cve_manifest

{"2020/4xxx/CVE-2020-4099.json": {"CVE_data_meta": {"ASSIGNER": "psirt@hcl.com", "DATE_PUBLIC": "2022-10-14T17:47:00.000Z", "ID": "CVE-2020-4099", "STATE": "PUBLIC", "TITLE": "HCL Verse for Android is susceptible to an APK signing key check vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HCL Verse for Android", "version": {"version_data": [{"version_value": "< 12.0.15"}]}}]}, "vendor_name": "HCL Software"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-326 Inadequate Encryption Strength"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100861", "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100861"}]}, "source": {"discovery": "UNKNOWN"}}, "2021/37xxx/CVE-2021-37789.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-37789", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/nothings/stb/issues/1178", "refsource": "MISC", "name": "https://github.com/nothings/stb/issues/1178"}]}}, "2021/4xxx/CVE-2021-4037.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-4037", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "Fixed in Linux-kernel v5.11-rc1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284 - Improper Access Control"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2004810", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004810"}, {"refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239"}, {"refsource": "MISC", "name": "https://access.redhat.com/security/cve/CVE-2021-4037", "url": "https://access.redhat.com/security/cve/CVE-2021-4037"}, {"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e"}, {"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS."}]}}, "2022/0xxx/CVE-2022-0171.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-0171", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "kernel", "version": {"version_data": [{"version_value": "Fixed in kernel 5.18-rc4"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-459 - Incomplete Cleanup."}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2038940", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038940"}, {"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b"}, {"refsource": "MISC", "name": "https://access.redhat.com/security/cve/CVE-2022-0171", "url": "https://access.redhat.com/security/cve/CVE-2022-0171"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV)."}]}}, "2022/1xxx/CVE-2022-1184.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-1184", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "Not-known"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-416 - Use After Free"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2070205", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070205"}, {"refsource": "MISC", "name": "https://access.redhat.com/security/cve/CVE-2022-1184", "url": "https://access.redhat.com/security/cve/CVE-2022-1184"}, {"refsource": "MISC", "name": "https://ubuntu.com/security/CVE-2022-1184", "url": "https://ubuntu.com/security/CVE-2022-1184"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel\u2019s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service."}]}}, "2022/1xxx/CVE-2022-1679.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-1679", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "Linux kernel 5.18-rc7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-416"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://lore.kernel.org/lkml/87ilqc7jv9.fsf@kernel.org/t/", "url": "https://lore.kernel.org/lkml/87ilqc7jv9.fsf@kernel.org/t/"}, {"refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20220629-0007/", "url": "https://security.netapp.com/advisory/ntap-20220629-0007/"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system."}]}}, "2022/20xxx/CVE-2022-20421.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-20421", "ASSIGNER": "security@android.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Android", "version": {"version_data": [{"version_value": "Android kernel"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of privilege"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://source.android.com/security/bulletin/2022-10-01", "url": "https://source.android.com/security/bulletin/2022-10-01"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel"}]}}, "2022/20xxx/CVE-2022-20422.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-20422", "ASSIGNER": "security@android.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Android", "version": {"version_data": [{"version_value": "Android kernel"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of privilege"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://source.android.com/security/bulletin/2022-10-01", "url": "https://source.android.com/security/bulletin/2022-10-01"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel"}]}}, "2022/22xxx/CVE-2022-22658.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-22658", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.0"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted email message may lead to a denial-of-service"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213480", "name": "https://support.apple.com/en-us/HT213480"}]}, "description": {"description_data": [{"lang": "eng", "value": "An input validation issue was addressed with improved input validation. This issue is fixed in iOS 16.0.3. Processing a maliciously crafted email message may lead to a denial-of-service."}]}}, "2022/22xxx/CVE-2022-22677.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-22677", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Video self-preview in a webRTC call may be interrupted if the user answers a phone call"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213258", "name": "https://support.apple.com/en-us/HT213258"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213257", "name": "https://support.apple.com/en-us/HT213257"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call."}]}}, "2022/23xxx/CVE-2022-23738.json": {"CVE_data_meta": {"ASSIGNER": "product-cna@github.com", "ID": "CVE-2022-23738", "STATE": "PUBLIC", "TITLE": "Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "GitHub Enterprise Server", "version": {"version_data": [{"version_affected": "<", "version_name": "3.2", "version_value": "3.2.20"}, {"version_affected": "<", "version_name": "3.3", "version_value": "3.3.15"}, {"version_affected": "<", "version_name": "3.4", "version_value": "3.4.10"}, {"version_affected": "<", "version_name": "3.5", "version_value": "3.5.7"}, {"version_affected": "<", "version_name": "3.6", "version_value": "3.6.3"}]}}]}, "vendor_name": "GitHub"}]}}, "credit": [{"lang": "eng", "value": "ahacker1"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub Enterprise Server instance, be able to create a public repository, and have a site administrator visit a specially crafted URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.2.20, 3.3.15, 3.4.10, 3.5.7, 3.6.3. This vulnerability was reported via the GitHub Bug Bounty program."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://docs.github.com/en/enterprise-server@3.2/admin/release-notes#3.2.20", "name": "https://docs.github.com/en/enterprise-server@3.2/admin/release-notes#3.2.20"}, {"refsource": "MISC", "url": "https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.15", "name": "https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.15"}, {"refsource": "MISC", "url": "https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.10", "name": "https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.10"}, {"refsource": "MISC", "url": "https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.7", "name": "https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.7"}, {"refsource": "MISC", "url": "https://docs.github.com/en/enterprise-server@3.6/admin/release-notes#3.6.3", "name": "https://docs.github.com/en/enterprise-server@3.6/admin/release-notes#3.6.3"}]}, "source": {"discovery": "EXTERNAL"}}, "2022/26xxx/CVE-2022-26119.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26119", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiSIEM", "version": {"version_data": [{"version_value": "FortiSIEM 6.4.0, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 5.4.0, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.2, 5.2.1, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.1, 5.0.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Local", "availabilityImpact": "High", "baseScore": 7.4, "baseSeverity": "High", "confidentialityImpact": "High", "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper access control"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-064", "url": "https://fortiguard.com/psirt/FG-IR-22-064"}]}, "description": {"description_data": [{"lang": "eng", "value": "A improper authentication vulnerability in Fortinet FortiSIEM before 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password."}]}}, "2022/26xxx/CVE-2022-26122.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26122", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet AV Engine, FortiMail, FortiOS, FortiClient", "version": {"version_data": [{"version_value": "AV Engine version 6.2.168 and below and version 6.4.274 and below."}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "None", "baseScore": 4.3, "baseSeverity": "Medium", "confidentialityImpact": "None", "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Changed", "userInteraction": "Required", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:P/RL:U/RC:R", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of service"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-074", "url": "https://fortiguard.com/psirt/FG-IR-22-074"}]}, "description": {"description_data": [{"lang": "eng", "value": "An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64."}]}}, "2022/26xxx/CVE-2022-26709.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26709", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "8.6"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213258", "name": "https://support.apple.com/en-us/HT213258"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213253", "name": "https://support.apple.com/en-us/HT213253"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213254", "name": "https://support.apple.com/en-us/HT213254"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213257", "name": "https://support.apple.com/en-us/HT213257"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213260", "name": "https://support.apple.com/en-us/HT213260"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution."}]}}, "2022/26xxx/CVE-2022-26710.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26710", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "8.6"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213258", "name": "https://support.apple.com/en-us/HT213258"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213253", "name": "https://support.apple.com/en-us/HT213253"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213254", "name": "https://support.apple.com/en-us/HT213254"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213257", "name": "https://support.apple.com/en-us/HT213257"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution."}]}}, "2022/26xxx/CVE-2022-26716.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26716", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "8.6"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213258", "name": "https://support.apple.com/en-us/HT213258"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213253", "name": "https://support.apple.com/en-us/HT213253"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213254", "name": "https://support.apple.com/en-us/HT213254"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213257", "name": "https://support.apple.com/en-us/HT213257"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213260", "name": "https://support.apple.com/en-us/HT213260"}]}, "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution."}]}}, "2022/26xxx/CVE-2022-26717.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26717", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "8.6"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.12"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213258", "name": "https://support.apple.com/en-us/HT213258"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213253", "name": "https://support.apple.com/en-us/HT213253"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213254", "name": "https://support.apple.com/en-us/HT213254"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213257", "name": "https://support.apple.com/en-us/HT213257"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213259", "name": "https://support.apple.com/en-us/HT213259"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213260", "name": "https://support.apple.com/en-us/HT213260"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."}]}}, "2022/26xxx/CVE-2022-26719.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26719", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "8.6"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213258", "name": "https://support.apple.com/en-us/HT213258"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213253", "name": "https://support.apple.com/en-us/HT213253"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213254", "name": "https://support.apple.com/en-us/HT213254"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213257", "name": "https://support.apple.com/en-us/HT213257"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213260", "name": "https://support.apple.com/en-us/HT213260"}]}, "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution."}]}}, "2022/26xxx/CVE-2022-26730.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26730", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted image may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution."}]}}, "2022/26xxx/CVE-2022-26762.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-26762", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A malicious application may be able to execute arbitrary code with system privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213258", "name": "https://support.apple.com/en-us/HT213258"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213257", "name": "https://support.apple.com/en-us/HT213257"}]}, "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with system privileges."}]}}, "2022/27xxx/CVE-2022-27582.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-27582", "ASSIGNER": "psirt@sick.de", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "SICK SIM4000 (PPC)", "version": {"version_data": [{"version_value": "Partnumber 1078787"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-306"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://sick.com/psirt", "url": "https://sick.com/psirt"}]}, "description": {"description_data": [{"lang": "eng", "value": "Password recovery vulnerability in SICK SICK SIM4000 (PPC) Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to a increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. Please make sure that you apply general security practices when operating the SIM4000. The following general security practices could mitigate the associated security risk. A fix is planned but not yet scheduled."}]}}, "2022/27xxx/CVE-2022-27584.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-27584", "ASSIGNER": "psirt@sick.de", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "SICK SIM2000ST", "version": {"version_data": [{"version_value": "Partnumber 2086502 and 1080579"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-306"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://sick.com/psirt", "url": "https://sick.com/psirt"}]}, "description": {"description_data": [{"lang": "eng", "value": "Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 and 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to a increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. Please make sure that you apply general security practices when operating the SIM2000ST. The following general security practices could mitigate the associated security risk. A fix is planned but not yet scheduled."}]}}, "2022/27xxx/CVE-2022-27585.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-27585", "ASSIGNER": "psirt@sick.de", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "SICK SIM1000 FX", "version": {"version_data": [{"version_value": "Partnumber 1097816 and 1097817 with firmware version < 1.6.0"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-306"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://sick.com/psirt", "url": "https://sick.com/psirt"}]}, "description": {"description_data": [{"lang": "eng", "value": "Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version < 1.6.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. The recommended solution is to update the firmware to a version >= 1.6.0 as soon as possible. (available in SICK Support Portal)"}]}}, "2022/27xxx/CVE-2022-27586.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-27586", "ASSIGNER": "psirt@sick.de", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "SICK SIM1004", "version": {"version_data": [{"version_value": "Partnumber 1098148 with firmware version < 2.0.0"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-306"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://sick.com/psirt", "url": "https://sick.com/psirt"}]}, "description": {"description_data": [{"lang": "eng", "value": "Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version < 2.0.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to a increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 2.0.0 as soon as possible."}]}}, "2022/29xxx/CVE-2022-29187.json": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-29187", "STATE": "PUBLIC", "TITLE": "Bypass of safe.directory protections in Git"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "git", "version": {"version_data": [{"version_value": ">= 2.30.3, < 2.30.5"}, {"version_value": ">= 2.31.2, < 2.31.4"}, {"version_value": ">= 2.32.1, < 2.32.3"}, {"version_value": ">= 2.33.2, < 2.33.4"}, {"version_value": ">= 2.34.2, < 2.34.4"}, {"version_value": ">= 2.35.2, < 2.35.4"}, {"version_value": ">= 2.36, < 2.36.2"}, {"version_value": ">= 2.37, < 2.37.1"}]}}]}, "vendor_name": "git"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-282: Improper Ownership Management"}]}, {"description": [{"lang": "eng", "value": "CWE-427: Uncontrolled Search Path Element"}]}]}, "references": {"reference_data": [{"name": "https://github.com/git/git/security/advisories/GHSA-j342-m5hw-rr3v", "refsource": "CONFIRM", "url": "https://github.com/git/git/security/advisories/GHSA-j342-m5hw-rr3v"}, {"name": "https://github.blog/2022-04-12-git-security-vulnerability-announced", "refsource": "MISC", "url": "https://github.blog/2022-04-12-git-security-vulnerability-announced"}, {"name": "https://lore.kernel.org/git/xmqqv8s2fefi.fsf@gitster.g/T/#u", "refsource": "MISC", "url": "https://lore.kernel.org/git/xmqqv8s2fefi.fsf@gitster.g/T/#u"}, {"refsource": "MLIST", "name": "[oss-security] 20220713 Git v2.37.1 and friends for CVE-2022-29187", "url": "http://www.openwall.com/lists/oss-security/2022/07/14/1"}, {"refsource": "FEDORA", "name": "FEDORA-2022-dfd7e7fc0e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-2a5de7cb8b", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/"}, {"refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT213496", "url": "https://support.apple.com/kb/HT213496"}]}, "source": {"advisory": "GHSA-j342-m5hw-rr3v", "discovery": "UNKNOWN"}}, "2022/2xxx/CVE-2022-2153.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-2153", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "kernel", "version": {"version_data": [{"version_value": "kernel 5.18"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-476"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2069736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069736"}, {"refsource": "MISC", "name": "https://www.openwall.com/lists/oss-security/2022/06/22/1", "url": "https://www.openwall.com/lists/oss-security/2022/06/22/1"}, {"refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/7ec37d1cbe17d8189d9562178d8b29167fe1c31a", "url": "https://github.com/torvalds/linux/commit/7ec37d1cbe17d8189d9562178d8b29167fe1c31a"}, {"refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/00b5f37189d24ac3ed46cb7f11742094778c46ce", "url": "https://github.com/torvalds/linux/commit/00b5f37189d24ac3ed46cb7f11742094778c46ce"}, {"refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/b1e34d325397a33d97d845e312d7cf2a8b646b44", "url": "https://github.com/torvalds/linux/commit/b1e34d325397a33d97d845e312d7cf2a8b646b44"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in the Linux kernel\u2019s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service."}]}}, "2022/2xxx/CVE-2022-2663.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-2663", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Linux kernel", "version": {"version_data": [{"version_value": "unknown"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-923"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://www.openwall.com/lists/oss-security/2022/08/30/1", "url": "https://www.openwall.com/lists/oss-security/2022/08/30/1"}, {"refsource": "MISC", "name": "https://lore.kernel.org/netfilter-devel/20220826045658.100360-1-dgl@dgl.cx/T/", "url": "https://lore.kernel.org/netfilter-devel/20220826045658.100360-1-dgl@dgl.cx/T/"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"}, {"refsource": "MISC", "name": "https://dgl.cx/2022/08/nat-again-irc-cve-2022-2663", "url": "https://dgl.cx/2022/08/nat-again-irc-cve-2022-2663"}, {"refsource": "MISC", "name": "https://www.youtube.com/watch?v=WIq-YgQuYCA", "url": "https://www.youtube.com/watch?v=WIq-YgQuYCA"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured."}]}}, "2022/2xxx/CVE-2022-2905.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-2905", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "kernel", "version": {"version_data": [{"version_value": "Linux kernel 6.0-rc4"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-125"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2121800", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121800"}, {"refsource": "MISC", "name": "https://lore.kernel.org/bpf/984b37f9fdf7ac36831d2137415a4a915744c1b6.1661462653.git.daniel@iogearbox.net/", "url": "https://lore.kernel.org/bpf/984b37f9fdf7ac36831d2137415a4a915744c1b6.1661462653.git.daniel@iogearbox.net/"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data."}]}}, "2022/30xxx/CVE-2022-30307.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-30307", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiOS", "version": {"version_data": [{"version_value": "FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "High", "attackVector": "Network", "availabilityImpact": "Low", "baseScore": 3.8, "baseSeverity": "Low", "confidentialityImpact": "Low", "integrityImpact": "Low", "privilegesRequired": "High", "scope": "Unchanged", "userInteraction": "Required", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L/E:X/RL:U/RC:R", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper access control"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-228", "url": "https://fortiguard.com/psirt/FG-IR-22-228"}]}, "description": {"description_data": [{"lang": "eng", "value": "A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack."}]}}, "2022/31xxx/CVE-2022-31777.json": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2022-31777", "STATE": "PUBLIC", "TITLE": "Apache Spark XSS vulnerability in log viewer UI Javascript"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Spark", "version": {"version_data": [{"version_affected": "<=", "version_name": "3.2.1 and earlier", "version_value": "3.2.1"}, {"version_affected": "=", "version_name": "3.3.0", "version_value": "3.3.0"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "Florian Walter (Veracode)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{"other": "moderate"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://lists.apache.org/thread/60mgbswq2lsmrxykfxpqq13ztkm2ht6q", "name": "https://lists.apache.org/thread/60mgbswq2lsmrxykfxpqq13ztkm2ht6q"}]}, "source": {"defect": ["SPARK-39505"], "discovery": "UNKNOWN"}, "work_around": [{"lang": "eng", "value": "Upgrade to Apache Spark maintenance releases 3.2.2, or 3.3.1 or later"}]}, "2022/32xxx/CVE-2022-32794.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32794", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.6"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "2022"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to gain elevated privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213255", "name": "https://support.apple.com/en-us/HT213255"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213256", "name": "https://support.apple.com/en-us/HT213256"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213257", "name": "https://support.apple.com/en-us/HT213257"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to gain elevated privileges."}]}}, "2022/32xxx/CVE-2022-32827.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32827", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to cause a denial-of-service"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to cause a denial-of-service."}]}}, "2022/32xxx/CVE-2022-32835.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32835", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to read a persistent device identifier"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier."}]}}, "2022/32xxx/CVE-2022-32858.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32858", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to leak sensitive kernel state"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. An app may be able to leak sensitive kernel state."}]}}, "2022/32xxx/CVE-2022-32859.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32859", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Deleted contacts may still appear in spotlight search results"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 16. Deleted contacts may still appear in spotlight search results."}]}}, "2022/32xxx/CVE-2022-32862.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32862", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app with root privileges may be able to access private information"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213493", "name": "https://support.apple.com/en-us/HT213493"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213494", "name": "https://support.apple.com/en-us/HT213494"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information."}]}}, "2022/32xxx/CVE-2022-32865.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32865", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32866.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32866", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32867.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32867", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A user with physical access to an iOS device may be able to read past diagnostic logs"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs."}]}}, "2022/32xxx/CVE-2022-32870.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32870", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A user with physical access to a device may be able to use Siri to obtain some call history information"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user with physical access to a device may be able to use Siri to obtain some call history information."}]}}, "2022/32xxx/CVE-2022-32875.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32875", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to read sensitive location information"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6. An app may be able to read sensitive location information."}]}}, "2022/32xxx/CVE-2022-32877.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32877", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to access user-sensitive data"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}]}, "description": {"description_data": [{"lang": "eng", "value": "A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Monterey 12.6. An app may be able to access user-sensitive data."}]}}, "2022/32xxx/CVE-2022-32879.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32879", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A user with physical access to a device may be able to access contacts from the lock screen"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user with physical access to a device may be able to access contacts from the lock screen."}]}}, "2022/32xxx/CVE-2022-32881.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32881", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to modify protected parts of the file system"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system."}]}}, "2022/32xxx/CVE-2022-32887.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32887", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32888.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32888", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution."}]}}, "2022/32xxx/CVE-2022-32889.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32889", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32890.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32890", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A sandboxed process may be able to circumvent sandbox restrictions"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions."}]}}, "2022/32xxx/CVE-2022-32892.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32892", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A sandboxed process may be able to circumvent sandbox restrictions"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213442", "name": "https://support.apple.com/en-us/HT213442"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions."}]}}, "2022/32xxx/CVE-2022-32895.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32895", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to modify protected parts of the file system"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system."}]}}, "2022/32xxx/CVE-2022-32898.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32898", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32899.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32899", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32903.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32903", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32904.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32904", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to access user-sensitive data"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data."}]}}, "2022/32xxx/CVE-2022-32905.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32905", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges."}]}}, "2022/32xxx/CVE-2022-32907.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32907", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved checks. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32909.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32909", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to access user-sensitive data"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved handling of caches. This issue is fixed in iOS 16. An app may be able to access user-sensitive data."}]}}, "2022/32xxx/CVE-2022-32910.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32910", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.5"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.6"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "2022"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An archive may be able to bypass Gatekeeper"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213345", "name": "https://support.apple.com/en-us/HT213345"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213344", "name": "https://support.apple.com/en-us/HT213344"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213343", "name": "https://support.apple.com/en-us/HT213343"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper."}]}}, "2022/32xxx/CVE-2022-32913.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32913", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A sandboxed app may be able to determine which app is currently using the camera"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera."}]}}, "2022/32xxx/CVE-2022-32914.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32914", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32915.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32915", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32918.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32918", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to bypass Privacy preferences"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to bypass Privacy preferences."}]}}, "2022/32xxx/CVE-2022-32922.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32922", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213495", "name": "https://support.apple.com/en-us/HT213495"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution."}]}}, "2022/32xxx/CVE-2022-32923.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32923", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may disclose internal states of the app"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213495", "name": "https://support.apple.com/en-us/HT213495"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app."}]}}, "2022/32xxx/CVE-2022-32924.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32924", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32925.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32925", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to cause unexpected system termination or write kernel memory"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory."}]}}, "2022/32xxx/CVE-2022-32926.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32926", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app with root privileges may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16. An app with root privileges may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32927.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32927", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app."}]}}, "2022/32xxx/CVE-2022-32928.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32928", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A user in a privileged network position may be able to intercept mail credentials"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials."}]}}, "2022/32xxx/CVE-2022-32929.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32929", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to access iOS backups"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 15.7 and iPadOS 15.7, iOS 16.1 and iPadOS 16. An app may be able to access iOS backups."}]}}, "2022/32xxx/CVE-2022-32932.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32932", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32934.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32934", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A remote user may be able to cause kernel code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to cause kernel code execution."}]}}, "2022/32xxx/CVE-2022-32935.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32935", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A user may be able to view restricted content from the lock screen"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "A lock screen issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. A user may be able to view restricted content from the lock screen."}]}}, "2022/32xxx/CVE-2022-32936.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32936", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to disclose kernel memory"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to disclose kernel memory."}]}}, "2022/32xxx/CVE-2022-32938.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32938", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A shortcut may be able to check the existence of an arbitrary path on the file system"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}]}, "description": {"description_data": [{"lang": "eng", "value": "A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. A shortcut may be able to check the existence of an arbitrary path on the file system."}]}}, "2022/32xxx/CVE-2022-32939.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32939", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32940.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32940", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32941.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32941", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A buffer overflow may result in arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213493", "name": "https://support.apple.com/en-us/HT213493"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213494", "name": "https://support.apple.com/en-us/HT213494"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A buffer overflow may result in arbitrary code execution."}]}}, "2022/32xxx/CVE-2022-32944.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32944", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213493", "name": "https://support.apple.com/en-us/HT213493"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213494", "name": "https://support.apple.com/en-us/HT213494"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/32xxx/CVE-2022-32946.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32946", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to record audio using a pair of connected AirPods"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to record audio using a pair of connected AirPods."}]}}, "2022/32xxx/CVE-2022-32947.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-32947", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/33xxx/CVE-2022-33870.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-33870", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiTester", "version": {"version_data": [{"version_value": "FortiTester 3.0.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Local", "availabilityImpact": "High", "baseScore": 7.4, "baseSeverity": "High", "confidentialityImpact": "High", "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Execute unauthorized code or commands"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-070", "url": "https://fortiguard.com/psirt/FG-IR-22-070"}]}, "description": {"description_data": [{"lang": "eng", "value": "An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester 3.0.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands."}]}}, "2022/33xxx/CVE-2022-33878.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-33878", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiClientMac", "version": {"version_data": [{"version_value": "FortiClientMac 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "High", "attackVector": "Local", "availabilityImpact": "None", "baseScore": 2.2, "baseSeverity": "Low", "confidentialityImpact": "Low", "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "Required", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N/E:F/RL:U/RC:C", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-246", "url": "https://fortiguard.com/psirt/FG-IR-22-246"}]}, "description": {"description_data": [{"lang": "eng", "value": "An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal."}]}}, "2022/34xxx/CVE-2022-34662.json": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2022-34662", "STATE": "PUBLIC", "TITLE": "Apache DolphinScheduler prior to 3.0.0 allows path traversal"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache DolphinScheduler", "version": {"version_data": [{"version_affected": "<=", "version_name": "Apache DolphinScheduler", "version_value": "3.0.0-beta-1"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "This issue was discovered by Jigang Dong of M1QLin Security Team"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When users add resources to the resource center with a relation path will cause path traversal issues and only for logged-in users. You could upgrade to version 3.0.0 or higher"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{"other": "moderate"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://lists.apache.org/thread/pbdzqf9ntxyvs4cr0x2dgk9zlf43btz8", "name": "https://lists.apache.org/thread/pbdzqf9ntxyvs4cr0x2dgk9zlf43btz8"}]}, "source": {"discovery": "UNKNOWN"}}, "2022/35xxx/CVE-2022-35842.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-35842", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiOS", "version": {"version_data": [{"version_value": "FortiOS 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "High", "attackVector": "Network", "availabilityImpact": "None", "baseScore": 3.7, "baseSeverity": "Low", "confidentialityImpact": "Low", "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-223", "url": "https://fortiguard.com/psirt/FG-IR-22-223"}]}, "description": {"description_data": [{"lang": "eng", "value": "An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS."}]}}, "2022/35xxx/CVE-2022-35851.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-35851", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiADC", "version": {"version_data": [{"version_value": "FortiADC 7.1.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "High", "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "Required", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:F/RL:U/RC:R", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Execute unauthorized code or commands"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-314", "url": "https://fortiguard.com/psirt/FG-IR-22-314"}]}, "description": {"description_data": [{"lang": "eng", "value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC management interface 7.1.0 may allow a remote and authenticated attacker to trigger a stored cross site scripting (XSS) attack via configuring a specially crafted IP Address."}]}}, "2022/37xxx/CVE-2022-37454.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-37454", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://csrc.nist.gov/projects/hash-functions/sha-3-project", "refsource": "MISC", "name": "https://csrc.nist.gov/projects/hash-functions/sha-3-project"}, {"refsource": "MISC", "name": "https://mouha.be/sha-3-buffer-overflow/", "url": "https://mouha.be/sha-3-buffer-overflow/"}, {"refsource": "MISC", "name": "https://news.ycombinator.com/item?id=33281106", "url": "https://news.ycombinator.com/item?id=33281106"}, {"refsource": "MISC", "name": "https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658", "url": "https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221031 [SECURITY] [DLA 3174-1] pysha3 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3175-1] python3.7 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html"}, {"refsource": "FEDORA", "name": "FEDORA-2022-f2a5082860", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/"}, {"refsource": "DEBIAN", "name": "DSA-5267", "url": "https://www.debian.org/security/2022/dsa-5267"}]}}, "2022/38xxx/CVE-2022-38372.