admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/25xxx/CVE-2023-25500.json
CVE Team 71e177d12d
"-Synchronized-Data."
2023-06-22 14:00:42 +00:00

163 lines
6.7 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-25500",
"ASSIGNER": "security@vaadin.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "vaadin",
"product": {
"product_data": [
{
"product_name": "vaadin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "10.0.0",
"version_value": "10.0.23"
},
{
"version_affected": "<=",
"version_name": "11.0.0",
"version_value": "14.10.1"
},
{
"version_affected": "<=",
"version_name": "15.0.0",
"version_value": "22.0.8"
},
{
"version_affected": "<=",
"version_name": "23.0.0",
"version_value": "23.3.13"
},
{
"version_affected": "<=",
"version_name": "24.0.0",
"version_value": "24.0.6"
},
{
"version_affected": "<=",
"version_name": "24.1.0.alpha1",
"version_value": "24.1.0.rc2"
}
]
}
}
]
}
},
{
"vendor_name": "flow",
"product": {
"product_data": [
{
"product_name": "flow-server",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.0",
"version_value": "1.0.20"
},
{
"version_affected": "<=",
"version_name": "1.1.0",
"version_value": "2.9.2"
},
{
"version_affected": "<=",
"version_name": "3.0.0",
"version_value": "9.1.1"
},
{
"version_affected": "<=",
"version_name": "23.0.0",
"version_value": "23.3.12"
},
{
"version_affected": "<=",
"version_name": "24.0.0",
"version_value": "24.0.8"
},
{
"version_affected": "<=",
"version_name": "24.1.0.alpha1",
"version_value": "24.1.0.rc3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/vaadin/flow/pull/16935",
"refsource": "MISC",
"name": "https://github.com/vaadin/flow/pull/16935"
},
{
"url": "https://vaadin.com/security/cve-2023-25500",
"refsource": "MISC",
"name": "https://vaadin.com/security/cve-2023-25500"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink