From f05c41071312c5d2f65133f556658ed16ca36a22 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 9 Aug 2023 23:55:29 +0000 Subject: [PATCH] Auto-Update: 2023-08-09T23:55:25.759743+00:00 --- CVE-2023/CVE-2023-332xx/CVE-2023-33241.json | 59 +++++++++++++++++++++ CVE-2023/CVE-2023-332xx/CVE-2023-33242.json | 55 +++++++++++++++++++ CVE-2023/CVE-2023-358xx/CVE-2023-35838.json | 24 +++++++++ CVE-2023/CVE-2023-366xx/CVE-2023-36671.json | 24 +++++++++ CVE-2023/CVE-2023-366xx/CVE-2023-36672.json | 24 +++++++++ CVE-2023/CVE-2023-366xx/CVE-2023-36673.json | 24 +++++++++ README.md | 45 ++++------------ 7 files changed, 220 insertions(+), 35 deletions(-) create mode 100644 CVE-2023/CVE-2023-332xx/CVE-2023-33241.json create mode 100644 CVE-2023/CVE-2023-332xx/CVE-2023-33242.json create mode 100644 CVE-2023/CVE-2023-358xx/CVE-2023-35838.json create mode 100644 CVE-2023/CVE-2023-366xx/CVE-2023-36671.json create mode 100644 CVE-2023/CVE-2023-366xx/CVE-2023-36672.json create mode 100644 CVE-2023/CVE-2023-366xx/CVE-2023-36673.json diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33241.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33241.json new file mode 100644 index 00000000000..9970e86f084 --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33241.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-33241", + "sourceIdentifier": "disclosures@halborn.com", + "published": "2023-08-09T22:15:10.323", + "lastModified": "2023-08-09T22:15:10.323", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signatures or more fully exfiltrate the other parties' private key shares." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "disclosures@halborn.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://eprint.iacr.org/2019/114.pdf", + "source": "disclosures@halborn.com" + }, + { + "url": "https://eprint.iacr.org/2020/540.pdf", + "source": "disclosures@halborn.com" + }, + { + "url": "https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23", + "source": "disclosures@halborn.com" + }, + { + "url": "https://github.com/fireblocks-labs/safeheron-gg20-exploit-poc", + "source": "disclosures@halborn.com" + }, + { + "url": "https://www.fireblocks.com/blog/gg18-and-gg20-paillier-key-vulnerability-technical-report/", + "source": "disclosures@halborn.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33242.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33242.json new file mode 100644 index 00000000000..75237243da2 --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33242.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-33242", + "sourceIdentifier": "disclosures@halborn.com", + "published": "2023-08-09T22:15:11.180", + "lastModified": "2023-08-09T22:15:11.180", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "disclosures@halborn.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://eprint.iacr.org/2017/552.pdf", + "source": "disclosures@halborn.com" + }, + { + "url": "https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23", + "source": "disclosures@halborn.com" + }, + { + "url": "https://github.com/fireblocks-labs/zengo-lindell17-exploit-poc", + "source": "disclosures@halborn.com" + }, + { + "url": "https://www.fireblocks.com/blog/lindell17-abort-vulnerability-technical-report/", + "source": "disclosures@halborn.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35838.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35838.json new file mode 100644 index 00000000000..ec0de8fbd31 --- /dev/null +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35838.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-35838", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-09T23:15:10.007", + "lastModified": "2023-08-09T23:15:10.007", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while the VPN is enabled. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"LocalNet attack resulting in the blocking of traffic\" rather than to only WireGuard." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://tunnelcrack.mathyvanhoef.com/details.html", + "source": "cve@mitre.org" + }, + { + "url": "https://wireguard.com", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36671.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36671.json new file mode 100644 index 00000000000..d9cf6c8e5f2 --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36671.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36671", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-09T23:15:10.650", + "lastModified": "2023-08-09T23:15:10.650", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. This allows an adversary to trick the victim into sending plaintext traffic to the VPN server's IP address and thereby deanonymize the victim. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"ServerIP attack for only traffic to the real IP address of the VPN server\" rather than to only Clario." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://clario.co/vpn-for-mac/", + "source": "cve@mitre.org" + }, + { + "url": "https://tunnelcrack.mathyvanhoef.com/details.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json new file mode 100644 index 00000000000..3e9b59f3b5b --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36672", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-09T23:15:10.823", + "lastModified": "2023-08-09T23:15:10.823", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an adversary to trick the victim into sending arbitrary IP traffic in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"LocalNet attack resulting in leakage of traffic in plaintext\" rather than to only Clario." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://clario.co/vpn-for-mac/", + "source": "cve@mitre.org" + }, + { + "url": "https://tunnelcrack.mathyvanhoef.com/details.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36673.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36673.json new file mode 100644 index 00000000000..5b387abbcef --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36673.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36673", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-09T23:15:10.897", + "lastModified": "2023-08-09T23:15:10.897", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by the VPN client, while simultaneously using plaintext DNS to look up the VPN server's IP address. This allows an adversary to trick the victim into sending traffic to arbitrary IP addresses in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"ServerIP attack, combined with DNS spoofing, that can leak traffic to an arbitrary IP address\" rather than to only Avira Phantom VPN." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://tunnelcrack.mathyvanhoef.com/details.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.avira.com/en/free-vpn", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 286b33f1238..c6e2246ae00 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-09T22:00:28.750231+00:00 +2023-08-09T23:55:25.759743+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-09T21:15:11.917000+00:00 +2023-08-09T23:15:10.897000+00:00 ``` ### Last Data Feed Release @@ -29,50 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -222207 +222213 ``` ### CVEs added in the last Commit Recently added CVEs: `6` -* [CVE-2023-23347](CVE-2023/CVE-2023-233xx/CVE-2023-23347.json) (`2023-08-09T20:15:09.903`) -* [CVE-2023-33468](CVE-2023/CVE-2023-334xx/CVE-2023-33468.json) (`2023-08-09T20:15:10.357`) -* [CVE-2023-33469](CVE-2023/CVE-2023-334xx/CVE-2023-33469.json) (`2023-08-09T20:15:10.427`) -* [CVE-2023-37068](CVE-2023/CVE-2023-370xx/CVE-2023-37068.json) (`2023-08-09T20:15:10.497`) -* [CVE-2023-38347](CVE-2023/CVE-2023-383xx/CVE-2023-38347.json) (`2023-08-09T20:15:10.690`) -* [CVE-2023-38348](CVE-2023/CVE-2023-383xx/CVE-2023-38348.json) (`2023-08-09T20:15:10.753`) +* [CVE-2023-33241](CVE-2023/CVE-2023-332xx/CVE-2023-33241.json) (`2023-08-09T22:15:10.323`) +* [CVE-2023-33242](CVE-2023/CVE-2023-332xx/CVE-2023-33242.json) (`2023-08-09T22:15:11.180`) +* [CVE-2023-35838](CVE-2023/CVE-2023-358xx/CVE-2023-35838.json) (`2023-08-09T23:15:10.007`) +* [CVE-2023-36671](CVE-2023/CVE-2023-366xx/CVE-2023-36671.json) (`2023-08-09T23:15:10.650`) +* [CVE-2023-36672](CVE-2023/CVE-2023-366xx/CVE-2023-36672.json) (`2023-08-09T23:15:10.823`) +* [CVE-2023-36673](CVE-2023/CVE-2023-366xx/CVE-2023-36673.json) (`2023-08-09T23:15:10.897`) ### CVEs modified in the last Commit -Recently modified CVEs: `49` +Recently modified CVEs: `0` -* [CVE-2023-39003](CVE-2023/CVE-2023-390xx/CVE-2023-39003.json) (`2023-08-09T20:12:10.860`) -* [CVE-2023-39004](CVE-2023/CVE-2023-390xx/CVE-2023-39004.json) (`2023-08-09T20:12:10.860`) -* [CVE-2023-39005](CVE-2023/CVE-2023-390xx/CVE-2023-39005.json) (`2023-08-09T20:12:10.860`) -* [CVE-2023-39006](CVE-2023/CVE-2023-390xx/CVE-2023-39006.json) (`2023-08-09T20:12:10.860`) -* [CVE-2023-39007](CVE-2023/CVE-2023-390xx/CVE-2023-39007.json) (`2023-08-09T20:12:10.860`) -* [CVE-2023-39008](CVE-2023/CVE-2023-390xx/CVE-2023-39008.json) (`2023-08-09T20:12:10.860`) -* [CVE-2023-33466](CVE-2023/CVE-2023-334xx/CVE-2023-33466.json) (`2023-08-09T20:15:10.200`) -* [CVE-2023-37464](CVE-2023/CVE-2023-374xx/CVE-2023-37464.json) (`2023-08-09T20:15:10.570`) -* [CVE-2023-39526](CVE-2023/CVE-2023-395xx/CVE-2023-39526.json) (`2023-08-09T20:18:36.627`) -* [CVE-2023-39527](CVE-2023/CVE-2023-395xx/CVE-2023-39527.json) (`2023-08-09T20:19:10.417`) -* [CVE-2023-39550](CVE-2023/CVE-2023-395xx/CVE-2023-39550.json) (`2023-08-09T20:32:27.357`) -* [CVE-2023-28468](CVE-2023/CVE-2023-284xx/CVE-2023-28468.json) (`2023-08-09T20:48:19.957`) -* [CVE-2023-33906](CVE-2023/CVE-2023-339xx/CVE-2023-33906.json) (`2023-08-09T20:54:32.290`) -* [CVE-2023-37470](CVE-2023/CVE-2023-374xx/CVE-2023-37470.json) (`2023-08-09T20:57:29.157`) -* [CVE-2023-2754](CVE-2023/CVE-2023-27xx/CVE-2023-2754.json) (`2023-08-09T21:04:48.440`) -* [CVE-2023-38688](CVE-2023/CVE-2023-386xx/CVE-2023-38688.json) (`2023-08-09T21:05:36.740`) -* [CVE-2023-36159](CVE-2023/CVE-2023-361xx/CVE-2023-36159.json) (`2023-08-09T21:15:10.677`) -* [CVE-2023-4045](CVE-2023/CVE-2023-40xx/CVE-2023-4045.json) (`2023-08-09T21:15:11.137`) -* [CVE-2023-4046](CVE-2023/CVE-2023-40xx/CVE-2023-4046.json) (`2023-08-09T21:15:11.253`) -* [CVE-2023-4047](CVE-2023/CVE-2023-40xx/CVE-2023-4047.json) (`2023-08-09T21:15:11.370`) -* [CVE-2023-4048](CVE-2023/CVE-2023-40xx/CVE-2023-4048.json) (`2023-08-09T21:15:11.467`) -* [CVE-2023-4049](CVE-2023/CVE-2023-40xx/CVE-2023-4049.json) (`2023-08-09T21:15:11.627`) -* [CVE-2023-4050](CVE-2023/CVE-2023-40xx/CVE-2023-4050.json) (`2023-08-09T21:15:11.723`) -* [CVE-2023-4055](CVE-2023/CVE-2023-40xx/CVE-2023-4055.json) (`2023-08-09T21:15:11.820`) -* [CVE-2023-4056](CVE-2023/CVE-2023-40xx/CVE-2023-4056.json) (`2023-08-09T21:15:11.917`) ## Download and Usage