admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-08-03 15:00:36 +00:00
parent 322e0de2c0
commit fdf439384c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
27 changed files with 854 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2022/24xxx/CVE-2022-24350.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Specially formatted buffer contents used for software SMI could cause SMRAM corruption, leading to escalation of privilege."
"value": "An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the GetFlashTable function is called directly on the Command Buffer before the DataSize is check, leading to possible circumstances where the data immediately following the command buffer could be destroyed before returning a buffer size error."
}
]
},

5
2023/27xxx/CVE-2023-27867.json
View File

@ -63,6 +63,11 @@
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249514",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249514"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0006/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0006/"
}
]
},

5
2023/27xxx/CVE-2023-27868.json
View File

@ -63,6 +63,11 @@
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249516",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249516"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0006/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0006/"
}
]
},

5
2023/27xxx/CVE-2023-27869.json
View File

@ -63,6 +63,11 @@
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249517",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249517"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0006/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0006/"
}
]
},

5
2023/2xxx/CVE-2023-2727.json
View File

@ -81,6 +81,11 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/07/06/2"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0004/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0004/"
}
]
},

5
2023/2xxx/CVE-2023-2728.json
View File

@ -81,6 +81,11 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/07/06/3"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0004/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0004/"
}
]
},

5
2023/30xxx/CVE-2023-30586.json
View File

@ -58,6 +58,11 @@
"url": "https://hackerone.com/reports/1954535",
"refsource": "MISC",
"name": "https://hackerone.com/reports/1954535"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0008/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0008/"
}
]
}

5
2023/30xxx/CVE-2023-30589.json
View File

@ -88,6 +88,11 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HMEELCREWMRT6NS7HWXLA6XFLLMO36HE/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0009/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0009/"
}
]
}

5
2023/34xxx/CVE-2023-34457.json
View File

@ -68,6 +68,11 @@
"url": "https://github.com/MechanicalSoup/MechanicalSoup/releases/tag/v1.3.0",
"refsource": "MISC",
"name": "https://github.com/MechanicalSoup/MechanicalSoup/releases/tag/v1.3.0"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0005/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0005/"
}
]
},

5
2023/34xxx/CVE-2023-34462.json
View File

@ -63,6 +63,11 @@
"url": "https://github.com/netty/netty/commit/535da17e45201ae4278c0479e6162bb4127d4c32",
"refsource": "MISC",
"name": "https://github.com/netty/netty/commit/535da17e45201ae4278c0479e6162bb4127d4c32"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0001/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0001/"
}
]
},

5
2023/35xxx/CVE-2023-35823.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230803-0002/",
"url": "https://security.netapp.com/advisory/ntap-20230803-0002/"
}
]
}

5
2023/35xxx/CVE-2023-35824.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230803-0002/",
"url": "https://security.netapp.com/advisory/ntap-20230803-0002/"
}
]
}

5
2023/35xxx/CVE-2023-35826.json
View File

@ -71,6 +71,11 @@
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=50d0a7aea4809cef87979d4669911276aa23b71f",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=50d0a7aea4809cef87979d4669911276aa23b71f"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230803-0002/",
"url": "https://security.netapp.com/advisory/ntap-20230803-0002/"
}
]
}

5
2023/35xxx/CVE-2023-35827.json
View File

@ -61,6 +61,11 @@
"url": "https://lore.kernel.org/lkml/cca0b40b-d6f8-54c7-1e46-83cb62d0a2f1@huawei.com/T/",
"refsource": "MISC",
"name": "https://lore.kernel.org/lkml/cca0b40b-d6f8-54c7-1e46-83cb62d0a2f1@huawei.com/T/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230803-0003/",
"url": "https://security.netapp.com/advisory/ntap-20230803-0003/"
}
]
}

5
2023/35xxx/CVE-2023-35828.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230803-0002/",
"url": "https://security.netapp.com/advisory/ntap-20230803-0002/"
}
]
}

5
2023/35xxx/CVE-2023-35829.json
View File

@ -71,6 +71,11 @@
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3228cec23b8b29215e18090c6ba635840190993d",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3228cec23b8b29215e18090c6ba635840190993d"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230803-0002/",
"url": "https://security.netapp.com/advisory/ntap-20230803-0002/"
}
]
}

5
2023/35xxx/CVE-2023-35947.json
View File

@ -72,6 +72,11 @@
"url": "https://github.com/gradle/gradle/commit/2e5c34d57d0c0b7f0e8b039a192b91e5c8249d91",
"refsource": "MISC",
"name": "https://github.com/gradle/gradle/commit/2e5c34d57d0c0b7f0e8b039a192b91e5c8249d91"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0007/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0007/"
}
]
},

56
2023/36xxx/CVE-2023-36298.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-36298",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-36298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DedeCMS v5.7.109 has a File Upload vulnerability, leading to remote code execution (RCE)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/MentalityXt/Dedecms-v5.7.109-RCE",
"url": "https://github.com/MentalityXt/Dedecms-v5.7.109-RCE"
}
]
}

61
2023/36xxx/CVE-2023-36299.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-36299",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-36299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/typecho/typecho/releases/tag/v1.2.1",
"refsource": "MISC",
"name": "https://github.com/typecho/typecho/releases/tag/v1.2.1"
},
{
"refsource": "MISC",
"name": "https://github.com/MentalityXt/typecho-v1.2.1-RCE",
"url": "https://github.com/MentalityXt/typecho-v1.2.1-RCE"
}
]
}

5
2023/38xxx/CVE-2023-38408.json
View File

@ -121,6 +121,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2023-79a18e1725",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230803-0010/",
"url": "https://security.netapp.com/advisory/ntap-20230803-0010/"
}
]
}

56
2023/39xxx/CVE-2023-39096.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39096",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-39096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting (XSS) vulnerability due to lack of input validation and output encoding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.realinfosec.net/advisories/WEBBOSS-P-XSS-2023-0xt2tt.html",
"url": "https://www.realinfosec.net/advisories/WEBBOSS-P-XSS-2023-0xt2tt.html"
}
]
}

56
2023/39xxx/CVE-2023-39097.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39097",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-39097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "WebBoss.io CMS v3.7.0.1 contains a stored cross-site scripting (XSS) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://realinfosec.net/advisories/WEBBOSS-P-XSS-2023-0xf8gi.html",
"url": "https://realinfosec.net/advisories/WEBBOSS-P-XSS-2023-0xf8gi.html"
}
]
}

190
2023/3xxx/CVE-2023-3180.json
View File

@ -1,17 +1,199 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3180",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "qemu",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8 Advanced Virtualization",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Extra Packages for Enterprise Linux",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3180",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-3180"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222424",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2222424"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
]
}

5
2023/3xxx/CVE-2023-3446.json
View File

@ -113,6 +113,11 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/07/31/1"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0011/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0011/"
}
]
},

181
2023/4xxx/CVE-2023-4132.json
View File

@ -1,17 +1,190 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4132",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3-rc1",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4132",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-4132"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221707",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2221707"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

181
2023/4xxx/CVE-2023-4133.json
View File

@ -1,17 +1,190 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4133",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.3",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4133",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-4133"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221702",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2221702"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

18
2023/4xxx/CVE-2023-4143.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4143",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}