mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-21 05:40:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
d3f0433273
commit
b4f91b7bd0
@ -98,6 +98,11 @@
|
||||
"refsource": "FEDORA",
|
||||
"name": "FEDORA-2022-814ee0c43b",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RHXO4O4G2UQS7X6OQJCVZKHZAQ7SAIFB/"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20230718 [SECURITY] [DLA 3499-1] libapache2-mod-auth-openidc security update",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00020.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -40,8 +40,8 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "< 2.4.12.2",
|
||||
"version_affected": "="
|
||||
"version_affected": "=",
|
||||
"version_value": "< 2.4.12.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -63,6 +63,11 @@
|
||||
"url": "https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.12.1/auth_openidc.conf#L975-L984",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/zmartzone/mod_auth_openidc/blob/v2.4.12.1/auth_openidc.conf#L975-L984"
|
||||
},
|
||||
{
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00020.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.debian.org/debian-lts-announce/2023/07/msg00020.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-30433",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM Security Verify Access 10.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 252186."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')",
|
||||
"cweId": "CWE-601"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Security Verify Access Docker",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "10.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7012613",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7012613"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/252186",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/252186"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,93 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-33832",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of service due to due to improper time-of-check to time-of-use functionality. IBM X-Force ID: 256012."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-20 Improper Input Validation",
|
||||
"cweId": "CWE-20"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Storage Protect",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "8.1.0.0",
|
||||
"version_value": "8.1.17.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7011761",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7011761"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/256012",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/256012"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.2,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -65,7 +65,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -65,7 +65,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-35898",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
|
||||
"cweId": "CWE-200"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "InfoSphere Information Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "11.7"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7009205",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7009205"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259352",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259352"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,98 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-35900",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "psirt@us.ibm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. IBM X-Force ID: 259368."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
|
||||
"cweId": "CWE-200"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "IBM",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Robotic Process Automation",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "21.0.0",
|
||||
"version_value": "21.0.7.4"
|
||||
},
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "23.0.0",
|
||||
"version_value": "23.0.5"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.ibm.com/support/pages/node/7010895",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.ibm.com/support/pages/node/7010895"
|
||||
},
|
||||
{
|
||||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259368",
|
||||
"refsource": "MISC",
|
||||
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259368"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.1.0-dev"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "10.0.0",
|
||||
"version_value": "10.0.19041.3208"
|
||||
"version_value": "10.0.19044.3208"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
92
2023/3xxx/CVE-2023-3765.json
Normal file
92
2023/3xxx/CVE-2023-3765.json
Normal file
@ -0,0 +1,92 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-3765",
|
||||
"ASSIGNER": "security@huntr.dev",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-36 Absolute Path Traversal",
|
||||
"cweId": "CWE-36"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "mlflow",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "mlflow/mlflow",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "unspecified",
|
||||
"version_value": "2.5.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://huntr.dev/bounties/4be5fd63-8a0a-490d-9ee1-f33dc768ed76",
|
||||
"refsource": "MISC",
|
||||
"name": "https://huntr.dev/bounties/4be5fd63-8a0a-490d-9ee1-f33dc768ed76"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/mlflow/mlflow/commit/6dde93758d42455cb90ef324407919ed67668b9b",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/mlflow/mlflow/commit/6dde93758d42455cb90ef324407919ed67668b9b"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "4be5fd63-8a0a-490d-9ee1-f33dc768ed76",
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.0",
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"baseScore": 10,
|
||||
"baseSeverity": "CRITICAL"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user