diff --git a/2022/32xxx/CVE-2022-32920.json b/2022/32xxx/CVE-2022-32920.json index af604423c88..f0ee298c87b 100644 --- a/2022/32xxx/CVE-2022-32920.json +++ b/2022/32xxx/CVE-2022-32920.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32920", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to disclosure of user information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Xcode", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213883", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213883" } ] } diff --git a/2023/27xxx/CVE-2023-27950.json b/2023/27xxx/CVE-2023-27950.json index ebd27a6df79..1d065d89acd 100644 --- a/2023/27xxx/CVE-2023-27950.json +++ b/2023/27xxx/CVE-2023-27950.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-27950", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing an image may result in disclosure of process memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28187.json b/2023/28xxx/CVE-2023-28187.json index 55bb6512e32..6bd7fc40d6c 100644 --- a/2023/28xxx/CVE-2023-28187.json +++ b/2023/28xxx/CVE-2023-28187.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28187", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3. A user may be able to cause a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A user may be able to cause a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28188.json b/2023/28xxx/CVE-2023-28188.json index ba9e97927c4..65671a497f5 100644 --- a/2023/28xxx/CVE-2023-28188.json +++ b/2023/28xxx/CVE-2023-28188.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28188", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote user may be able to cause a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28195.json b/2023/28xxx/CVE-2023-28195.json index 963c9d9948a..5e5a9059930 100644 --- a/2023/28xxx/CVE-2023-28195.json +++ b/2023/28xxx/CVE-2023-28195.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28195", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read sensitive location information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28208.json b/2023/28xxx/CVE-2023-28208.json index 71767f7a745..cd1a5f5c575 100644 --- a/2023/28xxx/CVE-2023-28208.json +++ b/2023/28xxx/CVE-2023-28208.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28208", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213606", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213606" + }, + { + "url": "https://support.apple.com/en-us/HT213605", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213605" } ] } diff --git a/2023/28xxx/CVE-2023-28209.json b/2023/28xxx/CVE-2023-28209.json index b6a2bd5a475..1d60c91c464 100644 --- a/2023/28xxx/CVE-2023-28209.json +++ b/2023/28xxx/CVE-2023-28209.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28209", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28210.json b/2023/28xxx/CVE-2023-28210.json index a9535a8eff3..7f0f3df6262 100644 --- a/2023/28xxx/CVE-2023-28210.json +++ b/2023/28xxx/CVE-2023-28210.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28210", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28211.json b/2023/28xxx/CVE-2023-28211.json index 4cfaddf0fe1..cdb93f6003b 100644 --- a/2023/28xxx/CVE-2023-28211.json +++ b/2023/28xxx/CVE-2023-28211.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28211", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28212.json b/2023/28xxx/CVE-2023-28212.json index d3bb5c06d36..230062c583c 100644 --- a/2023/28xxx/CVE-2023-28212.json +++ b/2023/28xxx/CVE-2023-28212.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28212", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28213.json b/2023/28xxx/CVE-2023-28213.json index 27584c6cb62..5b162262d24 100644 --- a/2023/28xxx/CVE-2023-28213.json +++ b/2023/28xxx/CVE-2023-28213.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28213", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28214.json b/2023/28xxx/CVE-2023-28214.json index aed321a9e64..80fe9e8e373 100644 --- a/2023/28xxx/CVE-2023-28214.json +++ b/2023/28xxx/CVE-2023-28214.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28214", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/28xxx/CVE-2023-28215.json b/2023/28xxx/CVE-2023-28215.json index c326ad5b9ee..f645072b867 100644 --- a/2023/28xxx/CVE-2023-28215.json +++ b/2023/28xxx/CVE-2023-28215.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-28215", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/29xxx/CVE-2023-29166.json b/2023/29xxx/CVE-2023-29166.json index e85b9a189c9..51baea0f6f6 100644 --- a/2023/29xxx/CVE-2023-29166.json +++ b/2023/29xxx/CVE-2023-29166.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-29166", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in Pro Video Formats 2.2.5. A user may be able to elevate privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A user may be able to elevate privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Pro Video Formats", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213882", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213882" } ] } diff --git a/2023/32xxx/CVE-2023-32356.json b/2023/32xxx/CVE-2023-32356.json index d012233f7ca..dd136182294 100644 --- a/2023/32xxx/CVE-2023-32356.json +++ b/2023/32xxx/CVE-2023-32356.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32356", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/32xxx/CVE-2023-32362.json b/2023/32xxx/CVE-2023-32362.json index b62408c8764..5d15923c977 100644 --- a/2023/32xxx/CVE-2023-32362.json +++ b/2023/32xxx/CVE-2023-32362.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32362", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Error handling was changed to not reveal sensitive information. This issue is fixed in macOS Ventura 13.3. A website may be able to track sensitive user information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A website may be able to track sensitive user information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/32xxx/CVE-2023-32370.json b/2023/32xxx/CVE-2023-32370.json index 84250f126cf..74b0df075be 100644 --- a/2023/32xxx/CVE-2023-32370.json +++ b/2023/32xxx/CVE-2023-32370.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32370", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Content Security Policy to block domains with wildcards may fail" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/32xxx/CVE-2023-32379.json b/2023/32xxx/CVE-2023-32379.json index 5f092aba1f9..1366fc9a33a 100644 --- a/2023/32xxx/CVE-2023-32379.json +++ b/2023/32xxx/CVE-2023-32379.