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-38372", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiTester", "version": {"version_data": [{"version_value": "FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Local", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "integrityImpact": "High", "privilegesRequired": "High", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper access control"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-283", "url": "https://fortiguard.com/psirt/FG-IR-22-283"}]}, "description": {"description_data": [{"lang": "eng", "value": "A hidden functionality vulnerability [CWE-1242] in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow a local, privileged user to obtain a root shell on the device via an undocumented command."}]}}, "2022/38xxx/CVE-2022-38373.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-38373", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiDeceptor", "version": {"version_data": [{"version_value": "FortiDeceptor 4.2.0, 4.1.0 through 4.1.1, 4.0.2"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "High", "baseScore": 7.3, "baseSeverity": "High", "confidentialityImpact": "High", "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "Required", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Execute unauthorized code or commands"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-331", "url": "https://fortiguard.com/psirt/FG-IR-22-331"}]}, "description": {"description_data": [{"lang": "eng", "value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiDeceptor management interface 4.2.0, 4.1.0 through 4.1.1, 4.0.2 may allow an authenticated user to perform a cross site scripting (XSS) attack via sending requests with specially crafted lure resource ID."}]}}, "2022/38xxx/CVE-2022-38374.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-38374", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiADC", "version": {"version_data": [{"version_value": "FortiADC 7.0.2, 7.0.1, 7.0.0, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "High", "baseScore": 8.0, "baseSeverity": "High", "confidentialityImpact": "High", "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "userInteraction": "Required", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:R", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Execute unauthorized code or commands"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-232", "url": "https://fortiguard.com/psirt/FG-IR-22-232"}]}, "description": {"description_data": [{"lang": "eng", "value": "A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews."}]}}, "2022/38xxx/CVE-2022-38380.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-38380", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiOS", "version": {"version_data": [{"version_value": "FortiOS 7.2.0, 7.0.7, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "None", "baseScore": 4.2, "baseSeverity": "Medium", "confidentialityImpact": "None", "integrityImpact": "Low", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:F/RL:X/RC:X", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper access control"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-174", "url": "https://fortiguard.com/psirt/FG-IR-22-174"}]}, "description": {"description_data": [{"lang": "eng", "value": "An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticated read-only user to modify the interface settings via the API."}]}}, "2022/38xxx/CVE-2022-38381.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-38381", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiADC", "version": {"version_data": [{"version_value": "FortiADC 7.0.2, 7.0.1, 7.0.0, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.3, 5.1.2, 5.1.1, 5.1.0, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "None", "baseScore": 5.2, "baseSeverity": "Medium", "confidentialityImpact": "None", "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:U/RC:C", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Execute unauthorized code or commands"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-234", "url": "https://fortiguard.com/psirt/FG-IR-22-234"}]}, "description": {"description_data": [{"lang": "eng", "value": "An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 through 6.2.3, and 7.0.0 through 7.0.2. This may allow a remote attacker without privileges to bypass some Web Application Firewall (WAF) protection such as the SQL Injection and XSS filters via a malformed HTTP request."}]}}, "2022/39xxx/CVE-2022-39188.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-39188", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2329", "refsource": "MISC", "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2329"}, {"url": "https://lore.kernel.org/stable/CAG48ez3SEqOPcPCYGHVZv4iqEApujD5VtM3Re-tCKLDEFdEdbg@mail.gmail.com/", "refsource": "MISC", "name": "https://lore.kernel.org/stable/CAG48ez3SEqOPcPCYGHVZv4iqEApujD5VtM3Re-tCKLDEFdEdbg@mail.gmail.com/"}, {"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19", "refsource": "MISC", "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19"}, {"url": "https://github.com/torvalds/linux/commit/b67fbebd4cf980aecbcc750e1462128bffe8ae15", "refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/b67fbebd4cf980aecbcc750e1462128bffe8ae15"}, {"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b67fbebd4cf980aecbcc750e1462128bffe8ae15", "refsource": "MISC", "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b67fbebd4cf980aecbcc750e1462128bffe8ae15"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/39xxx/CVE-2022-39190.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-39190", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://twitter.com/pr0Ln", "refsource": "MISC", "name": "https://twitter.com/pr0Ln"}, {"url": "https://lore.kernel.org/all/20220824220330.64283-12-pablo@netfilter.org/", "refsource": "MISC", "name": "https://lore.kernel.org/all/20220824220330.64283-12-pablo@netfilter.org/"}, {"url": "https://github.com/torvalds/linux/commit/e02f0d3970404bfea385b6edb86f2d936db0ea2b", "refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/e02f0d3970404bfea385b6edb86f2d936db0ea2b"}, {"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.6", "refsource": "MISC", "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.6"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/39xxx/CVE-2022-39253.json": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-39253", "STATE": "PUBLIC", "TITLE": "Git subject to exposure of sensitive information via local clone of symbolic links"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "git", "version": {"version_data": [{"version_value": "< 2.30.6"}, {"version_value": "< 2.31.5"}, {"version_value": "< 2.32.4"}, {"version_value": "< 2.33.5"}, {"version_value": "< 2.34.5"}, {"version_value": "< 2.35.5"}, {"version_value": "< 2.36.3"}, {"version_value": "< 2.37.4"}]}}]}, "vendor_name": "git"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via `--no-hardlinks`). A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim's machine. This can be done either by having the victim clone a malicious repository on the same machine, or having them clone a malicious repository embedded as a bare repository via a submodule from any source, provided they clone with the `--recurse-submodules` option. Git does not create symbolic links in the `$GIT_DIR/objects` directory. The problem has been patched in the versions published on 2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning untrusted repositories using the `--local` optimization when on a shared machine, either by passing the `--no-local` option to `git clone` or cloning from a URL that uses the `file://` scheme. Alternatively, avoid cloning repositories from untrusted sources with `--recurse-submodules` or run `git config --global protocol.file.allow user`."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}]}, "references": {"reference_data": [{"name": "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85", "refsource": "CONFIRM", "url": "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85"}, {"refsource": "FEDORA", "name": "FEDORA-2022-12790ca71a", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VFYXCTLOSESYIP72BUYD6ECDIMUM4WMB/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-8b58806840", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/"}, {"refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT213496", "url": "https://support.apple.com/kb/HT213496"}]}, "source": {"advisory": "GHSA-3wp6-j8xr-qw85", "discovery": "UNKNOWN"}}, "2022/39xxx/CVE-2022-39260.json": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-39260", "STATE": "PUBLIC", "TITLE": "Git vulnerable to Remote Code Execution via Heap overflow in `git shell`"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "git", "version": {"version_data": [{"version_value": "< 2.30.6"}, {"version_value": "> 2.31.0, < 2.31.5"}, {"version_value": "> 2.32.0, < 2.32.4"}, {"version_value": "> 2.33.0, < 2.33.5"}, {"version_value": "> 2.34.0, < 2.34.5"}, {"version_value": "> 2.34.0, < 2.35.5"}, {"version_value": "> 2.35.0, < 2.36.3"}, {"version_value": "> 2.37.0, < 2.37.4"}]}}]}, "vendor_name": "git"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-787: Out-of-bounds Write"}]}, {"description": [{"lang": "eng", "value": "CWE-122: Heap-based Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6", "refsource": "CONFIRM", "url": "https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6"}, {"refsource": "FEDORA", "name": "FEDORA-2022-8b58806840", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/"}, {"refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT213496", "url": "https://support.apple.com/kb/HT213496"}]}, "source": {"advisory": "GHSA-rjr6-wcq6-83p6", "discovery": "UNKNOWN"}}, "2022/39xxx/CVE-2022-39369.json": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-39369", "STATE": "PUBLIC", "TITLE": "Service Hostname Discovery Exploitation in phpCAS"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "phpCAS", "version": {"version_data": [{"version_value": "< 1.6.0"}]}}]}, "vendor_name": "apereo"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a valid ticket granted for any authorized service in the same SSO realm (CAS server) to authenticate to the service protected by phpCAS. Depending on the settings of the CAS server service registry in worst case this may be any other service URL (if the allowed URLs are configured to \"^(https)://.*\") or may be strictly limited to known and authorized services in the same SSO federation if proper URL service validation is applied. This vulnerability may allow an attacker to gain access to a victim's account on a vulnerable CASified service without victim's knowledge, when the victim visits attacker's website while being logged in to the same CAS server. phpCAS 1.6.0 is a major version upgrade that starts enforcing service URL discovery validation, because there is unfortunately no 100% safe default config to use in PHP. Starting this version, it is required to pass in an additional service base URL argument when constructing the client class. For more information, please refer to the upgrading doc. This vulnerability only impacts the CAS client that the phpCAS library protects against. The problematic service URL discovery behavior in phpCAS < 1.6.0 will only be disabled, and thus you are not impacted from it, if the phpCAS configuration has the following setup: 1. `phpCAS::setUrl()` is called (a reminder that you have to pass in the full URL of the current page, rather than your service base URL), and 2. `phpCAS::setCallbackURL()` is called, only when the proxy mode is enabled. 3. If your PHP's HTTP header input `X-Forwarded-Host`, `X-Forwarded-Server`, `Host`, `X-Forwarded-Proto`, `X-Forwarded-Protocol` is sanitized before reaching PHP (by a reverse proxy, for example), you will not be impacted by this vulnerability either. If your CAS server service registry is configured to only allow known and trusted service URLs the severity of the vulnerability is reduced substantially in its severity since an attacker must be in control of another authorized service. Otherwise, you should upgrade the library to get the safe service discovery behavior."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-99: Improper Control of Resource Identifiers ('Resource Injection')"}]}, {"description": [{"lang": "eng", "value": "CWE-1287: Improper Validation of Specified Type of Input"}]}]}, "references": {"reference_data": [{"name": "https://github.com/apereo/phpCAS/security/advisories/GHSA-8q72-6qq8-xv64", "refsource": "CONFIRM", "url": "https://github.com/apereo/phpCAS/security/advisories/GHSA-8q72-6qq8-xv64"}]}, "source": {"advisory": "GHSA-8q72-6qq8-xv64", "discovery": "UNKNOWN"}}, "2022/39xxx/CVE-2022-39379.json": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-39379", "STATE": "PUBLIC", "TITLE": "Fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "fluentd", "version": {"version_data": [{"version_value": ">= 1.13.2, < 1.15.3"}]}}]}, "vendor_name": "fluent"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environment variable `FLUENT_OJ_OPTION_MODE` is explicitly set to `object`. Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd version 1.13.2. Earlier versions of Fluentd are not affected by this vulnerability. This issue was patched in version 1.15.3. As a workaround do not use `FLUENT_OJ_OPTION_MODE=object`."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-502: Deserialization of Untrusted Data"}]}]}, "references": {"reference_data": [{"name": "https://github.com/fluent/fluentd/security/advisories/GHSA-fppq-mj76-fpj2", "refsource": "CONFIRM", "url": "https://github.com/fluent/fluentd/security/advisories/GHSA-fppq-mj76-fpj2"}, {"name": "https://github.com/fluent/fluentd/commit/48e5b85dab1b6d4c273090d538fc11b3f2fd8135", "refsource": "MISC", "url": "https://github.com/fluent/fluentd/commit/48e5b85dab1b6d4c273090d538fc11b3f2fd8135"}]}, "source": {"advisory": "GHSA-fppq-mj76-fpj2", "discovery": "UNKNOWN"}}, "2022/39xxx/CVE-2022-39842.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-39842", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19", "refsource": "MISC", "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19"}, {"url": "https://github.com/torvalds/linux/commit/a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7", "refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/a09d2d00af53b43c6f11e6ab3cb58443c2cac8a7"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/39xxx/CVE-2022-39945.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-39945", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiMail", "version": {"version_data": [{"version_value": "FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "None", "baseScore": 5.1, "baseSeverity": "Medium", "confidentialityImpact": "Low", "integrityImpact": "Low", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:X/RC:C", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper access control"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-066", "url": "https://fortiguard.com/psirt/FG-IR-22-066"}]}, "description": {"description_data": [{"lang": "eng", "value": "An improper access control vulnerability [CWE-284] in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via insecure direct object references (IDOR)."}]}}, "2022/39xxx/CVE-2022-39949.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-39949", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiEDR", "version": {"version_data": [{"version_value": "FortiEDR CollectorWindows 4.0.0 \u00a0through 4.1, 5.0.0 through 5.0.3.751, 5.1.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Local", "availabilityImpact": "High", "baseScore": 4.0, "baseSeverity": "Medium", "confidentialityImpact": "None", "integrityImpact": "None", "privilegesRequired": "High", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:R", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Execute unauthorized code or commands"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-218", "url": "https://fortiguard.com/psirt/FG-IR-22-218"}]}, "description": {"description_data": [{"lang": "eng", "value": "An improper control of a resource through its lifetime vulnerability [CWE-664] in FortiEDR CollectorWindows 4.0.0 through 4.1, 5.0.0 through 5.0.3.751, 5.1.0 may allow a privileged user to terminate the FortiEDR processes with special tools and bypass the EDR protection."}]}}, "2022/39xxx/CVE-2022-39950.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-39950", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiAnalyzer, FortiManager", "version": {"version_data": [{"version_value": "FortiAnalyzer 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiManager 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Network", "availabilityImpact": "High", "baseScore": 7.6, "baseSeverity": "High", "confidentialityImpact": "High", "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "Required", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Execute unauthorized code or commands"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-21-228", "url": "https://fortiguard.com/psirt/FG-IR-21-228"}]}, "description": {"description_data": [{"lang": "eng", "value": "An improper neutralization of input during web page generation vulnerability [CWE-79] exists in FortiManager and FortiAnalyzer 6.0.0 all versions, 6.2.0 all versions, 6.4.0 through 6.4.8, and 7.0.0 through 7.0.4. Report templates may allow a low privilege level attacker to perform an XSS attack via posting a crafted CKeditor \"protected\" comment as described in CVE-2020-9281."}]}}, "2022/3xxx/CVE-2022-3028.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3028", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Linux kernel", "version": {"version_data": [{"version_value": "Fixed in kernel 6.0-rc3"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-667, CWE-362, CWE-125, CWE-787"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/ba953a9d89a00c078b85f4b190bc1dde66fe16b5", "url": "https://github.com/torvalds/linux/commit/ba953a9d89a00c078b85f4b190bc1dde66fe16b5"}, {"refsource": "MISC", "name": "https://lore.kernel.org/all/YtoWqEkKzvimzWS5@gondor.apana.org.au/T/", "url": "https://lore.kernel.org/all/YtoWqEkKzvimzWS5@gondor.apana.org.au/T/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-6835ddb6d8", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F3MYP7WX4PNE6RCITVXA43CECBZT4CL6/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-35c14ba5bb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKVA75UHKVOHNOEPCLUHTFGWCOOUBDM3/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-ccb0138bb6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEQYVCNYUWB4CJ2YRAYNF2GGFQ7SUYC4/"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket."}]}}, "2022/3xxx/CVE-2022-3061.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3061", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "Linux kernel 5.18-rc5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-369"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git/commit/?id=15cf0b82271b1823fb02ab8c377badba614d95d5", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git/commit/?id=15cf0b82271b1823fb02ab8c377badba614d95d5"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error."}]}}, "2022/3xxx/CVE-2022-3176.json": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "DATE_PUBLIC": "2022-08-31T22:00:00.000Z", "ID": "CVE-2022-3176", "STATE": "PUBLIC", "TITLE": "Use-after-free in io_uring in Linux Kernel"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_affected": "<", "version_value": "fc78b2fc21f10c4c9c4d5d659a685710ffa63659"}]}}]}, "vendor_name": "Linux"}]}}, "credit": [{"lang": "eng", "value": "Bing-Jhong Billy Jheng <billy@starlabs.sg>"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-416 Use After Free"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://kernel.dance/#fc78b2fc21f10c4c9c4d5d659a685710ffa63659", "name": "https://kernel.dance/#fc78b2fc21f10c4c9c4d5d659a685710ffa63659"}, {"refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?h=linux-5.4.y&id=fc78b2fc21f10c4c9c4d5d659a685710ffa63659", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?h=linux-5.4.y&id=fc78b2fc21f10c4c9c4d5d659a685710ffa63659"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "source": {"discovery": "EXTERNAL"}}, "2022/3xxx/CVE-2022-3195.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3195", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Out of bounds write"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-2-M105", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://crbug.com/1358381", "refsource": "MISC", "name": "https://crbug.com/1358381"}, {"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}, {"url": "https://security.gentoo.org/glsa/202209-23", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202209-23"}]}}, "2022/3xxx/CVE-2022-3196.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3196", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-2-M105", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"}, {"url": "https://crbug.com/1358090", "refsource": "MISC", "name": "https://crbug.com/1358090"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}, {"url": "https://security.gentoo.org/glsa/202209-23", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202209-23"}]}}, "2022/3xxx/CVE-2022-3197.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3197", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-2-M105", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"}, {"url": "https://crbug.com/1358075", "refsource": "MISC", "name": "https://crbug.com/1358075"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}, {"url": "https://security.gentoo.org/glsa/202209-23", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202209-23"}]}}, "2022/3xxx/CVE-2022-3198.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3198", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-2-M105", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"}, {"url": "https://crbug.com/1355682", "refsource": "MISC", "name": "https://crbug.com/1355682"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}, {"url": "https://security.gentoo.org/glsa/202209-23", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202209-23"}]}}, "2022/3xxx/CVE-2022-3199.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3199", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-2-M105", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"}, {"url": "https://crbug.com/1355237", "refsource": "MISC", "name": "https://crbug.com/1355237"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}, {"url": "https://security.gentoo.org/glsa/202209-23", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202209-23"}]}}, "2022/3xxx/CVE-2022-3200.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3200", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap buffer overflow"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-2-M105", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"}, {"url": "https://crbug.com/1355103", "refsource": "MISC", "name": "https://crbug.com/1355103"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}, {"url": "https://security.gentoo.org/glsa/202209-23", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202209-23"}]}}, "2022/3xxx/CVE-2022-3201.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3201", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient validation of untrusted input"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-2-M105", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"}, {"url": "https://crbug.com/1343104", "refsource": "MISC", "name": "https://crbug.com/1343104"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"}, {"url": "https://security.gentoo.org/glsa/202209-23", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202209-23"}, {"url": "https://www.debian.org/security/2022/dsa-5244", "refsource": "MISC", "name": "https://www.debian.org/security/2022/dsa-5244"}, {"url": "https://security.gentoo.org/glsa/202210-16", "refsource": "MISC", "name": "https://security.gentoo.org/glsa/202210-16"}]}}, "2022/3xxx/CVE-2022-3303.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3303", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Linux kernel", "version": {"version_data": [{"version_value": "Fixed in kernel 6.0-rc5"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-667->CWE-362->CWE-476"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8423f0b6d513b259fdab9c9bf4aaa6188d054c2d", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8423f0b6d513b259fdab9c9bf4aaa6188d054c2d"}, {"refsource": "MISC", "name": "https://lore.kernel.org/all/CAFcO6XN7JDM4xSXGhtusQfS2mSBcx50VJKwQpCq=WeLt57aaZA@mail.gmail.com/", "url": "https://lore.kernel.org/all/CAFcO6XN7JDM4xSXGhtusQfS2mSBcx50VJKwQpCq=WeLt57aaZA@mail.gmail.com/"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition"}]}}, "2022/3xxx/CVE-2022-3304.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3304", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://crbug.com/1358907", "refsource": "MISC", "name": "https://crbug.com/1358907"}, {"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}]}}, "2022/3xxx/CVE-2022-3305.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3305", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1319229", "refsource": "MISC", "name": "https://crbug.com/1319229"}]}}, "2022/3xxx/CVE-2022-3306.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3306", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1320139", "refsource": "MISC", "name": "https://crbug.com/1320139"}]}}, "2022/3xxx/CVE-2022-3307.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3307", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1323488", "refsource": "MISC", "name": "https://crbug.com/1323488"}]}}, "2022/3xxx/CVE-2022-3308.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3308", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient policy enforcement"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1342722", "refsource": "MISC", "name": "https://crbug.com/1342722"}]}}, "2022/3xxx/CVE-2022-3309.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3309", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI gestures. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1348415", "refsource": "MISC", "name": "https://crbug.com/1348415"}]}}, "2022/3xxx/CVE-2022-3310.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3310", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient policy enforcement"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1240065", "refsource": "MISC", "name": "https://crbug.com/1240065"}]}}, "2022/3xxx/CVE-2022-3311.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3311", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1302813", "refsource": "MISC", "name": "https://crbug.com/1302813"}]}}, "2022/3xxx/CVE-2022-3312.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3312", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient validation of untrusted input"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1303306", "refsource": "MISC", "name": "https://crbug.com/1303306"}]}}, "2022/3xxx/CVE-2022-3313.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3313", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Incorrect security UI"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1317904", "refsource": "MISC", "name": "https://crbug.com/1317904"}]}}, "2022/3xxx/CVE-2022-3314.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3314", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1328708", "refsource": "MISC", "name": "https://crbug.com/1328708"}]}}, "2022/3xxx/CVE-2022-3315.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3315", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: Low)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Type confusion"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1322812", "refsource": "MISC", "name": "https://crbug.com/1322812"}]}}, "2022/3xxx/CVE-2022-3316.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3316", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass security feature via a crafted HTML page. (Chrome security severity: Low)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient validation of untrusted input"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1333623", "refsource": "MISC", "name": "https://crbug.com/1333623"}]}}, "2022/3xxx/CVE-2022-3317.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3317", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chrome security severity: Low)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient validation of untrusted input"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1300539", "refsource": "MISC", "name": "https://crbug.com/1300539"}]}}, "2022/3xxx/CVE-2022-3318.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3318", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chrome security severity: Low)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1318791", "refsource": "MISC", "name": "https://crbug.com/1318791"}]}}, "2022/3xxx/CVE-2022-3358.json": {"CVE_data_meta": {"ASSIGNER": "openssl-security@openssl.org", "DATE_PUBLIC": "2022-09-29", "ID": "CVE-2022-3358", "STATE": "PUBLIC", "TITLE": "Using a Custom Cipher with NID_undef may lead to NULL encryption"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "OpenSSL", "version": {"version_data": [{"version_value": "Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)"}]}}]}, "vendor_name": "OpenSSL"}]}}, "credit": [{"lang": "eng", "value": "Chris Rapier (Pittsburgh Supercomputing Center)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() functions (as well as other similarly named encryption and decryption initialisation functions). Instead of using the custom cipher directly it incorrectly tries to fetch an equivalent cipher from the available providers. An equivalent cipher is found based on the NID passed to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a given cipher. However it is possible for an application to incorrectly pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef is used in this way the OpenSSL encryption/decryption initialisation function will match the NULL cipher as being equivalent and will fetch this from the available providers. This will succeed if the default provider has been loaded (or if a third party provider has been loaded that offers this cipher). Using the NULL cipher means that the plaintext is emitted as the ciphertext. Applications are only affected by this issue if they call EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an encryption/decryption initialisation function. Applications that only use SSL/TLS are not impacted by this issue. Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)."}]}, "impact": [{"lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Low", "value": "Low"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "NULL encryption"}]}]}, "references": {"reference_data": [{"name": "https://www.openssl.org/news/secadv/20221011.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv/20221011.txt"}, {"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b"}, {"refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20221028-0014/", "url": "https://security.netapp.com/advisory/ntap-20221028-0014/"}, {"refsource": "CONFIRM", "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"}]}}, "2022/3xxx/CVE-2022-3370.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3370", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-1-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://crbug.com/1366813", "refsource": "MISC", "name": "https://crbug.com/1366813"}, {"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html"}]}}, "2022/3xxx/CVE-2022-3373.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3373", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Out of bounds write"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-1-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html"}, {"url": "https://crbug.com/1366399", "refsource": "MISC", "name": "https://crbug.com/1366399"}]}}, "2022/3xxx/CVE-2022-3387.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3387", "ASSIGNER": "ics-cert@hq.dhs.gov", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Advantech", "product": {"product_data": [{"product_name": "R-SeeNet", "version": {"version_data": [{"version_value": "0", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-291-01", "refsource": "MISC", "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-291-01"}]}, "generator": {"engine": "cveClient/1.0.13"}, "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "rgod"}, {"lang": "en", "value": "Trend Micro Zero Day Initiative"}], "impact": {"cvss": [{"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}]}}, "2022/3xxx/CVE-2022-3443.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3443", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page. (Chrome security severity: Low)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient data validation"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1243802", "refsource": "MISC", "name": "https://crbug.com/1243802"}]}}, "2022/3xxx/CVE-2022-3444.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3444", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page and malicious file. (Chrome security severity: Low)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient data validation"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M106", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1208439", "refsource": "MISC", "name": "https://crbug.com/1208439"}]}}, "2022/3xxx/CVE-2022-3518.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3518", "TITLE": "SourceCodester Sanitization Management System User Creation cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "SourceCodester", "product": {"product_data": [{"product_name": "Sanitization Management System", "version": {"version_data": [{"version_value": "1.0"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-211014 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "2.4", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"}}, "references": {"reference_data": [{"url": "https://vuldb.com/?id.211014", "refsource": "MISC", "name": "https://vuldb.com/?id.211014"}, {"refsource": "MISC", "name": "https://github.com/lohith19/CVE-2022-3518/blob/main/POC", "url": "https://github.com/lohith19/CVE-2022-3518/blob/main/POC"}]}}, "2022/3xxx/CVE-2022-3586.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3586", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "n/a", "product": {"product_data": [{"product_name": "Linux Kernel", "version": {"version_data": [{"version_value": "Fixed in kernel v6.0"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-416"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/9efd23297cca", "url": "https://github.com/torvalds/linux/commit/9efd23297cca"}, {"refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/upcoming/", "url": "https://www.zerodayinitiative.com/advisories/upcoming/"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}, "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in the Linux kernel\u2019s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service."}]}}, "2022/3xxx/CVE-2022-3602.json": {"CVE_data_meta": {"ASSIGNER": "openssl-security@openssl.org", "DATE_PUBLIC": "2022-11-01", "ID": "CVE-2022-3602", "STATE": "PUBLIC", "TITLE": "X.509 Email Address 4-byte Buffer Overflow"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "OpenSSL", "version": {"version_data": [{"version_value": "Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)"}]}}]}, "vendor_name": "OpenSSL"}]}}, "credit": [{"lang": "eng", "value": "Polar Bear"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)."}]}, "impact": [{"lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#HIGH", "value": "HIGH"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Buffer overflow"}]}]}, "references": {"reference_data": [{"name": "https://www.openssl.org/news/secadv/20221101.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv/20221101.txt"}, {"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/15"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/16"}, {"refsource": "CISCO", "name": "20221028 Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/21"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/19"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/18"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/20"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/24"}, {"refsource": "MLIST", "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/17"}, {"refsource": "GENTOO", "name": "GLSA-202211-01", "url": "https://security.gentoo.org/glsa/202211-01"}, {"refsource": "CONFIRM", "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"}, {"refsource": "FEDORA", "name": "FEDORA-2022-0f1d2e0537", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-502f096dce", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/2"}, {"refsource": "MLIST", "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/6"}, {"refsource": "MLIST", "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/5"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/1"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/3"}]}}, "2022/3xxx/CVE-2022-3621.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3621", "TITLE": "Linux Kernel nilfs2 inode.c nilfs_bmap_lookup_at_level null pointer dereference", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Linux", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-476 NULL Pointer Dereference"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=21a87d88c2253350e115029f14fe2a10a7e6c856", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=21a87d88c2253350e115029f14fe2a10a7e6c856"}, {"url": "https://vuldb.com/?id.211920", "refsource": "MISC", "name": "https://vuldb.com/?id.211920"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/3xxx/CVE-2022-3625.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3625", "TITLE": "Linux Kernel IPsec devlink.c devlink_param_get use after free", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Linux", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-119 Memory Corruption -> CWE-416 Use After Free"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.6", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=6b4db2e528f650c7fb712961aac36455468d5902", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=6b4db2e528f650c7fb712961aac36455468d5902"}, {"url": "https://vuldb.com/?id.211929", "refsource": "MISC", "name": "https://vuldb.com/?id.211929"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/3xxx/CVE-2022-3629.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3629", "TITLE": "Linux Kernel IPsec af_vsock.c vsock_connect memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Linux", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "2.6", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9d", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9d"}, {"url": "https://vuldb.com/?id.211930", "refsource": "MISC", "name": "https://vuldb.com/?id.211930"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/3xxx/CVE-2022-3633.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3633", "TITLE": "Linux Kernel IPsec transport.c j1939_session_destroy memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Linux", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "3.5", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=8c21c54a53ab21842f5050fa090f26b03c0313d6", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=8c21c54a53ab21842f5050fa090f26b03c0313d6"}, {"url": "https://vuldb.com/?id.211932", "refsource": "MISC", "name": "https://vuldb.com/?id.211932"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/3xxx/CVE-2022-3635.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3635", "TITLE": "Linux Kernel IPsec idt77252.c tst_timer use after free", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Linux", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-119 Memory Corruption -> CWE-416 Use After Free"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "5.5", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b"}, {"url": "https://vuldb.com/?id.211934", "refsource": "MISC", "name": "https://vuldb.com/?id.211934"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/3xxx/CVE-2022-3646.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3646", "TITLE": "Linux Kernel BPF segment.c nilfs_attach_log_writer memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Linux", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d0d51a97063db4704a5ef6bc978dddab1636a306", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d0d51a97063db4704a5ef6bc978dddab1636a306"}, {"url": "https://vuldb.com/?id.211961", "refsource": "MISC", "name": "https://vuldb.com/?id.211961"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/3xxx/CVE-2022-3649.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3649", "TITLE": "Linux Kernel BPF inode.c nilfs_new_inode use after free", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Linux", "product": {"product_data": [{"product_name": "Kernel", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-119 Memory Corruption -> CWE-416 Use After Free"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d325dc6eb763c10f591c239550b8c7e5466a5d09", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=d325dc6eb763c10f591c239550b8c7e5466a5d09"}, {"url": "https://vuldb.com/?id.211992", "refsource": "MISC", "name": "https://vuldb.com/?id.211992"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/3xxx/CVE-2022-3652.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3652", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Type Confusion"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1369871", "refsource": "MISC", "name": "https://crbug.com/1369871"}]}}, "2022/3xxx/CVE-2022-3653.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3653", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap buffer overflow"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1354271", "refsource": "MISC", "name": "https://crbug.com/1354271"}]}}, "2022/3xxx/CVE-2022-3654.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3654", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1365330", "refsource": "MISC", "name": "https://crbug.com/1365330"}]}}, "2022/3xxx/CVE-2022-3655.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3655", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap buffer overflow"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1343384", "refsource": "MISC", "name": "https://crbug.com/1343384"}]}}, "2022/3xxx/CVE-2022-3656.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3656", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient data validation"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1345275", "refsource": "MISC", "name": "https://crbug.com/1345275"}]}}, "2022/3xxx/CVE-2022-3657.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3657", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1351177", "refsource": "MISC", "name": "https://crbug.com/1351177"}]}}, "2022/3xxx/CVE-2022-3658.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3658", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1352817", "refsource": "MISC", "name": "https://crbug.com/1352817"}]}}, "2022/3xxx/CVE-2022-3659.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3659", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use after free"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1355560", "refsource": "MISC", "name": "https://crbug.com/1355560"}]}}, "2022/3xxx/CVE-2022-3660.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3660", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chrome security severity: Medium)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Inappropriate implementation"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1327505", "refsource": "MISC", "name": "https://crbug.com/1327505"}]}}, "2022/3xxx/CVE-2022-3661.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3661", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chrome security severity: Low)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insufficient data validation"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-0-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"}, {"url": "https://crbug.com/1350111", "refsource": "MISC", "name": "https://crbug.com/1350111"}]}}, "2022/3xxx/CVE-2022-3723.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3723", "ASSIGNER": "chrome-cve-admin@google.com", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Type Confusion"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Google", "product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_value": "Chrome-Release-1-M107", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html"}, {"url": "https://crbug.com/1378239", "refsource": "MISC", "name": "https://crbug.com/1378239"}]}}, "2022/3xxx/CVE-2022-3780.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3780", "ASSIGNER": "security@devolutions.net", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data. This issue affects : Remote Desktop Manager 2022.3.7 and prior versions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284 Improper Access Control", "cweId": "CWE-284"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Devolutions", "product": {"product_data": [{"product_name": "Remote Desktop Manager", "version": {"version_data": [{"version_value": "0", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://devolutions.net/security/advisories/DEVO-2022-0008", "refsource": "MISC", "name": "https://devolutions.net/security/advisories/DEVO-2022-0008"}]}, "generator": {"engine": "Vulnogram 0.1.0-dev"}, "source": {"discovery": "UNKNOWN"}}, "2022/3xxx/CVE-2022-3781.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-3781", "ASSIGNER": "security@devolutions.net", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote Desktop Manager 2022.2.26 and prior versions. Devolutions Server 2022.3.1 and prior versions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-311 Missing Encryption of Sensitive Data", "cweId": "CWE-311"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Devolutions", "product": {"product_data": [{"product_name": "Remote Desktop Manager", "version": {"version_data": [{"version_value": "0", "version_affected": "="}]}}, {"product_name": "Devolutions Server", "version": {"version_data": [{"version_value": "0", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://devolutions.net/security/advisories/DEVO-2022-0009", "refsource": "MISC", "name": "https://devolutions.net/security/advisories/DEVO-2022-0009"}]}, "generator": {"engine": "Vulnogram 0.1.0-dev"}, "source": {"discovery": "UNKNOWN"}}, "2022/3xxx/CVE-2022-3786.json": {"CVE_data_meta": {"ASSIGNER": "openssl-security@openssl.org", "DATE_PUBLIC": "2022-11-01", "ID": "CVE-2022-3786", "STATE": "PUBLIC", "TITLE": "X.509 Email Address Variable Length Buffer Overflow"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "OpenSSL", "version": {"version_data": [{"version_value": "Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)"}]}}]}, "vendor_name": "OpenSSL"}]}}, "credit": [{"lang": "eng", "value": "Viktor Dukhovni"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)."}]}, "impact": [{"lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#HIGH", "value": "HIGH"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Buffer overflow"}]}]}, "references": {"reference_data": [{"name": "https://www.openssl.org/news/secadv/20221101.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv/20221101.txt"}, {"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/15"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/16"}, {"refsource": "CISCO", "name": "20221028 Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/21"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/19"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/18"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/20"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/24"}, {"refsource": "MLIST", "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/17"}, {"refsource": "GENTOO", "name": "GLSA-202211-01", "url": "https://security.gentoo.org/glsa/202211-01"}, {"refsource": "CONFIRM", "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"}, {"refsource": "FEDORA", "name": "FEDORA-2022-0f1d2e0537", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-502f096dce", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/2"}, {"refsource": "MLIST", "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/6"}, {"refsource": "MLIST", "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/5"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/1"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)", "url": "http://www.openwall.com/lists/oss-security/2022/11/02/3"}]}}, "2022/3xxx/CVE-2022-3788.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3788", "TITLE": "TablePress Plugin Table Import cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "", "product": {"product_data": [{"product_name": "TablePress Plugin", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability, which was classified as problematic, was found in TablePress Plugin. Affected is an unknown function of the component Table Import Handler. The manipulation of the argument Import data leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212610 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "2.4", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"}}, "references": {"reference_data": [{"url": "https://drive.google.com/file/d/10tk6wEh1hdkb2vVoqJqZJZsOtfxpniyY/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/10tk6wEh1hdkb2vVoqJqZJZsOtfxpniyY/view"}, {"url": "https://drive.google.com/file/d/1iRUtJYUZB0Ho-2Aqyw7TCtFN9L96UDfs/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/1iRUtJYUZB0Ho-2Aqyw7TCtFN9L96UDfs/view"}, {"url": "https://vuldb.com/?id.212610", "refsource": "MISC", "name": "https://vuldb.com/?id.212610"}]}}, "2022/3xxx/CVE-2022-3789.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3789", "TITLE": "Tim Campus Confession Wall share.php sql injection", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Tim Campus", "product": {"product_data": [{"product_name": "Confession Wall", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been found in Tim Campus Confession Wall and classified as critical. Affected by this vulnerability is an unknown functionality of the file share.php. The manipulation of the argument post_id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212611."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "5.5", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/whiex/-Tim-Campus-Confession-Wall", "refsource": "MISC", "name": "https://github.com/whiex/-Tim-Campus-Confession-Wall"}, {"url": "https://vuldb.com/?id.212611", "refsource": "MISC", "name": "https://vuldb.com/?id.212611"}]}}, "2022/3xxx/CVE-2022-3790.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3790", "TITLE": "Flipbook Plugin Edit Post post.php cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "", "product": {"product_data": [{"product_name": "Flipbook Plugin", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Flipbook Plugin and classified as problematic. Affected by this issue is some unknown functionality of the file post.php of the component Edit Post Handler. The manipulation of the argument Shortcode leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212612."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "2.4", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"}}, "references": {"reference_data": [{"url": "https://drive.google.com/file/d/1nYGpfvr_7gGnoVnkSzmK8s99U9s_ndqC/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/1nYGpfvr_7gGnoVnkSzmK8s99U9s_ndqC/view"}, {"url": "https://drive.google.com/file/d/1gV1UL0P-La0Hx_4FtCpiBR-BKH8JGPPp/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/1gV1UL0P-La0Hx_4FtCpiBR-BKH8JGPPp/view"}, {"url": "https://vuldb.com/?id.212612", "refsource": "MISC", "name": "https://vuldb.com/?id.212612"}]}}, "2022/3xxx/CVE-2022-3791.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3791", "TITLE": "PDF & Print Plugin Setting cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "", "product": {"product_data": [{"product_name": "PDF & Print Plugin", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in PDF & Print Plugin. It has been classified as problematic. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212613 was assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "2.4", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"}}, "references": {"reference_data": [{"url": "https://drive.google.com/file/d/16i4A0wNOjku4mZCJ6sEngKeGjsxXwv5A/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/16i4A0wNOjku4mZCJ6sEngKeGjsxXwv5A/view"}, {"url": "https://drive.google.com/file/d/1shm7CG0XF9SNfRQBDveENtyfkmlFiphN/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/1shm7CG0XF9SNfRQBDveENtyfkmlFiphN/view"}, {"url": "https://vuldb.com/?id.212613", "refsource": "MISC", "name": "https://vuldb.com/?id.212613"}]}}, "2022/3xxx/CVE-2022-3796.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3796", "TITLE": "Events Calendar Plugin Event post.php cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "", "product": {"product_data": [{"product_name": "Events Calendar Plugin", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Events Calendar Plugin. It has been declared as problematic. This vulnerability affects unknown code of the file post.php of the component Event Handler. The manipulation of the argument title/body leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212632."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "2.4", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"}}, "references": {"reference_data": [{"url": "https://drive.google.com/file/d/1NMcJYb9HyenkaSK-PxwsS5fOeY6FgrtV/edit", "refsource": "MISC", "name": "https://drive.google.com/file/d/1NMcJYb9HyenkaSK-PxwsS5fOeY6FgrtV/edit"}, {"url": "https://drive.google.com/file/d/1vineiIgIn7xyo3C0V-7__neZHcbP8pgq/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/1vineiIgIn7xyo3C0V-7__neZHcbP8pgq/view"}, {"url": "https://vuldb.com/?id.212632", "refsource": "MISC", "name": "https://vuldb.com/?id.212632"}]}}, "2022/3xxx/CVE-2022-3797.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3797", "TITLE": "eolinker apinto-dashboard login redirect", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "eolinker", "product": {"product_data": [{"product_name": "apinto-dashboard", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-601 Open Redirect"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in eolinker apinto-dashboard. It has been rated as problematic. This issue affects some unknown processing of the file /login. The manipulation of the argument callback leads to open redirect. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212633 was assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "6.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://c2.im5i.com/2022/11/01/Xrny6.png", "refsource": "MISC", "name": "https://c2.im5i.com/2022/11/01/Xrny6.png"}, {"url": "https://vuldb.com/?id.212633", "refsource": "MISC", "name": "https://vuldb.com/?id.212633"}]}}, "2022/3xxx/CVE-2022-3798.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3798", "TITLE": "IBAX go-ibax tablesInfo sql injection", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "IBAX", "product": {"product_data": [{"product_name": "go-ibax", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability classified as critical has been found in IBAX go-ibax. Affected is an unknown function of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212634 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "6.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/IBAX-io/go-ibax/issues/2060", "refsource": "MISC", "name": "https://github.com/IBAX-io/go-ibax/issues/2060"}, {"url": "https://vuldb.com/?id.212634", "refsource": "MISC", "name": "https://vuldb.com/?id.212634"}]}}, "2022/3xxx/CVE-2022-3799.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3799", "TITLE": "IBAX go-ibax tablesInfo sql injection", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "IBAX", "product": {"product_data": [{"product_name": "go-ibax", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability classified as critical was found in IBAX go-ibax. Affected by this vulnerability is an unknown functionality of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212635."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "6.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/IBAX-io/go-ibax/issues/2060", "refsource": "MISC", "name": "https://github.com/IBAX-io/go-ibax/issues/2060"}, {"url": "https://vuldb.com/?id.212635", "refsource": "MISC", "name": "https://vuldb.com/?id.212635"}]}}, "2022/3xxx/CVE-2022-3800.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3800", "TITLE": "IBAX go-ibax rowsInfo sql injection", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "IBAX", "product": {"product_data": [{"product_name": "go-ibax", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability, which was classified as critical, has been found in IBAX go-ibax. Affected by this issue is some unknown functionality of the file /api/v2/open/rowsInfo. The manipulation of the argument table_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212636."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "6.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/IBAX-io/go-ibax/issues/2061", "refsource": "MISC", "name": "https://github.com/IBAX-io/go-ibax/issues/2061"}, {"url": "https://vuldb.com/?id.212636", "refsource": "MISC", "name": "https://vuldb.com/?id.212636"}]}}, "2022/3xxx/CVE-2022-3801.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3801", "TITLE": "IBAX go-ibax rowsInfo sql injection", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "IBAX", "product": {"product_data": [{"product_name": "go-ibax", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability, which was classified as critical, was found in IBAX go-ibax. This affects an unknown part of the file /api/v2/open/rowsInfo. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212637 was assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "6.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/IBAX-io/go-ibax/issues/2062", "refsource": "MISC", "name": "https://github.com/IBAX-io/go-ibax/issues/2062"}, {"url": "https://vuldb.com/?id.212637", "refsource": "MISC", "name": "https://vuldb.com/?id.212637"}]}}, "2022/3xxx/CVE-2022-3802.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3802", "TITLE": "IBAX go-ibax rowsInfo sql injection", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "IBAX", "product": {"product_data": [{"product_name": "go-ibax", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been found in IBAX go-ibax and classified as critical. This vulnerability affects unknown code of the file /api/v2/open/rowsInfo. The manipulation of the argument where leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-212638 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "6.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/IBAX-io/go-ibax/issues/2063", "refsource": "MISC", "name": "https://github.com/IBAX-io/go-ibax/issues/2063"}, {"url": "https://vuldb.com/?id.212638", "refsource": "MISC", "name": "https://vuldb.com/?id.212638"}]}}, "2022/3xxx/CVE-2022-3803.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3803", "TITLE": "eolinker apinto-dashboard cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "eolinker", "product": {"product_data": [{"product_name": "apinto-dashboard", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in eolinker apinto-dashboard and classified as problematic. This issue affects some unknown processing of the file /api/discoveries/. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212639."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "3.5", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"}}, "references": {"reference_data": [{"url": "https://c2.im5i.com/2022/11/01/Xr9Zz.png", "refsource": "MISC", "name": "https://c2.im5i.com/2022/11/01/Xr9Zz.png"}, {"url": "https://c2.im5i.com/2022/11/01/XroR8.png", "refsource": "MISC", "name": "https://c2.im5i.com/2022/11/01/XroR8.png"}, {"url": "https://vuldb.com/?id.212639", "refsource": "MISC", "name": "https://vuldb.com/?id.212639"}]}}, "2022/3xxx/CVE-2022-3804.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3804", "TITLE": "eolinker apinto-dashboard login cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "eolinker", "product": {"product_data": [{"product_name": "apinto-dashboard", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in eolinker apinto-dashboard. It has been classified as problematic. Affected is an unknown function of the file /login. The manipulation of the argument callback leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212640."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}, "references": {"reference_data": [{"url": "https://c2.im5i.com/2022/11/01/Xrjjd.png", "refsource": "MISC", "name": "https://c2.im5i.com/2022/11/01/Xrjjd.png"}, {"url": "https://c2.im5i.com/2022/11/01/XrTL4.png", "refsource": "MISC", "name": "https://c2.im5i.com/2022/11/01/XrTL4.png"}, {"url": "https://vuldb.com/?id.212640", "refsource": "MISC", "name": "https://vuldb.com/?id.212640"}]}}, "2022/3xxx/CVE-2022-3807.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3807", "TITLE": "Axiomatic Bento4 Incomplete Fix CVE-2019-13238 resource consumption", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-400 Resource Consumption"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Incomplete Fix CVE-2019-13238. The manipulation leads to resource consumption. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212660."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/803", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/803"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9820612/mp42aac_exhaustive_AP4_RtpAtom50.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9820612/mp42aac_exhaustive_AP4_RtpAtom50.zip"}, {"url": "https://vuldb.com/?id.212660", "refsource": "MISC", "name": "https://vuldb.com/?id.212660"}]}}, "2022/3xxx/CVE-2022-3808.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3808", "TITLE": "WebFactory Under Construction Plugin Plugin Setting cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "WebFactory", "product": {"product_data": [{"product_name": "Under Construction Plugin", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-79 Cross Site Scripting"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability classified as problematic has been found in WebFactory Under Construction Plugin. This affects an unknown part of the component Plugin Setting Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212661 was assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "2.4", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"}}, "references": {"reference_data": [{"url": "https://drive.google.com/file/d/1FLnpiqJWVBvukIep3jI45FfXjpuNPoAi/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/1FLnpiqJWVBvukIep3jI45FfXjpuNPoAi/view"}, {"url": "https://drive.google.com/file/d/1HOMYU9ZtwTbNJsl2cDLOvly88rXcFCFx/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/1HOMYU9ZtwTbNJsl2cDLOvly88rXcFCFx/view"}, {"url": "https://vuldb.com/?id.212661", "refsource": "MISC", "name": "https://vuldb.com/?id.212661"}]}}, "2022/3xxx/CVE-2022-3809.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3809", "TITLE": "Axiomatic Bento4 mp4tag Mp4Tag.cpp ParseCommandLine denial of service", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Axiomatic Bento4 and classified as problematic. Affected by this issue is the function ParseCommandLine of the file Mp4Tag/Mp4Tag.cpp of the component mp4tag. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-212666 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/779", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/779"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip"}, {"url": "https://vuldb.com/?id.212666", "refsource": "MISC", "name": "https://vuldb.com/?id.212666"}]}}, "2022/3xxx/CVE-2022-3810.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3810", "TITLE": "Axiomatic Bento4 mp42hevc Mp42Hevc.cpp AP4_File denial of service", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Axiomatic Bento4. It has been classified as problematic. This affects the function AP4_File::AP4_File of the file Mp42Hevc.cpp of the component mp42hevc. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212667."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/779", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/779"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9653209/poc_Bento4.zip"}, {"url": "https://vuldb.com/?id.212667", "refsource": "MISC", "name": "https://vuldb.com/?id.212667"}]}}, "2022/3xxx/CVE-2022-3812.