admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-05-30 06:00:51 +00:00
parent 6cd3cca497
commit f86b7f7334
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
42 changed files with 1001 additions and 589 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
2022/32xxx/CVE-2022-32886.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32886",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16"
}
]
@ -31,6 +52,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16"
}
]
@ -42,6 +64,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "15.7"
}
]
@ -53,77 +76,72 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213446",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213446"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213445",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213445"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213442",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213442"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-0c00617967",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KDV6OLKDTL55NH4LNSMLQ4D6LLSX6JU2/"
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDV6OLKDTL55NH4LNSMLQ4D6LLSX6JU2/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDV6OLKDTL55NH4LNSMLQ4D6LLSX6JU2/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-a77b646471",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74MXH2U5GA4CX3L3NLYP4TBO4O2VOPBJ/"
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74MXH2U5GA4CX3L3NLYP4TBO4O2VOPBJ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74MXH2U5GA4CX3L3NLYP4TBO4O2VOPBJ/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-ece798a8d4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDNT32WIARRD2ANWKGCTTIQXI6OII7HZ/"
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDNT32WIARRD2ANWKGCTTIQXI6OII7HZ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDNT32WIARRD2ANWKGCTTIQXI6OII7HZ/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5240",
"url": "https://www.debian.org/security/2022/dsa-5240"
"url": "https://www.debian.org/security/2022/dsa-5240",
"refsource": "MISC",
"name": "https://www.debian.org/security/2022/dsa-5240"
},
{
"refsource": "DEBIAN",
"name": "DSA-5241",
"url": "https://www.debian.org/security/2022/dsa-5241"
"url": "https://www.debian.org/security/2022/dsa-5241",
"refsource": "MISC",
"name": "https://www.debian.org/security/2022/dsa-5241"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220929 [SECURITY] [DLA 3124-1] webkit2gtk security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00034.html"
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00034.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/09/msg00034.html"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
}
]
},
"description": {
"description_data": [
"url": "http://seclists.org/fulldisclosure/2022/Oct/41",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"lang": "eng",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution."
"url": "http://seclists.org/fulldisclosure/2022/Oct/28",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"url": "http://seclists.org/fulldisclosure/2022/Oct/39",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Oct/39"
},
{
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

5
2022/32xxx/CVE-2022-32888.json
View File

@ -150,6 +150,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20221104 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0010",
"url": "http://www.openwall.com/lists/oss-security/2022/11/04/4"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

5
2022/32xxx/CVE-2022-32891.json
View File

@ -97,6 +97,11 @@
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213487",
"name": "https://support.apple.com/en-us/HT213487"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

5
2022/32xxx/CVE-2022-32923.json
View File

@ -134,6 +134,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20221104 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0010",
"url": "http://www.openwall.com/lists/oss-security/2022/11/04/4"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

25
2022/42xxx/CVE-2022-42252.json
View File

@ -40,20 +40,24 @@
"version": {
"version_data": [
{
"version_value": "10.1.0-M1",
"version_affected": "="
"version_affected": "<=",
"version_name": "10.1.0-M1",
"version_value": "10.1.0"
},
{
"version_value": "10.0.0-M1",
"version_affected": "="
"version_affected": "<=",
"version_name": "10.0.0-M1",
"version_value": "10.0.26"
},
{
"version_value": "9.0.0-M1",
"version_affected": "="
"version_affected": "<=",
"version_name": "9.0.0-M1",
"version_value": "9.0.67"
},
{
"version_value": "8.5.0",
"version_affected": "="
"version_affected": "<=",
"version_name": "8.5.0",
"version_value": "8.5.82"
}
]
}
@ -70,6 +74,11 @@
"url": "https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq"
},
{
"url": "https://security.gentoo.org/glsa/202305-37",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-37"
}
]
},

5
2022/42xxx/CVE-2022-42799.json
View File

@ -148,6 +148,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-e7726761c4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

5
2022/42xxx/CVE-2022-42823.json
View File

@ -148,6 +148,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-e7726761c4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

5
2022/42xxx/CVE-2022-42824.json
View File

@ -148,6 +148,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-e7726761c4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

5
2022/42xxx/CVE-2022-42826.json
View File

@ -81,6 +81,11 @@
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213495",
"name": "https://support.apple.com/en-us/HT213495"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

