admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-55xx/CVE-2023-5557.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

241 lines
7.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-5557",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-13T02:15:11.077",
"lastModified": "2024-11-21T08:42:00.620",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en el paquete tracker-miners. Una debilidad en la sandbox permite que un archivo creado con fines malintencionados ejecute c\u00f3digo fuera de la sandbox si el proceso de extracci\u00f3n del rastreador se ha visto comprometido primero por una vulnerabilidad separada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 5.3
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnome:tracker_miners:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.2",
"matchCriteriaId": "6A427232-258E-490A-9302-48D4F2E09BA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnome:tracker_miners:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.0",
"versionEndExcluding": "3.4.5",
"matchCriteriaId": "032462FC-57CE-40D7-BABC-200E0823F143"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnome:tracker_miners:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5.0",
"versionEndExcluding": "3.5.3",
"matchCriteriaId": "A5563BCA-BDDE-4B94-B063-04B87F145015"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnome:tracker_miners:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndExcluding": "3.6.1",
"matchCriteriaId": "22F6C99E-72AE-46FA-AC47-36F1C9CF6186"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7712",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7713",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7730",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7731",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7732",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7733",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7739",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7744",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5557",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243096",
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7712",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7713",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7730",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7731",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7732",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7733",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7739",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7744",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5557",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243096",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink