admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-356xx/CVE-2022-35649.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

150 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-35649",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2022-07-25T16:15:08.247",
"lastModified": "2023-11-07T03:49:19.857",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system."
},
{
"lang": "es",
"value": "La vulnerabilidad fue encontrada en Moodle, ocurre debido a una comprobaci\u00f3n de entrada inapropiada cuando se analiza el c\u00f3digo PostScript. Un par\u00e1metro de ejecuci\u00f3n omitido resulta en un riesgo de ejecuci\u00f3n de c\u00f3digo remota para los sitios que ejecutan versiones de GhostScript anteriores a 9.50. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede resultar en el compromiso completo del sistema vulnerable"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9.0",
"versionEndExcluding": "3.9.15",
"matchCriteriaId": "6B77A5BD-2E62-402E-91AE-123454C5C5C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11.0",
"versionEndExcluding": "3.11.8",
"matchCriteriaId": "EED9C096-FAE5-4206-B901-1D2EDD67AE7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.2",
"matchCriteriaId": "7D35119B-0B9B-4247-92F6-B788841A36F6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
}
]
}
]
}
],
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75044",
"source": "patrick@puiterwijk.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106273",
"source": "patrick@puiterwijk.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=436456",
"source": "patrick@puiterwijk.org",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink