mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
73 lines
2.3 KiB
JSON
73 lines
2.3 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2023-32637",
|
|
"ASSIGNER": "vultures@jpcert.or.jp",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "** UNSUPPPORTED WHEN ASSIGNED ** GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Unrestricted Upload of File with Dangerous Type"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Generic Model Organism Database Project",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "GBrowse",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "unspecified"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "http://gmod.org/wiki/GBrowse",
|
|
"refsource": "MISC",
|
|
"name": "http://gmod.org/wiki/GBrowse"
|
|
},
|
|
{
|
|
"url": "https://jbrowse.org/jb2/",
|
|
"refsource": "MISC",
|
|
"name": "https://jbrowse.org/jb2/"
|
|
},
|
|
{
|
|
"url": "https://jvn.jp/en/jp/JVN35897618/",
|
|
"refsource": "MISC",
|
|
"name": "https://jvn.jp/en/jp/JVN35897618/"
|
|
}
|
|
]
|
|
}
|
|
} |