From 7ec96bd4ea01ebf874bea8aaf7c0ec28911acfbc Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 15 Sep 2023 19:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/32xxx/CVE-2023-32664.json | 2 +- 2023/33xxx/CVE-2023-33876.json | 2 +- 2023/36xxx/CVE-2023-36472.json | 81 ++++++++++++++++++++++++-- 2023/36xxx/CVE-2023-36479.json | 103 +++++++++++++++++++++++++++++++-- 2023/37xxx/CVE-2023-37263.json | 81 ++++++++++++++++++++++++-- 2023/37xxx/CVE-2023-37905.json | 34 ++++++++++- 2023/3xxx/CVE-2023-3814.json | 2 +- 2023/4xxx/CVE-2023-4269.json | 2 +- 8 files changed, 290 insertions(+), 17 deletions(-) diff --git a/2023/32xxx/CVE-2023-32664.json b/2023/32xxx/CVE-2023-32664.json index cc03ef8afe0..3f8a60a47c9 100644 --- a/2023/32xxx/CVE-2023-32664.json +++ b/2023/32xxx/CVE-2023-32664.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a malicious file to trigger the vulnerability." + "value": "A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Specially crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a malicious file to trigger the vulnerability." } ] }, diff --git a/2023/33xxx/CVE-2023-33876.json b/2023/33xxx/CVE-2023-33876.json index b45120a89b8..774c8b6d7ec 100644 --- a/2023/33xxx/CVE-2023-33876.json +++ b/2023/33xxx/CVE-2023-33876.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. A specially-crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled." + "value": "A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. Specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled." } ] }, diff --git a/2023/36xxx/CVE-2023-36472.json b/2023/36xxx/CVE-2023-36472.json index bf512ec09e0..f7dada5b31b 100644 --- a/2023/36xxx/CVE-2023-36472.json +++ b/2023/36xxx/CVE-2023-36472.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-36472", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Strapi is the an open-source headless content management system. Prior to version 4.11.7, an unauthorized actor can get access to user reset password tokens if they have the configure view permissions. The `/content-manager/relations` route does not remove private fields or ensure that they can't be selected. This issue is fixed in version 4.11.7." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "strapi", + "product": { + "product_data": [ + { + "product_name": "strapi", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 4.11.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/strapi/strapi/security/advisories/GHSA-v8gg-4mq2-88q4", + "refsource": "MISC", + "name": "https://github.com/strapi/strapi/security/advisories/GHSA-v8gg-4mq2-88q4" + }, + { + "url": "https://github.com/strapi/strapi/releases/tag/v4.11.7", + "refsource": "MISC", + "name": "https://github.com/strapi/strapi/releases/tag/v4.11.7" + } + ] + }, + "source": { + "advisory": "GHSA-v8gg-4mq2-88q4", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2023/36xxx/CVE-2023-36479.json b/2023/36xxx/CVE-2023-36479.json index c31abad82b9..fdca1f24216 100644 --- a/2023/36xxx/CVE-2023-36479.json +++ b/2023/36xxx/CVE-2023-36479.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-36479", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the original binary name provided by the user contains a quotation mark followed by a space, the resulting command line will contain multiple tokens instead of one. This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-149: Improper Neutralization of Quoting Syntax", + "cweId": "CWE-149" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "eclipse", + "product": { + "product_data": [ + { + "product_name": "jetty.project", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 9.0.0, <= 9.4.51" + }, + { + "version_affected": "=", + "version_value": ">= 10.0.0, <= 10.0.15" + }, + { + "version_affected": "=", + "version_value": ">= 11.0.0, <= 11.0.15" + }, + { + "version_affected": "=", + "version_value": "<= 12.0.0-beta1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j", + "refsource": "MISC", + "name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j" + }, + { + "url": "https://github.com/eclipse/jetty.project/pull/9516", + "refsource": "MISC", + "name": "https://github.com/eclipse/jetty.project/pull/9516" + }, + { + "url": "https://github.com/eclipse/jetty.project/pull/9888", + "refsource": "MISC", + "name": "https://github.com/eclipse/jetty.project/pull/9888" + }, + { + "url": "https://github.com/eclipse/jetty.project/pull/9889", + "refsource": "MISC", + "name": "https://github.com/eclipse/jetty.project/pull/9889" + } + ] + }, + "source": { + "advisory": "GHSA-3gh6-v5v9-6v9j", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2023/37xxx/CVE-2023-37263.json b/2023/37xxx/CVE-2023-37263.json index a4ce30eb49f..92a8f8c001a 100644 --- a/2023/37xxx/CVE-2023-37263.json +++ b/2023/37xxx/CVE-2023-37263.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-37263", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Strapi is the an open-source headless content management system. Prior to version 4.12.1, field level permissions are not respected in the relationship title. If an actor has relationship title and the relationship shows a field they don't have permission to see, the field will still be visible. Version 4.12.1 has a fix for this issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "strapi", + "product": { + "product_data": [ + { + "product_name": "strapi", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 4.12.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/strapi/strapi/security/advisories/GHSA-m284-85mf-cgrc", + "refsource": "MISC", + "name": "https://github.com/strapi/strapi/security/advisories/GHSA-m284-85mf-cgrc" + }, + { + "url": "https://github.com/strapi/strapi/releases/tag/v4.12.1", + "refsource": "MISC", + "name": "https://github.com/strapi/strapi/releases/tag/v4.12.1" + } + ] + }, + "source": { + "advisory": "GHSA-m284-85mf-cgrc", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2023/37xxx/CVE-2023-37905.json b/2023/37xxx/CVE-2023-37905.json index c6c6a37eeb6..ec55ce6c1e4 100644 --- a/2023/37xxx/CVE-2023-37905.json +++ b/2023/37xxx/CVE-2023-37905.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the `ckeditor-wordcount-plugin` plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the `ckeditor-wordcount-plugin` plugin and users are advised to upgrade. There are no known workarounds for this vulnerability." + "value": "ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the `ckeditor-wordcount-plugin` plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the `ckeditor-wordcount-plugin` plugin and users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n" } ] }, @@ -48,6 +48,28 @@ } ] } + }, + { + "vendor_name": "typo3", + "product": { + "product_data": [ + { + "product_name": "cms-rte-ckeditor", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 10.0.0, < 10.4.39" + }, + { + "version_affected": "=", + "version_value": ">= 11.0.0, < 11.5.30" + } + ] + } + } + ] + } } ] } @@ -68,6 +90,16 @@ "url": "https://github.com/w8tcha/CKEditor-WordCount-Plugin/commit/a4b154bdf35b3465320136fcb078f196b437c2f1", "refsource": "MISC", "name": "https://github.com/w8tcha/CKEditor-WordCount-Plugin/commit/a4b154bdf35b3465320136fcb078f196b437c2f1" + }, + { + "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m8fw-p3cr-6jqc", + "refsource": "MISC", + "name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m8fw-p3cr-6jqc" + }, + { + "url": "https://typo3.org/security/advisory/typo3-core-sa-2023-004", + "refsource": "MISC", + "name": "https://typo3.org/security/advisory/typo3-core-sa-2023-004" } ] }, diff --git a/2023/3xxx/CVE-2023-3814.json b/2023/3xxx/CVE-2023-3814.json index 1b14e6ba298..9ce3ce8b9f2 100644 --- a/2023/3xxx/CVE-2023-3814.json +++ b/2023/3xxx/CVE-2023-3814.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "CWE-284 Improper Access Control" + "value": "CWE-863 Incorrect Authorization" } ] } diff --git a/2023/4xxx/CVE-2023-4269.json b/2023/4xxx/CVE-2023-4269.json index 389f49467b4..27d5170fb72 100644 --- a/2023/4xxx/CVE-2023-4269.json +++ b/2023/4xxx/CVE-2023-4269.json @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "CWE-862 Missing Authorization" + "value": "CWE-863 Incorrect Authorization" } ] }