admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-31 10:41:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-451xx/CVE-2022-45143.json

190 lines
6.5 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2022-45143",
"sourceIdentifier": "security@apache.org",
"published": "2023-01-03T19:15:10.403",
Auto-Update: 2023-06-27T14:00:27.456279+00:00
2023-06-27 14:00:30 +00:00
"lastModified": "2023-06-27T13:15:09.350",
"vulnStatus": "Modified",
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
Auto-Update: 2023-06-27T14:00:27.456279+00:00
2023-06-27 14:00:30 +00:00
"source": "security@apache.org",
bootstrap
2023-04-24 12:24:31 +02:00
"type": "Primary",
"description": [
{
"lang": "en",
Auto-Update: 2023-06-27T04:00:27.780029+00:00
2023-06-27 04:00:31 +00:00
"value": "CWE-116"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
},
{
Auto-Update: 2023-06-27T14:00:27.456279+00:00
2023-06-27 14:00:30 +00:00
"source": "nvd@nist.gov",
bootstrap
2023-04-24 12:24:31 +02:00
"type": "Secondary",
"description": [
{
"lang": "en",
Auto-Update: 2023-06-27T14:00:27.456279+00:00
2023-06-27 14:00:30 +00:00
"value": "CWE-116"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.40",
"versionEndExcluding": "9.0.69",
"matchCriteriaId": "24BAD725-BA56-4B40-9BFA-1B6B99348F7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:8.5.83:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA74802-4328-4AB7-AE53-7118C3EA5018"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "6D402B5D-5901-43EB-8E6A-ECBD512CE367"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone10:*:*:*:*:*:*",
"matchCriteriaId": "33C71AE1-B38E-4783-BAC2-3CDA7B4D9EBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone11:*:*:*:*:*:*",
"matchCriteriaId": "F6BD4180-D3E8-42AB-96B1-3869ECF47F6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone12:*:*:*:*:*:*",
"matchCriteriaId": "64668CCF-DBC9-442D-9E0F-FD40E1D0DDB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone13:*:*:*:*:*:*",
"matchCriteriaId": "FC64BB57-4912-481E-AE8D-C8FCD36142BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone14:*:*:*:*:*:*",
"matchCriteriaId": "49B43BFD-6B6C-4E6D-A9D8-308709DDFB44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone15:*:*:*:*:*:*",
"matchCriteriaId": "919C16BD-79A7-4597-8D23-2CBDED2EF615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone16:*:*:*:*:*:*",
"matchCriteriaId": "81B27C03-D626-42EC-AE4E-1E66624908E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone17:*:*:*:*:*:*",
"matchCriteriaId": "BD81405D-81A5-4683-A355-B39C912DAD2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "9846609D-51FC-4CDD-97B3-8C6E07108F14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*",
"matchCriteriaId": "2E321FB4-0B0C-497A-BB75-909D888C93CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*",
"matchCriteriaId": "3B0CAE57-AF7A-40E6-9519-F5C9F422C1BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*",
"matchCriteriaId": "7CB9D150-EED6-4AE9-BCBE-48932E50035E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*",
"matchCriteriaId": "D334103F-F64E-4869-BCC8-670A5AFCC76C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*",
"matchCriteriaId": "941FCF7B-FFB6-4967-95C7-BB3D32C73DAF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*",
"matchCriteriaId": "CE1A9030-B397-4BA6-8E13-DA1503872DDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone9:*:*:*:*:*:*",
"matchCriteriaId": "6284B74A-1051-40A7-9D74-380FEEEC3F88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:tomcat:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FEA1A6-0E39-4099-ABC4-73B921FE5C4F"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/yqkd183xrw3wqvnpcg3osbcryq85fkzj",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
Auto-Update: 2023-05-30T08:00:25.435104+00:00
2023-05-30 08:00:29 +00:00
},
{
"url": "https://security.gentoo.org/glsa/202305-37",
Auto-Update: 2023-06-27T04:00:27.780029+00:00
2023-06-27 04:00:31 +00:00
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
Reference in New Issue Copy Permalink