139
2022/42xxx/CVE-2022-42852.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42852",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may result in the disclosure of process memory"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,65 +40,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
@ -86,87 +64,72 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may result in the disclosure of process memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213537"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/20"
"url": "http://seclists.org/fulldisclosure/2022/Dec/20",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/20"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/21"
"url": "http://seclists.org/fulldisclosure/2022/Dec/21",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/21"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23"
"url": "http://seclists.org/fulldisclosure/2022/Dec/23",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/26"
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/28"
"url": "http://seclists.org/fulldisclosure/2022/Dec/28",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/28"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/27"
}
]
},
"description": {
"description_data": [
"url": "http://seclists.org/fulldisclosure/2022/Dec/27",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/27"
},
{
"lang": "eng",
"value": "The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory."
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

34
2022/42xxx/CVE-2022-42856.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "unspecified",
"version_affected": "="
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
}
@ -78,35 +79,40 @@
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213537"
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/23",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/21",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/21"
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/28",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/28"
"name": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/22",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/22"
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/28",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/28"
},
{
"url": "http://www.openwall.com/lists/oss-security/2022/12/26/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/12/26/1"
},
{
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

15
2022/42xxx/CVE-2022-42863.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "unspecified",
"version_affected": "="
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
}
@ -50,8 +51,9 @@
"version": {
"version_data": [
{
"version_value": "unspecified",
"version_affected": "="
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.2"
}
]
}
@ -118,6 +120,11 @@
"url": "http://www.openwall.com/lists/oss-security/2022/12/26/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/12/26/1"
},
{
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

15
2022/42xxx/CVE-2022-42867.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "unspecified",
"version_affected": "="
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
}
@ -50,8 +51,9 @@
"version": {
"version_data": [
{
"version_value": "unspecified",
"version_affected": "="
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.2"
}
]
}
@ -118,6 +120,11 @@
"url": "http://www.openwall.com/lists/oss-security/2022/12/26/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/12/26/1"
},
{
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

37
2022/45xxx/CVE-2022-45143.json
View File

@ -40,16 +40,28 @@
"version": {
"version_data": [
{
"version_value": "10.1.0-M1",
"version_affected": "="
},
{
"version_value": "9.0.40",
"version_affected": "="
},
{
"version_value": "8.5.83",
"version_affected": "="
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "10.1.1",
"status": "affected",
"version": "10.1.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.68",
"status": "affected",
"version": "9.0.40",
"versionType": "semver"
},
{
"status": "affected",
"version": "8.5.83"
}
],
"defaultStatus": "affected"
}
}
]
}
@ -66,6 +78,11 @@
"url": "https://lists.apache.org/thread/yqkd183xrw3wqvnpcg3osbcryq85fkzj",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/yqkd183xrw3wqvnpcg3osbcryq85fkzj"
},
{
"url": "https://security.gentoo.org/glsa/202305-37",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-37"
}
]
},

139
2022/46xxx/CVE-2022-46691.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46691",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,65 +40,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
@ -86,87 +64,72 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213537"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/20"
"url": "http://seclists.org/fulldisclosure/2022/Dec/20",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/20"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/21"
"url": "http://seclists.org/fulldisclosure/2022/Dec/21",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/21"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23"
"url": "http://seclists.org/fulldisclosure/2022/Dec/23",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/26"
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/28"
"url": "http://seclists.org/fulldisclosure/2022/Dec/28",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/28"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/27"
}
]
},
"description": {
"description_data": [
"url": "http://seclists.org/fulldisclosure/2022/Dec/27",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/27"
},
{
"lang": "eng",
"value": "A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

136
2022/46xxx/CVE-2022-46692.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46692",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may bypass Same Origin Policy"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "14.1"
}
]
@ -31,65 +52,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
@ -97,87 +76,72 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may bypass Same Origin Policy"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213538",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213538"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213537"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/20"
"url": "http://seclists.org/fulldisclosure/2022/Dec/20",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/20"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/21"
"url": "http://seclists.org/fulldisclosure/2022/Dec/21",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/21"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23"
"url": "http://seclists.org/fulldisclosure/2022/Dec/23",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/26"
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/28"
}
]
},
"description": {
"description_data": [
"url": "http://seclists.org/fulldisclosure/2022/Dec/28",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/28"
},
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy."
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

122
2022/46xxx/CVE-2022-46698.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46698",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may disclose sensitive user information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,6 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "14.1"
}
]
@ -31,28 +52,7 @@
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
@ -64,21 +64,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
@ -86,77 +76,67 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may disclose sensitive user information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213538",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213538"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213537"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/20"
"url": "http://seclists.org/fulldisclosure/2022/Dec/20",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/20"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23"
"url": "http://seclists.org/fulldisclosure/2022/Dec/23",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/26"
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/28"
}
]
},
"description": {
"description_data": [
"url": "http://seclists.org/fulldisclosure/2022/Dec/28",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/28"
},
{
"lang": "eng",
"value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information."
"url": "http://seclists.org/fulldisclosure/2022/Dec/27",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/27"
},
{
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

119
2022/46xxx/CVE-2022-46699.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46699",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,28 +40,7 @@
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
@ -53,21 +52,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
@ -75,72 +64,62 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213537"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/20"
"url": "http://seclists.org/fulldisclosure/2022/Dec/20",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/20"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23"
"url": "http://seclists.org/fulldisclosure/2022/Dec/23",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/26"
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/28"
}
]
},
"description": {
"description_data": [
"url": "http://seclists.org/fulldisclosure/2022/Dec/28",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/28"
},
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
"url": "http://seclists.org/fulldisclosure/2022/Dec/27",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/27"
},
{
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

138
2022/46xxx/CVE-2022-46700.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46700",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,65 +40,23 @@
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "13.1"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.2"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.2"
}
]
}
}
]
}
@ -86,82 +64,72 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213535",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213535"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213532",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213532"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213530",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213530"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213531",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213531"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213536",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213536"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213537",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213537"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/20"
"url": "http://seclists.org/fulldisclosure/2022/Dec/20",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/20"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/21"
"url": "http://seclists.org/fulldisclosure/2022/Dec/21",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/21"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
"url": "http://seclists.org/fulldisclosure/2022/Dec/23"
"url": "http://seclists.org/fulldisclosure/2022/Dec/23",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/23"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/26"
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/26"
},
{
"refsource": "FULLDISC",
"name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
"url": "http://seclists.org/fulldisclosure/2022/Dec/28"
}
]
},
"description": {
"description_data": [
"url": "http://seclists.org/fulldisclosure/2022/Dec/28",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/28"
},
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution."
"url": "http://seclists.org/fulldisclosure/2022/Dec/27",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2022/Dec/27"
},
{
"url": "https://security.gentoo.org/glsa/202305-32",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-32"
}
]
}

5
2023/0xxx/CVE-2023-0798.json
View File

@ -73,6 +73,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230316-0003/",
"url": "https://security.netapp.com/advisory/ntap-20230316-0003/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-31",
"url": "https://security.gentoo.org/glsa/202305-31"
}
]
},

5
2023/23xxx/CVE-2023-23517.json
View File

@ -145,6 +145,11 @@
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213600",
"name": "https://support.apple.com/en-us/HT213600"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

5
2023/23xxx/CVE-2023-23518.json
View File

@ -145,6 +145,11 @@
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213600",
"name": "https://support.apple.com/en-us/HT213600"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

5
2023/23xxx/CVE-2023-23529.json
View File

@ -91,6 +91,11 @@
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

23
2023/23xxx/CVE-2023-23532.json
View File

@ -35,6 +35,17 @@
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "15.7"
}
]
}
}
]
}
@ -65,6 +76,16 @@
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213765",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6",
"url": "http://seclists.org/fulldisclosure/2023/May/17"
}
]
},
@ -72,7 +93,7 @@
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to break out of its sandbox"
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to break out of its sandbox"
}
]
}

5
2023/23xxx/CVE-2023-23535.json
View File

@ -150,6 +150,11 @@
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6",
"url": "http://seclists.org/fulldisclosure/2023/May/9"
}
]
},

5
2023/24xxx/CVE-2023-24998.json
View File

@ -90,6 +90,11 @@
"url": "http://www.openwall.com/lists/oss-security/2023/05/22/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/05/22/1"
},
{
"url": "https://security.gentoo.org/glsa/202305-37",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-37"
}
]
},

5
2023/25xxx/CVE-2023-25358.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2023-8900b35c6f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
}

5
2023/25xxx/CVE-2023-25360.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003",
"url": "http://www.openwall.com/lists/oss-security/2023/04/21/3"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
}

5
2023/25xxx/CVE-2023-25361.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003",
"url": "http://www.openwall.com/lists/oss-security/2023/04/21/3"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
}

5
2023/25xxx/CVE-2023-25362.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003",
"url": "http://www.openwall.com/lists/oss-security/2023/04/21/3"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
}

5
2023/25xxx/CVE-2023-25363.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003",
"url": "http://www.openwall.com/lists/oss-security/2023/04/21/3"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
}

