admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-08-02 20:00:34 +00:00
parent 8a13d546b3
commit 825334ac8e
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
21 changed files with 429 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2022/47xxx/CVE-2022-47758.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://pwning.tech/cve-2022-47758",
"url": "https://pwning.tech/cve-2022-47758"
},
{
"refsource": "MISC",
"name": "https://pwning.tech/cve-2022-47758/",
"url": "https://pwning.tech/cve-2022-47758/"
}
]
}

5
2023/26xxx/CVE-2023-26430.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26438.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26439.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26440.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26441.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26442.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26443.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26445.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26446.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26447.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26448.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26449.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26450.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

5
2023/26xxx/CVE-2023-26451.json
View File

@ -64,6 +64,11 @@
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"refsource": "MISC",
"name": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Aug/8"
}
]
},

72
2023/29xxx/CVE-2023-29407.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29407",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@golang.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size (width * height) appearing to be zero."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-834: Excessive Iteration"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "golang.org/x/image",
"product": {
"product_data": [
{
"product_name": "golang.org/x/image/tiff",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "0.10.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://go.dev/issue/61581",
"refsource": "MISC",
"name": "https://go.dev/issue/61581"
},
{
"url": "https://go.dev/cl/514897",
"refsource": "MISC",
"name": "https://go.dev/cl/514897"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-1990",
"refsource": "MISC",
"name": "https://pkg.go.dev/vuln/GO-2023-1990"
}
]
},
"credits": [
{
"lang": "en",
"value": "Philippe Antoine (Catena cyber)"
}
]
}

72
2023/29xxx/CVE-2023-29408.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29408",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@golang.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height, and encoded size) to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "golang.org/x/image",
"product": {
"product_data": [
{
"product_name": "golang.org/x/image/tiff",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "0.10.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://go.dev/issue/61582",
"refsource": "MISC",
"name": "https://go.dev/issue/61582"
},
{
"url": "https://go.dev/cl/514897",
"refsource": "MISC",
"name": "https://go.dev/cl/514897"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-1989",
"refsource": "MISC",
"name": "https://pkg.go.dev/vuln/GO-2023-1989"
}
]
},
"credits": [
{
"lang": "en",
"value": "Philippe Antoine (Catena cyber)"
}
]
}

87
2023/29xxx/CVE-2023-29409.json
View File

@ -1,18 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29409",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@golang.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Go standard library",
"product": {
"product_data": [
{
"product_name": "crypto/tls",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.19.12"
},
{
"version_affected": "<",
"version_name": "1.20.0-0",
"version_value": "1.20.7"
},
{
"version_affected": "<",
"version_name": "1.21.0-0",
"version_value": "1.21.0-rc.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://go.dev/issue/61460",
"refsource": "MISC",
"name": "https://go.dev/issue/61460"
},
{
"url": "https://go.dev/cl/515257",
"refsource": "MISC",
"name": "https://go.dev/cl/515257"
},
{
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"refsource": "MISC",
"name": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-1987",
"refsource": "MISC",
"name": "https://pkg.go.dev/vuln/GO-2023-1987"
}
]
},
"credits": [
{
"lang": "en",
"value": "Mateusz Poliwczak"
}
]
}

66
2023/36xxx/CVE-2023-36081.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-36081",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-36081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerability in GatesAIr Flexiva FM Transmitter/Exciter v.FAX 150W allows a remote attacker to execute arbitrary code via a crafted script to the web application dashboard."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://flexiva.com",
"refsource": "MISC",
"name": "http://flexiva.com"
},
{
"url": "http://gatesair.com",
"refsource": "MISC",
"name": "http://gatesair.com"
},
{
"refsource": "MISC",
"name": "https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36081",
"url": "https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36081"
}
]
}

64
2023/3xxx/CVE-2023-3978.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3978",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@golang.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "golang.org/x/net",
"product": {
"product_data": [
{
"product_name": "golang.org/x/net/html",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "0.13.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://go.dev/issue/61615",
"refsource": "MISC",
"name": "https://go.dev/issue/61615"
},
{
"url": "https://go.dev/cl/514896",
"refsource": "MISC",
"name": "https://go.dev/cl/514896"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-1988",
"refsource": "MISC",
"name": "https://pkg.go.dev/vuln/GO-2023-1988"
}
]
}

18
2023/4xxx/CVE-2023-4109.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4109",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}