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3812", "TITLE": "Axiomatic Bento4 mp4encrypt AP4_ContainerAtom memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. Affected by this issue is the function AP4_ContainerAtom::AP4_ContainerAtom of the component mp4encrypt. The manipulation leads to memory leak. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-212678 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/792", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/792"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9726934/POC_mp4encrypt_631000973.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9726934/POC_mp4encrypt_631000973.zip"}, {"url": "https://vuldb.com/?id.212678", "refsource": "MISC", "name": "https://vuldb.com/?id.212678"}]}}, "2022/3xxx/CVE-2022-3813.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3813", "TITLE": "Axiomatic Bento4 mp4edit memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability classified as problematic has been found in Axiomatic Bento4. This affects an unknown part of the component mp4edit. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212679."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/792", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/792"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9726974/POC_mp4edit_728838793.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9726974/POC_mp4edit_728838793.zip"}, {"url": "https://vuldb.com/?id.212679", "refsource": "MISC", "name": "https://vuldb.com/?id.212679"}]}}, "2022/3xxx/CVE-2022-3814.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3814", "TITLE": "Axiomatic Bento4 mp4decrypt memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability classified as problematic was found in Axiomatic Bento4. This vulnerability affects unknown code of the component mp4decrypt. The manipulation leads to memory leak. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212680."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/792", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/792"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9727002/POC_mp4decrypt_477546304.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9727002/POC_mp4decrypt_477546304.zip"}, {"url": "https://vuldb.com/?id.212680", "refsource": "MISC", "name": "https://vuldb.com/?id.212680"}]}}, "2022/3xxx/CVE-2022-3815.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3815", "TITLE": "Axiomatic Bento4 mp4decrypt memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. This issue affects some unknown processing of the component mp4decrypt. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212681 was assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/792", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/792"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9727048/POC_mp4decrypt_34393864.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9727048/POC_mp4decrypt_34393864.zip"}, {"url": "https://vuldb.com/?id.212681", "refsource": "MISC", "name": "https://vuldb.com/?id.212681"}]}}, "2022/3xxx/CVE-2022-3816.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3816", "TITLE": "Axiomatic Bento4 mp4decrypt memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability, which was classified as problematic, was found in Axiomatic Bento4. Affected is an unknown function of the component mp4decrypt. The manipulation leads to memory leak. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212682 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/792", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/792"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9727059/POC_mp4decrypt_654515280.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9727059/POC_mp4decrypt_654515280.zip"}, {"url": "https://vuldb.com/?id.212682", "refsource": "MISC", "name": "https://vuldb.com/?id.212682"}]}}, "2022/3xxx/CVE-2022-3817.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3817", "TITLE": "Axiomatic Bento4 mp4mux memory leak", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Axiomatic", "product": {"product_data": [{"product_name": "Bento4", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-404 Denial of Service -> CWE-401 Memory Leak"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been found in Axiomatic Bento4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component mp4mux. The manipulation leads to memory leak. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212683."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/axiomatic-systems/Bento4/issues/792", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/issues/792"}, {"url": "https://github.com/axiomatic-systems/Bento4/files/9727057/POC_mp4mux_1729452038.zip", "refsource": "MISC", "name": "https://github.com/axiomatic-systems/Bento4/files/9727057/POC_mp4mux_1729452038.zip"}, {"url": "https://vuldb.com/?id.212683", "refsource": "MISC", "name": "https://vuldb.com/?id.212683"}]}}, "2022/3xxx/CVE-2022-3825.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3825", "TITLE": "Huaxia ERP User Management sql injection", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Huaxia", "product": {"product_data": [{"product_name": "ERP", "version": {"version_data": [{"version_value": "2.3"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Huaxia ERP 2.3 and classified as critical. Affected by this issue is some unknown functionality of the component User Management. The manipulation of the argument login leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212792."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "6.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/Ha0Liu/cveAdd/blob/developer/README.EN.md", "refsource": "MISC", "name": "https://github.com/Ha0Liu/cveAdd/blob/developer/README.EN.md"}, {"url": "https://vuldb.com/?id.212792", "refsource": "MISC", "name": "https://vuldb.com/?id.212792"}]}}, "2022/3xxx/CVE-2022-3826.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3826", "TITLE": "Huaxia ERP Retail Management list information disclosure", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "Huaxia", "product": {"product_data": [{"product_name": "ERP", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-266 Incorrect Privilege Assignment -> CWE-284 Improper Access Controls -> CWE-200 Information Disclosure"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Huaxia ERP. It has been classified as problematic. This affects an unknown part of the file /depotHead/list of the component Retail Management. The manipulation of the argument search leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212793 was assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}}, "references": {"reference_data": [{"url": "https://github.com/Ha0Liu/cveAdd/blob/developer/README.EN.yuequan.md", "refsource": "MISC", "name": "https://github.com/Ha0Liu/cveAdd/blob/developer/README.EN.yuequan.md"}, {"url": "https://vuldb.com/?id.212793", "refsource": "MISC", "name": "https://vuldb.com/?id.212793"}]}}, "2022/3xxx/CVE-2022-3827.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-3827", "TITLE": "centreon Contact Groups Form formContactGroup.php sql injection", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC"}, "generator": "vuldb.com", "affects": {"vendor": {"vendor_data": [{"vendor_name": "", "product": {"product_data": [{"product_name": "centreon", "version": {"version_data": [{"version_value": "n/a"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707 Improper Neutralization -> CWE-74 Injection -> CWE-89 SQL Injection"}]}]}, "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cg_id leads to sql injection. The attack can be initiated remotely. The name of the patch is 293b10628f7d9f83c6c82c78cf637cbe9b907369. It is recommended to apply a patch to fix this issue. VDB-212794 is the identifier assigned to this vulnerability."}]}, "impact": {"cvss": {"version": "3.1", "baseScore": "6.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, "references": {"reference_data": [{"url": "https://github.com/centreon/centreon/pull/11869", "refsource": "MISC", "name": "https://github.com/centreon/centreon/pull/11869"}, {"url": "https://github.com/centreon/centreon/commit/293b10628f7d9f83c6c82c78cf637cbe9b907369", "refsource": "MISC", "name": "https://github.com/centreon/centreon/commit/293b10628f7d9f83c6c82c78cf637cbe9b907369"}, {"url": "https://vuldb.com/?id.212794", "refsource": "MISC", "name": "https://vuldb.com/?id.212794"}]}}, "2022/40xxx/CVE-2022-40238.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-40238", "ASSIGNER": "cert@cert.org", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An authenticated attacker can inject arbitrary pickle object as part of a user's profile. This can lead to code execution on the server when the user's profile is accessed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-502: Deserialization of Untrusted Data", "cweId": "CWE-502"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "CERT/CC", "product": {"product_data": [{"product_name": "VINCE - The Vulnerability Information and Coordination Environment", "version": {"version_data": [{"version_value": "1.48.0", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://github.com/CERTCC/VINCE/issues?q=label%3Asecurity", "refsource": "MISC", "name": "https://github.com/CERTCC/VINCE/issues?q=label%3Asecurity"}]}, "generator": {"engine": "cveClient/1.0.13"}, "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "Rapid7 researcher Marcus Chang discovered and reported this security vulnerability to CERT/CC "}]}, "2022/40xxx/CVE-2022-40248.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-40248", "ASSIGNER": "cert@cert.org", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the \"Product Affected\" field."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", "cweId": "CWE-74"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "CERT/CC", "product": {"product_data": [{"product_name": "VINCE - The Vulnerability Information and Coordination Environment ", "version": {"version_data": [{"version_value": "1.48.0", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://github.com/CERTCC/VINCE/issues?q=label%3Asecurity", "refsource": "MISC", "name": "https://github.com/CERTCC/VINCE/issues?q=label%3Asecurity"}]}, "generator": {"engine": "cveClient/1.0.13"}, "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "Rapid7 researcher Nick Sanzotta discovered and reported this security vulnerability to CERT/CC "}]}, "2022/40xxx/CVE-2022-40257.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-40257", "ASSIGNER": "cert@cert.org", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", "cweId": "CWE-74"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "CERT/CC", "product": {"product_data": [{"product_name": "VINCE - The Vulnerability Information and Coordination Environment ", "version": {"version_data": [{"version_value": "1.48.0", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://github.com/CERTCC/VINCE/issues?q=label%3Asecurity", "refsource": "MISC", "name": "https://github.com/CERTCC/VINCE/issues?q=label%3Asecurity"}]}, "generator": {"engine": "cveClient/1.0.13"}, "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "Rapid7 researcher Nick Sanzotta discovered and reported this security vulnerability to CERT/CC "}]}, "2022/40xxx/CVE-2022-40307.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-40307", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/torvalds/linux/commit/9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95", "refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/9cb636b5f6a8cc6d1b50809ec8f8d33ae0c84c95"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/40xxx/CVE-2022-40839.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-40839", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "http://ndk.com", "refsource": "MISC", "name": "http://ndk.com"}, {"url": "http://ndkadvancedcustomizationfields.com", "refsource": "MISC", "name": "http://ndkadvancedcustomizationfields.com"}, {"refsource": "MISC", "name": "https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40839/poc.txt", "url": "https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40839/poc.txt"}]}}, "2022/40xxx/CVE-2022-40840.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-40840", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting (XSS) via createPdf.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "http://ndkadvancedcustomizationfields.com", "refsource": "MISC", "name": "http://ndkadvancedcustomizationfields.com"}, {"refsource": "MISC", "name": "https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40840/poc.txt", "url": "https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40840/poc.txt"}]}}, "2022/41xxx/CVE-2022-41222.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-41222", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3", "refsource": "MISC", "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3"}, {"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2347", "refsource": "MISC", "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2347"}, {"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2", "refsource": "MISC", "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2"}, {"refsource": "MISC", "name": "http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html", "url": "http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/41xxx/CVE-2022-41627.json": {"data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": {"ID": "CVE-2022-41627", "ASSIGNER": "ics-cert@hq.dhs.gov", "STATE": "PUBLIC"}, "description": {"description_data": [{"lang": "eng", "value": "The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal electrocardiogram (EKG) has no encryption for its data-over-sound protocols. Exploiting this vulnerability could allow an attacker to read patient EKG results or create a denial-of-service condition by emitting sounds at similar frequencies as the device, disrupting the smartphone microphone\u2019s ability to accurately read the data. To carry out this attack, the attacker must be close (less than 5 feet) to pick up and emit sound waves."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-311 Missing Encryption of Sensitive Data", "cweId": "CWE-311"}]}]}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "AliveCor", "product": {"product_data": [{"product_name": "KardiaMobile", "version": {"version_data": [{"version_value": "All", "version_affected": "="}]}}]}}]}}, "references": {"reference_data": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-298-01", "refsource": "MISC", "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-298-01"}]}, "generator": {"engine": "cveClient/1.0.13"}, "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "Carlos Cilleruelo Rodr\u00edguez"}, {"lang": "en", "value": "Javier Junquera S\u00e1nchez"}], "impact": {"cvss": [{"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}]}}, "2022/41xxx/CVE-2022-41674.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-41674", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1203770", "refsource": "MISC", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1203770"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/net/mac80211/scan.c", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/net/mac80211/scan.c"}, {"refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2022/10/13/2", "url": "http://www.openwall.com/lists/oss-security/2022/10/13/2"}, {"refsource": "MISC", "name": "https://www.openwall.com/lists/oss-security/2022/10/13/5", "url": "https://www.openwall.com/lists/oss-security/2022/10/13/5"}, {"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d"}, {"refsource": "FEDORA", "name": "FEDORA-2022-2cfbe17910", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-b948fc3cfb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-1a5b125ac6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/42xxx/CVE-2022-42309.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42309", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-414"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions with the fix for XSA-115 running the C variant of Xenstore\n(xenstored or xenstore-stubdom) are vulnerable.\n\nSystems using the Ocaml variant of Xenstore (oxenstored) are not vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "A malicious guest can cause xenstored to crash, resulting in the inability\nto create new guests or to change the configuration of running guests.\n\nMemory corruption in xenstored or privilege escalation of a guest can't\nbe ruled out."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-414.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-414.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-414.html", "url": "http://xenbits.xen.org/xsa/advisory-414.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 414 v2 (CVE-2022-42309) - Xenstore: Guests can crash xenstored", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/4"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Using oxenstored instead of xenstored will avoid the vulnerability."}]}}}}, "2022/42xxx/CVE-2022-42310.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42310", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-415"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "Systems with Xen version 4.9 and newer running the C variant of Xenstore\n(xenstored or xenstore-stubdom) are vulnerable.\n\nSystems using the Ocaml variant of Xenstore (oxenstored) are not vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. When the transaction is committed after this situation, nodes without a valid parent can be made permanent in the data base."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "A malicious guest can cause inconsistencies in the xenstored data base,\nresulting in unusual error responses or memory leaks in xenstored. This\ncan finally cause Denial of Service situations or long running error\nrecoveries of xenstored."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-415.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-415.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-415.html", "url": "http://xenbits.xen.org/xsa/advisory-415.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 415 v2 (CVE-2022-42310) - Xenstore: Guests can create orphaned Xenstore nodes", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/5"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Using oxenstored will avoid the vulnerability."}]}}}}, "2022/42xxx/CVE-2022-42311.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42311", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-326"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions are vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction"}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Unprivileged guests can cause a DoS of xenstored, resulting in the\ninability to create new guests or modify the configuration of running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-326.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-326.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-326.html", "url": "http://xenbits.xen.org/xsa/advisory-326.html"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42312.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42312", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-326"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions are vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction"}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Unprivileged guests can cause a DoS of xenstored, resulting in the\ninability to create new guests or modify the configuration of running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-326.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-326.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-326.html", "url": "http://xenbits.xen.org/xsa/advisory-326.html"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42313.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42313", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-326"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions are vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction"}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Unprivileged guests can cause a DoS of xenstored, resulting in the\ninability to create new guests or modify the configuration of running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-326.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-326.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-326.html", "url": "http://xenbits.xen.org/xsa/advisory-326.html"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42314.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42314", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-326"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions are vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction"}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Unprivileged guests can cause a DoS of xenstored, resulting in the\ninability to create new guests or modify the configuration of running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-326.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-326.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-326.html", "url": "http://xenbits.xen.org/xsa/advisory-326.html"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42315.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42315", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-326"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions are vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction"}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Unprivileged guests can cause a DoS of xenstored, resulting in the\ninability to create new guests or modify the configuration of running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-326.