5
2023/27xxx/CVE-2023-27932.json
View File

@ -113,6 +113,11 @@
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213671",
"name": "https://support.apple.com/en-us/HT213671"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

10
2023/27xxx/CVE-2023-27945.json
View File

@ -81,6 +81,16 @@
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7",
"url": "http://seclists.org/fulldisclosure/2023/May/10"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6",
"url": "http://seclists.org/fulldisclosure/2023/May/9"
}
]
},

5
2023/27xxx/CVE-2023-27954.json
View File

@ -134,6 +134,11 @@
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4",
"url": "http://seclists.org/fulldisclosure/2023/May/7"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

10
2023/28xxx/CVE-2023-28181.json
View File

@ -129,6 +129,16 @@
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213760",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7",
"url": "http://seclists.org/fulldisclosure/2023/May/10"
},
{
"refsource": "FULLDISC",
"name": "20230529 APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6",
"url": "http://seclists.org/fulldisclosure/2023/May/17"
}
]
},

5
2023/28xxx/CVE-2023-28205.json
View File

@ -102,6 +102,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230512 [SECURITY] [DLA 3419-1] webkit2gtk security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},

5
2023/28xxx/CVE-2023-28427.json
View File

@ -73,6 +73,11 @@
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00027.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/04/msg00027.html"
},
{
"url": "https://security.gentoo.org/glsa/202305-36",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-36"
}
]
},

5
2023/28xxx/CVE-2023-28709.json
View File

@ -79,6 +79,11 @@
"url": "http://www.openwall.com/lists/oss-security/2023/05/22/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/05/22/1"
},
{
"url": "https://security.gentoo.org/glsa/202305-37",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202305-37"
}
]
},

105
2023/2xxx/CVE-2023-2970.json
View File

@ -1,17 +1,114 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2970",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic was found in MindSpore 2.0.0-alpha/2.0.0-rc1. This vulnerability affects the function JsonHelper::UpdateArray of the file mindspore/ccsrc/minddata/dataset/util/json_helper.cc. The manipulation leads to memory corruption. The name of the patch is 30f4729ea2c01e1ed437ba92a81e2fc098d608a9. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-230176."
},
{
"lang": "deu",
"value": "In MindSpore 2.0.0-alpha/2.0.0-rc1 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Das betrifft die Funktion JsonHelper::UpdateArray der Datei mindspore/ccsrc/minddata/dataset/util/json_helper.cc. Dank Manipulation mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Der Patch wird als 30f4729ea2c01e1ed437ba92a81e2fc098d608a9 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Memory Corruption",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "MindSpore",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0.0-alpha"
},
{
"version_affected": "=",
"version_value": "2.0.0-rc1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.230176",
"refsource": "MISC",
"name": "https://vuldb.com/?id.230176"
},
{
"url": "https://vuldb.com/?ctiid.230176",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.230176"
},
{
"url": "https://gitee.com/mindspore/mindspore/issues/I73DOS",
"refsource": "MISC",
"name": "https://gitee.com/mindspore/mindspore/issues/I73DOS"
},
{
"url": "https://gitee.com/mindspore/mindspore/commit/30f4729ea2c01e1ed437ba92a81e2fc098d608a9",
"refsource": "MISC",
"name": "https://gitee.com/mindspore/mindspore/commit/30f4729ea2c01e1ed437ba92a81e2fc098d608a9"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB Gitee Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 2.7,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
"baseSeverity": "LOW"
}
]
}

91
2023/33xxx/CVE-2023-33186.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33186",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zulip is an open-source team collaboration tool with unique topic-based threading that combines the best of email and chat to make remote work productive and delightful. The main development branch of Zulip Server from May 2, 2023 and later, including beta versions 7.0-beta1 and 7.0-beta2, is vulnerable to a cross-site scripting vulnerability in tooltips on the message feed. An attacker who can send messages could maliciously craft a topic for the message, such that a victim who hovers the tooltip for that topic in their message feed triggers execution of JavaScript code controlled by the attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "zulip",
"product": {
"product_data": [
{
"product_name": "zulip",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 7.0-beta1, < 7.0-beta3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/zulip/zulip/security/advisories/GHSA-4r83-8f94-hrph",
"refsource": "MISC",
"name": "https://github.com/zulip/zulip/security/advisories/GHSA-4r83-8f94-hrph"
},
{
"url": "https://github.com/zulip/zulip/pull/25370",
"refsource": "MISC",
"name": "https://github.com/zulip/zulip/pull/25370"
},
{
"url": "https://github.com/zulip/zulip/commit/3ca131743b00f42bad8edbac4ef92656d954c629",
"refsource": "MISC",
"name": "https://github.com/zulip/zulip/commit/3ca131743b00f42bad8edbac4ef92656d954c629"
},
{
"url": "https://github.com/zulip/zulip/commit/903dbda79bd176702d3175a7c8a5450a64b6eccb",
"refsource": "MISC",
"name": "https://github.com/zulip/zulip/commit/903dbda79bd176702d3175a7c8a5450a64b6eccb"
}
]
},
"source": {
"advisory": "GHSA-4r83-8f94-hrph",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
}
]
}