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32379", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213758", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213758" } ] } diff --git a/2023/32xxx/CVE-2023-32425.json b/2023/32xxx/CVE-2023-32425.json index f982e389fb7..03e51a69fba 100644 --- a/2023/32xxx/CVE-2023-32425.json +++ b/2023/32xxx/CVE-2023-32425.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32425", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain elevated privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to gain elevated privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "9.5" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213764", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213764" + }, + { + "url": "https://support.apple.com/en-us/HT213757", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213757" } ] } diff --git a/2023/32xxx/CVE-2023-32426.json b/2023/32xxx/CVE-2023-32426.json index af5ac336a54..c7634e96584 100644 --- a/2023/32xxx/CVE-2023-32426.json +++ b/2023/32xxx/CVE-2023-32426.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32426", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to gain root privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213670", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213670" } ] } diff --git a/2023/32xxx/CVE-2023-32428.json b/2023/32xxx/CVE-2023-32428.json index 35c2b30834c..dd56452aa71 100644 --- a/2023/32xxx/CVE-2023-32428.json +++ b/2023/32xxx/CVE-2023-32428.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32428", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to gain root privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.4" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "9.5" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.5" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213758", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213758" + }, + { + "url": "https://support.apple.com/en-us/HT213764", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213764" + }, + { + "url": "https://support.apple.com/en-us/HT213757", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213757" + }, + { + "url": "https://support.apple.com/en-us/HT213761", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213761" } ] } diff --git a/2023/32xxx/CVE-2023-32432.json b/2023/32xxx/CVE-2023-32432.json index b3d163f6b20..fd3b3ddb15e 100644 --- a/2023/32xxx/CVE-2023-32432.json +++ b/2023/32xxx/CVE-2023-32432.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32432", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to access user-sensitive data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access user-sensitive data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.4" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "9.5" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.5" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213758", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213758" + }, + { + "url": "https://support.apple.com/en-us/HT213764", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213764" + }, + { + "url": "https://support.apple.com/en-us/HT213757", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213757" + }, + { + "url": "https://support.apple.com/en-us/HT213761", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213761" } ] } diff --git a/2023/32xxx/CVE-2023-32438.json b/2023/32xxx/CVE-2023-32438.json index 6c968159bec..28606f162f4 100644 --- a/2023/32xxx/CVE-2023-32438.json +++ b/2023/32xxx/CVE-2023-32438.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-32438", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to bypass Privacy preferences" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "9.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213606", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213606" + }, + { + "url": "https://support.apple.com/en-us/HT213601", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213601" + }, + { + "url": "https://support.apple.com/en-us/HT213605", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213605" + }, + { + "url": "https://support.apple.com/en-us/HT213599", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213599" } ] } diff --git a/2023/34xxx/CVE-2023-34352.json b/2023/34xxx/CVE-2023-34352.json index 62d57196c4d..a2b7422e018 100644 --- a/2023/34xxx/CVE-2023-34352.json +++ b/2023/34xxx/CVE-2023-34352.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-34352", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An attacker may be able to leak user account emails." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker may be able to leak user account emails" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.4" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "9.5" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.5" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213758", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213758" + }, + { + "url": "https://support.apple.com/en-us/HT213764", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213764" + }, + { + "url": "https://support.apple.com/en-us/HT213757", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213757" + }, + { + "url": "https://support.apple.com/en-us/HT213761", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213761" } ] } diff --git a/2023/4xxx/CVE-2023-4719.json b/2023/4xxx/CVE-2023-4719.json index 04f490ae4e7..dfa427e2ca0 100644 --- a/2023/4xxx/CVE-2023-4719.json +++ b/2023/4xxx/CVE-2023-4719.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-4719", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `list_type` parameter in versions up to, and including, 4.3.5 due to insufficient input sanitization and output escaping. Using this vulnerability, unauthenticated attackers could inject arbitrary web scripts into pages that are being executed if they can successfully trick a user into taking an action, such as clicking a malicious link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mra13", + "product": { + "product_data": [ + { + "product_name": "Simple Membership", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.3.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e4b10172-7e54-4ff8-9fbb-41d160ce49e4?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e4b10172-7e54-4ff8-9fbb-41d160ce49e4?source=cve" + }, + { + "url": "https://wordpress.org/plugins/simple-membership/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/simple-membership/" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2962730%40simple-membership&new=2962730%40simple-membership&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2962730%40simple-membership&new=2962730%40simple-membership&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "FearZzZz" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH" } ] }