admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-12-14 22:00:33 +00:00
parent 74cf975fde
commit 881692909a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
17 changed files with 1406 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2023/49xxx/CVE-2023-49342.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49342",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Temporary data passed between application components by Budgie Extras Clockworks applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-377",
"cweId": "CWE-377"
},
{
"lang": "eng",
"value": "CWE-668",
"cweId": "CWE-668"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubuntu Budgie",
"product": {
"product_data": [
{
"product_name": "Budgie Extras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v1.4.0",
"version_value": "v1.7.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49342",
"refsource": "MISC",
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49342"
},
{
"url": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-2vfg-p2h9-wg39",
"refsource": "MISC",
"name": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-2vfg-p2h9-wg39"
},
{
"url": "https://ubuntu.com/security/notices/USN-6556-1",
"refsource": "MISC",
"name": "https://ubuntu.com/security/notices/USN-6556-1"
}
]
},
"credits": [
{
"lang": "en",
"value": "Sam Lane"
},
{
"lang": "en",
"value": "David Mohammed"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6,
"baseSeverity": "MEDIUM"
}
]
}

98
2023/49xxx/CVE-2023-49343.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49343",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-337",
"cweId": "CWE-337"
},
{
"lang": "eng",
"value": "CWE-668",
"cweId": "CWE-668"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubuntu Budgie",
"product": {
"product_data": [
{
"product_name": "Budgie Extras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v1.4.0",
"version_value": "v1.7.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-27g2-7x65-3cc5",
"refsource": "MISC",
"name": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-27g2-7x65-3cc5"
},
{
"url": "https://ubuntu.com/security/notices/USN-6556-1",
"refsource": "MISC",
"name": "https://ubuntu.com/security/notices/USN-6556-1"
},
{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49343",
"refsource": "MISC",
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49343"
}
]
},
"credits": [
{
"lang": "en",
"value": "Sam Lane"
},
{
"lang": "en",
"value": "David Mohammed"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6,
"baseSeverity": "MEDIUM"
}
]
}

102
2023/49xxx/CVE-2023-49344.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49344",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-377",
"cweId": "CWE-377"
},
{
"lang": "eng",
"value": "CWE-668",
"cweId": "CWE-668"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubuntu Budgie",
"product": {
"product_data": [
{
"product_name": "Budgie Extras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v1.4.0",
"version_value": "v1.7.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-rhwf-6fc9-9jvm",
"refsource": "MISC",
"name": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-rhwf-6fc9-9jvm"
},
{
"url": "https://ubuntu.com/security/notices/USN-6556-1",
"refsource": "MISC",
"name": "https://ubuntu.com/security/notices/USN-6556-1"
},
{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49344",
"refsource": "MISC",
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49344"
}
]
},
"credits": [
{
"lang": "en",
"value": "Matthias Gerstner"
},
{
"lang": "en",
"value": "Sam Lane"
},
{
"lang": "en",
"value": "David Mohammed"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6,
"baseSeverity": "MEDIUM"
}
]
}

102
2023/49xxx/CVE-2023-49345.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49345",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-668",
"cweId": "CWE-668"
},
{
"lang": "eng",
"value": "CWE-377",
"cweId": "CWE-377"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubuntu Budgie",
"product": {
"product_data": [
{
"product_name": "Budgie Extras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v1.4.0",
"version_value": "v1.7.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49345",
"refsource": "MISC",
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49345"
},
{
"url": "https://ubuntu.com/security/notices/USN-6556-1",
"refsource": "MISC",
"name": "https://ubuntu.com/security/notices/USN-6556-1"
},
{
"url": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-rvhc-rch9-j943",
"refsource": "MISC",
"name": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-rvhc-rch9-j943"
}
]
},
"credits": [
{
"lang": "en",
"value": "Matthias Gerstner"
},
{
"lang": "en",
"value": "Sam Lane"
},
{
"lang": "en",
"value": "David Mohammed"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6,
"baseSeverity": "MEDIUM"
}
]
}

102
2023/49xxx/CVE-2023-49346.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49346",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Temporary data passed between application components by Budgie Extras WeatherShow applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-377",
"cweId": "CWE-377"
},
{
"lang": "eng",
"value": "CWE-668",
"cweId": "CWE-668"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubuntu Budgie",
"product": {
"product_data": [
{
"product_name": "Budgie Extras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v1.4.0",
"version_value": "v1.7.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-rffw-gg7p-5688",
"refsource": "MISC",
"name": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-rffw-gg7p-5688"
},
{
"url": "https://ubuntu.com/security/notices/USN-6556-1",
"refsource": "MISC",
"name": "https://ubuntu.com/security/notices/USN-6556-1"
},
{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49346",
"refsource": "MISC",
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49346"
}
]
},
"credits": [
{
"lang": "en",
"value": "Matthias Gerstner"
},
{
"lang": "en",
"value": "Sam Lane"
},
{
"lang": "en",
"value": "David Mohammed"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6,
"baseSeverity": "MEDIUM"
}
]
}