131
2023/33xxx/CVE-2023-33189.json
View File

@ -1,17 +1,140 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33189",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Pomerium is an identity and context-aware access proxy. With specially crafted requests, incorrect authorization decisions may be made by Pomerium. This issue has been patched in versions 0.17.4, 0.18.1, 0.19.2, 0.20.1, 0.21.4 and 0.22.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization",
"cweId": "CWE-285"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pomerium",
"product": {
"product_data": [
{
"product_name": "pomerium",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 0.22.0, < 0.22.2"
},
{
"version_affected": "=",
"version_value": ">= 0.21.0, < 0.21.4"
},
{
"version_affected": "=",
"version_value": ">= 0.20.0, < 0.20.1"
},
{
"version_affected": "=",
"version_value": ">= 0.19.0, < 0.19.2"
},
{
"version_affected": "=",
"version_value": ">= 0.18.0, < 0.18.1"
},
{
"version_affected": "=",
"version_value": "< 0.17.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/pomerium/pomerium/security/advisories/GHSA-pvrc-wvj2-f59p",
"refsource": "MISC",
"name": "https://github.com/pomerium/pomerium/security/advisories/GHSA-pvrc-wvj2-f59p"
},
{
"url": "https://github.com/pomerium/pomerium/commit/d315e683357a9b587ba9ef399a8813bcc52fdebb",
"refsource": "MISC",
"name": "https://github.com/pomerium/pomerium/commit/d315e683357a9b587ba9ef399a8813bcc52fdebb"
},
{
"url": "https://github.com/pomerium/pomerium/releases/tag/v0.17.4",
"refsource": "MISC",
"name": "https://github.com/pomerium/pomerium/releases/tag/v0.17.4"
},
{
"url": "https://github.com/pomerium/pomerium/releases/tag/v0.18.1",
"refsource": "MISC",
"name": "https://github.com/pomerium/pomerium/releases/tag/v0.18.1"
},
{
"url": "https://github.com/pomerium/pomerium/releases/tag/v0.19.2",
"refsource": "MISC",
"name": "https://github.com/pomerium/pomerium/releases/tag/v0.19.2"
},
{
"url": "https://github.com/pomerium/pomerium/releases/tag/v0.20.1",
"refsource": "MISC",
"name": "https://github.com/pomerium/pomerium/releases/tag/v0.20.1"
},
{
"url": "https://github.com/pomerium/pomerium/releases/tag/v0.21.4",
"refsource": "MISC",
"name": "https://github.com/pomerium/pomerium/releases/tag/v0.21.4"
},
{
"url": "https://github.com/pomerium/pomerium/releases/tag/v0.22.2",
"refsource": "MISC",
"name": "https://github.com/pomerium/pomerium/releases/tag/v0.22.2"
}
]
},
"source": {
"advisory": "GHSA-pvrc-wvj2-f59p",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
]
}

80
2023/33xxx/CVE-2023-33193.json
View File

@ -1,17 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33193",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system, depending on certain user account settings. By spoofing certain headers which are intended for interoperation with reverse proxy servers, it may be possible to affect the local/non-local network determination to allow logging in without password or to view a list of user accounts which may have no password configured. Impacted are all Emby Server system which are publicly accessible and where the administrator hasn't tightened the account login configuration for administrative users. This issue has been patched in Emby Server Beta version 4.8.31 and Emby Server version 4.7.12.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
"cweId": "CWE-444"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "EmbySupport",
"product": {
"product_data": [
{
"product_name": "security",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 4.7.12"
},
{
"version_affected": "=",
"version_value": " < 4.8.31"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/EmbySupport/security/security/advisories/GHSA-fffj-6fr6-3fgf",
"refsource": "MISC",
"name": "https://github.com/EmbySupport/security/security/advisories/GHSA-fffj-6fr6-3fgf"
}
]
},
"source": {
"advisory": "GHSA-fffj-6fr6-3fgf",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}