\n"
"value": "\nThe 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients.\n\nTo remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-CommandLinePing instruction to v18.1 by uploading it through the 1E Platform instruction upload UI\n\n"
}
]
},

154
2023/4xxx/CVE-2023-4004.json
View File

@ -107,6 +107,89 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-193.119.1.el8_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-193.119.1.rt13.170.el8_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-193.119.1.el8_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.18.0-193.119.1.el8_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"version": {
@ -272,6 +355,47 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-70.80.1.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-70.80.1.rt21.151.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
@ -413,6 +537,36 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:5627"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7382",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7382"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7389",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7389"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7411",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7411"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7417",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7417"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7431",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7431"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7434",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7434"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4004",
"refsource": "MISC",

86
2023/4xxx/CVE-2023-4091.json
View File

@ -68,6 +68,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.5-13.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -124,6 +145,48 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.17.5-104.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.5-13.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -156,19 +219,6 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Storage 3",
"version": {
@ -220,6 +270,16 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:6744"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7371",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7371"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7408",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7408"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4091",
"refsource": "MISC",

56
2023/4xxx/CVE-2023-4147.json
View File

@ -128,6 +128,47 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-70.80.1.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-70.80.1.rt21.151.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -222,6 +263,21 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:5093"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7382",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7382"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7389",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7389"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7411",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7411"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4147",
"refsource": "MISC",

47
2023/4xxx/CVE-2023-4806.json
View File

@ -90,6 +90,27 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.28-189.8.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -125,6 +146,27 @@
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.28-189.8.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -221,6 +263,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7409",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4806",
"refsource": "MISC",

47
2023/4xxx/CVE-2023-4813.json
View File

@ -95,6 +95,27 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.28-189.8.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -130,6 +151,27 @@
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.28-189.8.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -211,6 +253,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7409",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4813",
"refsource": "MISC",

30
2023/5xxx/CVE-2023-5178.json
View File

@ -64,6 +64,20 @@
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:5.14.0-284.40.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
@ -77,6 +91,12 @@
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
@ -179,11 +199,21 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7370",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7370"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7379",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7379"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7418",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7418"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5178",
"refsource": "MISC",

209
2023/5xxx/CVE-2023-5367.json
View File

@ -99,6 +99,14 @@
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.8.0-26.el7_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
@ -126,6 +134,132 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.9.0-15.el8_2.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.9.0-15.el8_2.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.9.0-15.el8_2.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.12.0-6.el8_6.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.11.0-22.el9_0.3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.12.0-14.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -245,6 +379,31 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:6808"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7373",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7373"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7388",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7388"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7405",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7405"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7428",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7428"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7436",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7436"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5367",
"refsource": "MISC",
@ -255,6 +414,11 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2243091"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/",
"refsource": "MISC",
@ -265,6 +429,21 @@
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4YBK3I6SETHETBHDETFWM3VSZUQICIDV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEDJN4VFN57K5POOC7BNVD6L6WUUCSG6/",
"refsource": "MISC",
@ -275,6 +454,11 @@
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/"
},
{
"url": "https://lists.x.org/archives/xorg-announce/2023-October/003430.html",
"refsource": "MISC",
@ -284,31 +468,6 @@
"url": "https://www.debian.org/security/2023/dsa-5534",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5534"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/"
}
]
},

91
2023/5xxx/CVE-2023-5380.json
View File

@ -60,6 +60,33 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.8.0-26.el7_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -79,25 +106,6 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
@ -188,6 +196,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7428",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7428"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5380",
"refsource": "MISC",
@ -198,16 +211,36 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2244736"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/"
},
{
"url": "https://lists.x.org/archives/xorg-announce/2023-October/003430.html",
"refsource": "MISC",
@ -217,26 +250,6 @@
"url": "https://www.debian.org/security/2023/dsa-5534",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5534"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/"
}
]
},

2
2023/5xxx/CVE-2023-5964.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "\nThe 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack available on the 1E Exchange does not properly validate the Caption or Message parameters, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions.\n\nTo remediate this issue DELETE the instruction\u00a0\u201cShow dialogue with caption %Caption% and message %Message%\u201d from the list of instructions in the Settings UI, and replace it with the new instruction\u00a01E-Exchange-ShowNotification instruction available in the updated End-User Interaction product pack. The new instruction should show as\u00a0\u201cShow %Type% type notification with header %Header% and message %Message%\u201d with a version of 7.1 or above."
"value": "\nThe 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack available on the 1E Exchange does not properly validate the Caption or Message parameters, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients.\n\nTo remediate this issue DELETE the instruction\u00a0\u201cShow dialogue with caption %Caption% and message %Message%\u201d from the list of instructions in the Settings UI, and replace it with the new instruction\u00a01E-Exchange-ShowNotification instruction available in the updated End-User Interaction product pack. The new instruction should show as\u00a0\u201cShow %Type% type notification with header %Header% and message %Message%\u201d with a version of 7.1 or above."
}
]
},