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-326.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-326.html", "url": "http://xenbits.xen.org/xsa/advisory-326.html"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42316.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42316", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-326"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions are vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction"}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Unprivileged guests can cause a DoS of xenstored, resulting in the\ninability to create new guests or modify the configuration of running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-326.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-326.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-326.html", "url": "http://xenbits.xen.org/xsa/advisory-326.html"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42317.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42317", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-326"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions are vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction"}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Unprivileged guests can cause a DoS of xenstored, resulting in the\ninability to create new guests or modify the configuration of running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-326.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-326.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-326.html", "url": "http://xenbits.xen.org/xsa/advisory-326.html"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42318.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42318", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-326"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All Xen versions are vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction"}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Unprivileged guests can cause a DoS of xenstored, resulting in the\ninability to create new guests or modify the configuration of running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-326.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-326.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-326.html", "url": "http://xenbits.xen.org/xsa/advisory-326.html"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42319.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42319", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-416"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "Xen systems with version 4.9 and newer running the C variant of Xenstore\n(xenstored or xenstore-stubdom) are vulnerable.\n\nSystems using the Ocaml variant of Xenstore (oxenstored) are not vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "A malicious guest can cause DoS of xenstored, resulting in the inability\nto create new guests or to change the configuration of already running\nguests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-416.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-416.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-416.html", "url": "http://xenbits.xen.org/xsa/advisory-416.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 416 v2 (CVE-2022-42319) - Xenstore: Guests can cause Xenstore to not free temporary memory", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/6"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Using oxenstored instead of xenstored will avoid the vulnerability."}]}}}}, "2022/42xxx/CVE-2022-42320.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42320", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-417"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All versions of Xen are in principle vulnerable.\n\nOnly systems running the C variant of Xenstore (xenstored or xenstore-\nstubdom) are vulnerable.\n\nSystems using the Ocaml variant of Xenstore (oxenstored) are not vulnerable.\n\nVulnerable systems are only those running software where one domain is\ngranted access to another's xenstore nodes, without complete cleanup\nof those nodes on domain destruction.  No such software is enabled in\ndefault configurations of upstream Xen.\n\nTherefore upstream Xen, without additional management software (in\nhost or guest(s)), is not vulnerable in the default (host and guest)\nconfiguration."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by J\u00fcrgen Gro\u00df of SUSE."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. When a domain is gone, there might be Xenstore nodes left with access rights containing the domid of the removed domain. This is normally no problem, as those access right entries will be corrected when such a node is written later. There is a small time window when a new domain is created, where the access rights of a past domain with the same domid as the new one will be regarded to be still valid, leading to the new domain being able to get access to a node which was meant to be accessible by the removed domain. For this to happen another domain needs to write the node before the newly created domain is being introduced to Xenstore by dom0."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "In some circumstances, it might be possible for a new guest domain to\naccess resources belonging to a previous domain.  The impact would\ndepend on the software in use and the configuration, but might include\nany of denial of service, information leak, or privilege escalation."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-417.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-417.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-417.html", "url": "http://xenbits.xen.org/xsa/advisory-417.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 417 v2 (CVE-2022-42320) - Xenstore: Guests can get access to Xenstore nodes of deleted domains", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/7"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Running oxenstored instead of xenstored will avoid the vulnerability."}]}}}}, "2022/42xxx/CVE-2022-42321.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42321", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-418"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All versions of Xen are affected.\n\nOnly systems running the C variant of Xenstore (xenstored or xenstore-\nstubdom) are vulnerable.\n\nSystems using the Ocaml variant of Xenstore (oxenstored) are not vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by David Vrabel of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "A malicious guest creating very deep nesting levels of Xenstore nodes\nmight be able to crash xenstored, resulting in a Denial of Service (DoS)\nof Xenstore.\n\nThis will inhibit creation of new guests or changing the configuration of\nalready running guests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-418.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-418.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-418.html", "url": "http://xenbits.xen.org/xsa/advisory-418.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 418 v2 (CVE-2022-42321) - Xenstore: Guests can crash xenstored via exhausting the stack", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/8"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Running oxenstored instead of xenstored will avoid the vulnerability."}]}}}}, "2022/42xxx/CVE-2022-42322.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42322", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-419"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All versions of Xen with the fix for XSA-322 are in principle vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by J\u00fcrgen Gro\u00df of SUSE."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A's local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0's number of nodes isn't limited by Xenstore quota."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Two malicious guests working together can drive xenstored into an\nout of memory situation, resulting in a Denial of Service (DoS) of\nxenstored.\n\nThis inhibits creation of new guests and changing the configuration of\nalready running guests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-419.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-419.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-419.html", "url": "http://xenbits.xen.org/xsa/advisory-419.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 419 v2 (CVE-2022-42322,CVE-2022-42323) - Xenstore: Cooperating guests can create arbitrary numbers of nodes", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/9"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42323.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42323", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-419"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All versions of Xen with the fix for XSA-322 are in principle vulnerable.\n\nBoth Xenstore implementations (C and Ocaml) are vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by J\u00fcrgen Gro\u00df of SUSE."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A's local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0's number of nodes isn't limited by Xenstore quota."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Two malicious guests working together can drive xenstored into an\nout of memory situation, resulting in a Denial of Service (DoS) of\nxenstored.\n\nThis inhibits creation of new guests and changing the configuration of\nalready running guests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-419.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-419.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-419.html", "url": "http://xenbits.xen.org/xsa/advisory-419.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 419 v2 (CVE-2022-42322,CVE-2022-42323) - Xenstore: Cooperating guests can create arbitrary numbers of nodes", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/9"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "There is no mitigation available."}]}}}}, "2022/42xxx/CVE-2022-42324.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42324", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-420"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All versions of Xen are affected.\n\nSystems running a 32-bit build of oxenstored are affected.\n\nSystems running a 64-bit build of oxenstored, or systems running (C)\nxenstored are not affected."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by J\u00fcrgen Gro\u00df of SUSE."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusion in the remainder. This in turn can feed a negative value into logic not expecting a negative value, resulting in unexpected exceptions being thrown. The unexpected exception is not handled suitably, creating a busy-loop trying (and failing) to take the bad packet out of the xenstore ring."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "A malicious or buggy guest can write a packet into the xenstore ring\nwhich causes 32-bit builds of oxenstored to busy loop."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-420.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-420.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-420.html", "url": "http://xenbits.xen.org/xsa/advisory-420.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 420 v2 (CVE-2022-42324) - Oxenstored 32->31 bit integer truncation issues", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/10"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Running xenstored instead of oxenstored will avoid the vulnerability."}]}}}}, "2022/42xxx/CVE-2022-42325.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42325", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-421"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All systems running Xen version 4.9 and newer are affected.\n\nOnly systems running the C variant of Xenstore (xenstored or xenstore-\nstubdom) are vulnerable.\n\nSystems using the Ocaml variant of Xenstore (oxenstored) are not vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been performed partially and without updating the accounting information. This will enable a malicious guest to create arbitrary number of nodes."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "A malicious guest can cause memory shortage in xenstored, resulting in\na Denial of Service (DoS) of xenstored.\n\nThis will inhibit creating new guests and changing the configuration\nof already running guests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-421.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-421.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-421.html", "url": "http://xenbits.xen.org/xsa/advisory-421.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 421 v2 (CVE-2022-42325,CVE-2022-42326) - Xenstore: Guests can create arbitrary number of nodes via transactions", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/11"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Running oxenstored instead of xenstored will avoid the vulnerability."}]}}}}, "2022/42xxx/CVE-2022-42326.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42326", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-421"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "All systems running Xen version 4.9 and newer are affected.\n\nOnly systems running the C variant of Xenstore (xenstored or xenstore-\nstubdom) are vulnerable.\n\nSystems using the Ocaml variant of Xenstore (oxenstored) are not vulnerable."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Julien Grall of Amazon."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been performed partially and without updating the accounting information. This will enable a malicious guest to create arbitrary number of nodes."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "A malicious guest can cause memory shortage in xenstored, resulting in\na Denial of Service (DoS) of xenstored.\n\nThis will inhibit creating new guests and changing the configuration\nof already running guests."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-421.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-421.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-421.html", "url": "http://xenbits.xen.org/xsa/advisory-421.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 421 v2 (CVE-2022-42325,CVE-2022-42326) - Xenstore: Guests can create arbitrary number of nodes via transactions", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/11"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Running oxenstored instead of xenstored will avoid the vulnerability."}]}}}}, "2022/42xxx/CVE-2022-42327.json": {"CVE_data_meta": {"ASSIGNER": "security@xen.org", "ID": "CVE-2022-42327", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "xen", "version": {"version_data": [{"version_affected": "?", "version_value": "consult Xen advisory XSA-412"}]}}]}, "vendor_name": "Xen"}]}}, "configuration": {"configuration_data": {"description": {"description_data": [{"lang": "eng", "value": "Only Xen version 4.16 is vulnerable.  Other Xen versions are not vulnerable.\n\nx86 HVM or PVH guests running on Intel systems with the \"virtualize APIC\naccesses\" feature are affected.  This is believed to be all 64-bit\ncapable Intel CPUs.\n\nx86 HVM or PVH guests running on AMD hardware, Arm or x86 PV guests are\nnot affected."}]}}}, "credit": {"credit_data": {"description": {"description_data": [{"lang": "eng", "value": "This issue was discovered by Andrew Cooper of Citrix."}]}}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "x86: unintended memory sharing between guests On Intel systems that support the \"virtualize APIC accesses\" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist between two guests."}]}, "impact": {"impact_data": {"description": {"description_data": [{"lang": "eng", "value": "Guests are able to access an unintended shared memory page.  Note the\ncontents of the page are not interpreted by Xen or hardware."}]}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "unknown"}]}]}, "references": {"reference_data": [{"url": "https://xenbits.xenproject.org/xsa/advisory-412.txt", "refsource": "MISC", "name": "https://xenbits.xenproject.org/xsa/advisory-412.txt"}, {"refsource": "CONFIRM", "name": "http://xenbits.xen.org/xsa/advisory-412.html", "url": "http://xenbits.xen.org/xsa/advisory-412.html"}, {"refsource": "MLIST", "name": "[oss-security] 20221101 Xen Security Advisory 412 v2 (CVE-2022-42327) - x86: unintended memory sharing between guests", "url": "http://www.openwall.com/lists/oss-security/2022/11/01/3"}]}, "workaround": {"workaround_data": {"description": {"description_data": [{"lang": "eng", "value": "Only running PV guests will mitigate the vulnerability on affected\nhardware."}]}}}}, "2022/42xxx/CVE-2022-42473.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42473", "ASSIGNER": "psirt@fortinet.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Fortinet", "product": {"product_data": [{"product_name": "Fortinet FortiSOAR", "version": {"version_data": [{"version_value": "FortiSOAR 7.2.0, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.1, 6.4.0"}]}}]}}]}}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Local", "availabilityImpact": "Low", "baseScore": 4.8, "baseSeverity": "Medium", "confidentialityImpact": "Low", "integrityImpact": "Low", "privilegesRequired": "Low", "scope": "Unchanged", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:R", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "references": {"reference_data": [{"refsource": "CONFIRM", "name": "https://fortiguard.com/psirt/FG-IR-22-216", "url": "https://fortiguard.com/psirt/FG-IR-22-216"}]}, "description": {"description_data": [{"lang": "eng", "value": "A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4.4 and 7.0.0 - 7.0.3 and 7.2.0 allows an attacker to disclose information via logging into the database using a privileged account without a password."}]}}, "2022/42xxx/CVE-2022-42719.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-42719", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1204051", "refsource": "MISC", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1204051"}, {"refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2022/10/13/2", "url": "http://www.openwall.com/lists/oss-security/2022/10/13/2"}, {"refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2022/10/13/5", "url": "http://www.openwall.com/lists/oss-security/2022/10/13/5"}, {"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6"}, {"refsource": "FEDORA", "name": "FEDORA-2022-2cfbe17910", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-b948fc3cfb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-1a5b125ac6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/42xxx/CVE-2022-42720.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-42720", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1204059", "refsource": "MISC", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1204059"}, {"refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2022/10/13/5", "url": "http://www.openwall.com/lists/oss-security/2022/10/13/5"}, {"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f"}, {"refsource": "FEDORA", "name": "FEDORA-2022-2cfbe17910", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-b948fc3cfb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-1a5b125ac6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/42xxx/CVE-2022-42721.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-42721", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1204060", "refsource": "MISC", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1204060"}, {"refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2022/10/13/5", "url": "http://www.openwall.com/lists/oss-security/2022/10/13/5"}, {"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f"}, {"refsource": "FEDORA", "name": "FEDORA-2022-2cfbe17910", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-b948fc3cfb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-1a5b125ac6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/42xxx/CVE-2022-42722.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-42722", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1204125", "refsource": "MISC", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1204125"}, {"refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2022/10/13/5", "url": "http://www.openwall.com/lists/oss-security/2022/10/13/5"}, {"refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=b2d03cabe2b2e150ff5a381731ea0355459be09f", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=b2d03cabe2b2e150ff5a381731ea0355459be09f"}, {"refsource": "FEDORA", "name": "FEDORA-2022-2cfbe17910", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-b948fc3cfb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/"}, {"refsource": "FEDORA", "name": "FEDORA-2022-1a5b125ac6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/"}, {"refsource": "DEBIAN", "name": "DSA-5257", "url": "https://www.debian.org/security/2022/dsa-5257"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/42xxx/CVE-2022-42788.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42788", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A malicious application may be able to read sensitive location information"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Ventura 13. A malicious application may be able to read sensitive location information."}]}}, "2022/42xxx/CVE-2022-42789.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42789", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to access user-sensitive data"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data."