102
2023/49xxx/CVE-2023-49347.json
View File

@ -1,17 +1,111 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-49347",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Temporary data passed between application components by Budgie Extras Windows Previews could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may read private information from windows, present false information to users, or deny access to the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-668",
"cweId": "CWE-668"
},
{
"lang": "eng",
"value": "CWE-377",
"cweId": "CWE-377"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubuntu Budgie",
"product": {
"product_data": [
{
"product_name": "Budgie Extras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v1.4.0",
"version_value": "v1.7.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://ubuntu.com/security/notices/USN-6556-1",
"refsource": "MISC",
"name": "https://ubuntu.com/security/notices/USN-6556-1"
},
{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49347",
"refsource": "MISC",
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49347"
},
{
"url": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-xxfq-fqfp-cpvj",
"refsource": "MISC",
"name": "https://github.com/UbuntuBudgie/budgie-extras/security/advisories/GHSA-xxfq-fqfp-cpvj"
}
]
},
"credits": [
{
"lang": "en",
"value": "Matthias Gerstner"
},
{
"lang": "en",
"value": "Sam Lane"
},
{
"lang": "en",
"value": "David Mohammed"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 6,
"baseSeverity": "MEDIUM"
}
]
}

29
2023/4xxx/CVE-2023-4886.json
View File

@ -61,12 +61,34 @@
"product": {
"product_data": [
{
"product_name": "Red Hat Satellite 6",
"product_name": "Red Hat Satellite 6.14 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.7.0.10-1.el8sat",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.7.0.10-1.el8sat",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
@ -81,6 +103,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7851",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4886",
"refsource": "MISC",

18
2023/50xxx/CVE-2023-50869.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50869",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

300
2023/6xxx/CVE-2023-6134.json
View File

@ -1,17 +1,309 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6134",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)",
"cweId": "CWE-75"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "keycloak-core",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat build of Keycloak 22",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22.0.7-1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22-6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "22-9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat build of Keycloak 22.0.7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.11-2.redhat_00003.1.el7sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.11-2.redhat_00003.1.el8sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.11-2.redhat_00003.1.el9sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "RHEL-8 based Middleware Containers",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "7.6-38",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "7.6.6-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Single Sign-On 7.6.6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7854",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7854"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7855",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7855"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7856",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7856"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7857",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7857"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7858",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7858"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7860",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7860"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7861",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7861"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6134",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-6134"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249673",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2249673"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Lauritz Holtmann (https://security.lauritz-holtmann.de/) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
]
}

149
2023/6xxx/CVE-2023-6563.json
View File

@ -60,6 +60,117 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.11-2.redhat_00003.1.el7sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.11-2.redhat_00003.1.el8sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:18.0.11-2.redhat_00003.1.el9sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "RHEL-8 based Middleware Containers",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "7.6-38",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "7.6.6-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Single Sign-On 7.6.6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Build of Keycloak",
"version": {
@ -72,19 +183,6 @@
}
]
}
},
{
"product_name": "Red Hat Single Sign-On 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -94,6 +192,31 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7854",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7854"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7855",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7855"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7856",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7856"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7857",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7857"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7858",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7858"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6563",
"refsource": "MISC",

59
2023/6xxx/CVE-2023-6702.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6702",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "120.0.6099.109",
"version_value": "120.0.6099.109"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html"
},
{
"url": "https://crbug.com/1501326",
"refsource": "MISC",
"name": "https://crbug.com/1501326"
}
]
}

59
2023/6xxx/CVE-2023-6703.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6703",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "120.0.6099.109",
"version_value": "120.0.6099.109"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html"
},
{
"url": "https://crbug.com/1502102",
"refsource": "MISC",
"name": "https://crbug.com/1502102"
}
]
}

59
2023/6xxx/CVE-2023-6704.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6704",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "120.0.6099.109",
"version_value": "120.0.6099.109"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html"
},
{
"url": "https://crbug.com/1504792",
"refsource": "MISC",
"name": "https://crbug.com/1504792"
}
]
}

59
2023/6xxx/CVE-2023-6705.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6705",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "120.0.6099.109",
"version_value": "120.0.6099.109"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html"
},
{
"url": "https://crbug.com/1505708",
"refsource": "MISC",
"name": "https://crbug.com/1505708"
}
]
}

59
2023/6xxx/CVE-2023-6706.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6706",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "120.0.6099.109",
"version_value": "120.0.6099.109"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html"
},
{
"url": "https://crbug.com/1500921",
"refsource": "MISC",
"name": "https://crbug.com/1500921"
}
]
}

59
2023/6xxx/CVE-2023-6707.json
View File

@ -1,17 +1,68 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6707",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "120.0.6099.109",
"version_value": "120.0.6099.109"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html"
},
{
"url": "https://crbug.com/1504036",
"refsource": "MISC",
"name": "https://crbug.com/1504036"
}
]
}

18
2023/6xxx/CVE-2023-6830.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6830",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}