}]}}, "2022/42xxx/CVE-2022-42790.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42790", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A user may be able to view restricted content from the lock screen"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. A user may be able to view restricted content from the lock screen."}]}}, "2022/42xxx/CVE-2022-42791.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42791", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/42xxx/CVE-2022-42793.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42793", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to bypass code signing checks"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks."}]}}, "2022/42xxx/CVE-2022-42795.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42795", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted image may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213446", "name": "https://support.apple.com/en-us/HT213446"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213486", "name": "https://support.apple.com/en-us/HT213486"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213487", "name": "https://support.apple.com/en-us/HT213487"}]}, "description": {"description_data": [{"lang": "eng", "value": "A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 16, iOS 16, macOS Ventura 13, watchOS 9. Processing a maliciously crafted image may lead to arbitrary code execution."}]}}, "2022/42xxx/CVE-2022-42796.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42796", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to gain elevated privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213445", "name": "https://support.apple.com/en-us/HT213445"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges."}]}}, "2022/42xxx/CVE-2022-42798.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42798", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Parsing a maliciously crafted audio file may lead to disclosure of user information"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213493", "name": "https://support.apple.com/en-us/HT213493"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213494", "name": "https://support.apple.com/en-us/HT213494"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. Parsing a maliciously crafted audio file may lead to disclosure of user information."}]}}, "2022/42xxx/CVE-2022-42799.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42799", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Visiting a malicious website may lead to user interface spoofing"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213495", "name": "https://support.apple.com/en-us/HT213495"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing."}]}}, "2022/42xxx/CVE-2022-42800.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42800", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A user may be able to cause unexpected app termination or arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213493", "name": "https://support.apple.com/en-us/HT213493"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213494", "name": "https://support.apple.com/en-us/HT213494"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution."}]}}, "2022/42xxx/CVE-2022-42801.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42801", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213494", "name": "https://support.apple.com/en-us/HT213494"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/42xxx/CVE-2022-42803.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42803", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213494", "name": "https://support.apple.com/en-us/HT213494"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/42xxx/CVE-2022-42806.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42806", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}]}, "description": {"description_data": [{"lang": "eng", "value": "A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges."}]}}, "2022/42xxx/CVE-2022-42808.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42808", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A remote user may be able to cause kernel code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution."}]}}, "2022/42xxx/CVE-2022-42809.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42809", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution."}]}}, "2022/42xxx/CVE-2022-42810.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42810", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted USD file may disclose memory contents"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing a maliciously crafted USD file may disclose memory contents."}]}}, "2022/42xxx/CVE-2022-42811.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42811", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to access user-sensitive data"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to access user-sensitive data."}]}}, "2022/42xxx/CVE-2022-42813.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42813", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted certificate may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution."}]}}, "2022/42xxx/CVE-2022-42814.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42814", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to access user-sensitive data"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data."}]}}, "2022/42xxx/CVE-2022-42815.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42815", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to access user-sensitive data"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data."}]}}, "2022/42xxx/CVE-2022-42817.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42817", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Visiting a maliciously crafted website may leak sensitive data"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. Visiting a maliciously crafted website may leak sensitive data."}]}}, "2022/42xxx/CVE-2022-42818.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42818", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A user in a privileged network position may be able to track user activity"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. A user in a privileged network position may be able to track user activity."}]}}, "2022/42xxx/CVE-2022-42819.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42819", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to read sensitive location information"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213443", "name": "https://support.apple.com/en-us/HT213443"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213444", "name": "https://support.apple.com/en-us/HT213444"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}]}, "description": {"description_data": [{"lang": "eng", "value": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to read sensitive location information."}]}}, "2022/42xxx/CVE-2022-42820.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42820", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may cause unexpected app termination or arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}]}, "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may cause unexpected app termination or arbitrary code execution."}]}}, "2022/42xxx/CVE-2022-42823.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42823", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213495", "name": "https://support.apple.com/en-us/HT213495"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution."}]}}, "2022/42xxx/CVE-2022-42824.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42824", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may disclose sensitive user information"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213495", "name": "https://support.apple.com/en-us/HT213495"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information."}]}}, "2022/42xxx/CVE-2022-42825.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42825", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.7"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.6"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "9.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app may be able to modify protected parts of the file system"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213493", "name": "https://support.apple.com/en-us/HT213493"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213494", "name": "https://support.apple.com/en-us/HT213494"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213492", "name": "https://support.apple.com/en-us/HT213492"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213491", "name": "https://support.apple.com/en-us/HT213491"}]}, "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed by removing additional entitlements. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system."}]}}, "2022/42xxx/CVE-2022-42827.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42827", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.7"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited."}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213490", "name": "https://support.apple.com/en-us/HT213490"}]}, "description": {"description_data": [{"lang": "eng", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.."}]}}, "2022/42xxx/CVE-2022-42829.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42829", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app with root privileges may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}]}, "description": {"description_data": [{"lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges."}]}}, "2022/42xxx/CVE-2022-42830.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42830", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app with root privileges may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}]}, "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges."}]}}, "2022/42xxx/CVE-2022-42831.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42831", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app with root privileges may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}]}, "description": {"description_data": [{"lang": "eng", "value": "A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges."}]}}, "2022/42xxx/CVE-2022-42832.json": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-42832", "ASSIGNER": "product-security@apple.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"vendor_name": "Apple", "product": {"product_data": [{"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "13"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "16.1"}]}}]}}]}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "An app with root privileges may be able to execute arbitrary code with kernel privileges"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213488", "name": "https://support.apple.com/en-us/HT213488"}, {"refsource": "MISC", "url": "https://support.apple.com/en-us/HT213489", "name": "https://support.apple.com/en-us/HT213489"}]}, "description": {"description_data": [{"lang": "eng", "value": "A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges."}]}}, "2022/43xxx/CVE-2022-43076.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43076", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A cross-site scripting (XSS) vulnerability in /admin/edit-admin.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtemail parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-1.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-1.md"}]}}, "2022/43xxx/CVE-2022-43078.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43078", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-2.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-2.md"}]}}, "2022/43xxx/CVE-2022-43079.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43079", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Train Scheduler App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-3.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-3.md"}]}}, "2022/43xxx/CVE-2022-43081.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43081", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Fast Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /fastfood/purchase.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/SQLi-3.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/SQLi-3.md"}]}}, "2022/43xxx/CVE-2022-43082.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43082", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A cross-site scripting (XSS) vulnerability in /fastfood/purchase.php of Fast Food Ordering System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the customer parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-4.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-4.md"}]}}, "2022/43xxx/CVE-2022-43083.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43083", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/RCE-2.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/RCE-2.md"}]}}, "2022/43xxx/CVE-2022-43084.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43084", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A cross-site scripting (XSS) vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the v_name parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-5.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/XSS-5.md"}]}}, "2022/43xxx/CVE-2022-43085.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43085", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An arbitrary file upload vulnerability in add_product.php of Restaurant POS System v1.0 allows attackers to execute arbitrary code via a crafted PHP file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/RCE-3.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/RCE-3.md"}]}}, "2022/43xxx/CVE-2022-43086.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43086", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Restaurant POS System v1.0 was discovered to contain a SQL injection vulnerability via update_customer.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/Tr0e/CVE_Hunter/blob/main/SQLi-4.md", "refsource": "MISC", "name": "https://github.com/Tr0e/CVE_Hunter/blob/main/SQLi-4.md"}]}}, "2022/43xxx/CVE-2022-43124.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43124", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/vickysuper/Cve_report/blob/master/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-2.md", "url": "https://github.com/vickysuper/Cve_report/blob/master/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-2.md"}]}}, "2022/43xxx/CVE-2022-43125.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43125", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /appointments/manage_appointment.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/vickysuper/Cve_report/blob/master/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-3.md", "url": "https://github.com/vickysuper/Cve_report/blob/master/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-3.md"}]}}, "2022/43xxx/CVE-2022-43126.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43126", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/tests/manage_test.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/vickysuper/Cve_report/blob/master/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-1.md", "url": "https://github.com/vickysuper/Cve_report/blob/master/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-1.md"}]}}, "2022/43xxx/CVE-2022-43127.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43127", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /appointments/update_status.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/vickysuper/Cve_report/blob/master/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-4.md", "url": "https://github.com/vickysuper/Cve_report/blob/master/vendors/oretnom23/online-diagnostic-lab-management-system/SQLi-4.md"}]}}, "2022/43xxx/CVE-2022-43221.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43221", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/ToughRunner/Open5gs_bugreport3", "refsource": "MISC", "name": "https://github.com/ToughRunner/Open5gs_bugreport3"}]}}, "2022/43xxx/CVE-2022-43222.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43222", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/ToughRunner/Open5gs_bugreport4", "refsource": "MISC", "name": "https://github.com/ToughRunner/Open5gs_bugreport4"}]}}, "2022/43xxx/CVE-2022-43223.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43223", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "open5gs v2.4.11 was discovered to contain a memory leak in the component ngap-handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted UE attachment."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/ToughRunner/Open5gs_bugreport2", "refsource": "MISC", "name": "https://github.com/ToughRunner/Open5gs_bugreport2"}]}}, "2022/43xxx/CVE-2022-43328.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43328", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md", "url": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md"}]}}, "2022/43xxx/CVE-2022-43329.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43329", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-1.md", "url": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-1.md"}]}}, "2022/43xxx/CVE-2022-43330.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43330", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md", "url": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md"}]}}, "2022/43xxx/CVE-2022-43331.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43331", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php_action/printOrder.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "name": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-3.md", "url": "https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-3.md"}]}}, "2022/43xxx/CVE-2022-43361.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43361", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component pop_chart.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/slims/slims9_bulian/issues/162", "refsource": "MISC", "name": "https://github.com/slims/slims9_bulian/issues/162"}]}}, "2022/43xxx/CVE-2022-43362.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43362", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Senayan Library Management System v9.4.2 was discovered to contain a SQL injection vulnerability via the collType parameter at loan_by_class.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/slims/slims9_bulian/issues/163", "refsource": "MISC", "name": "https://github.com/slims/slims9_bulian/issues/163"}]}}, "2022/43xxx/CVE-2022-43670.json": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2022-43670", "STATE": "PUBLIC", "TITLE": "XSS in Sling CMS Reference App Taxonomy Path"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Sling App CMS", "version": {"version_data": [{"version_affected": "<", "version_value": "1.1.2"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "Apache Sling would like to thank QSec-Team for reporting this issue"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the taxonomy management feature."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{"other": "low"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://lists.apache.org/thread/o68l3l3crfxz107fr9dm74y8vg8kj2cs", "name": "https://lists.apache.org/thread/o68l3l3crfxz107fr9dm74y8vg8kj2cs"}]}, "source": {"defect": ["SLING-11622"], "discovery": "UNKNOWN"}, "work_around": [{"lang": "eng", "value": "Upgrade to Apache Sling App CMS >= 1.1.2"}]}, "2022/43xxx/CVE-2022-43750.json": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-43750", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"url": "https://github.com/torvalds/linux/commit/a659daf63d16aa883be42f3f34ff84235c302198", "refsource": "MISC", "name": "https://github.com/torvalds/linux/commit/a659daf63d16aa883be42f3f34ff84235c302198"}, {"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a659daf63d16aa883be42f3f34ff84235c302198", "refsource": "MISC", "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a659daf63d16aa883be42f3f34ff84235c302198"}, {"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.15", "refsource": "MISC", "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.15"}, {"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.1", "refsource": "MISC", "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.1"}, {"refsource": "MLIST", "name": "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html"}]}}, "2022/43xxx/CVE-2022-43982.json": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2022-43982", "STATE": "PUBLIC", "TITLE": "Apache Airflow prior to 2.4.2 allows reflected XSS via Origin Query Argument in URL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Airflow", "version": {"version_data": [{"version_affected": "<", "version_value": "2.4.2"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "The Apache Airflow PMC would like to thank id_No2015429 of 3H Security Team for reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Apache Airflow versions prior to 2.4.2, the \"Trigger DAG with config\" screen was susceptible to XSS attacks via the `origin` query argument."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}]}, "references": {"reference_data": [{"refsource": "MISC", "url": "https://github.com/apache/airflow/pull/27143", "name": "https://github.com/apache/airflow/pull/27143"}, {"refsource": "MISC", "url": "https://lists.apache.org/thread/vqnvdrfsw9z7v7c46qh3psjgr7wy959l", "name": "https://lists.apache.org/thread/vqnvdrfsw9z7v7c46qh3psjgr7wy959l"}]}, "source": {"discovery": "UNKNOWN"}}}