Search criteria
152 vulnerabilities found for extra_packages_for_enterprise_linux by fedoraproject
CVE-2023-6395 (GCVE-0-2023-6395)
Vulnerability from nvd – Published: 2024-01-16 14:33 – Updated: 2025-02-13 17:26
VLAI?
Title
Mock: privilege escalation for users that can access mock configuration
Summary
The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.
Severity ?
6.7 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| n/a | mock | ||||||||||||||||||
|
|||||||||||||||||||
Credits
Red Hat would like to thank Sankin Nikita Alexeevich for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6395"
},
{
"name": "RHBZ#2252206",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252206"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xsuchy/templated-dictionary/commit/0740bd0ca8d487301881541028977d120f8b8933"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6f5d98c4ef4e4b69"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBFYREAJH4T7GXXQZ4GJEREN4Q3AHS3K/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SP2BJC2AFLFJJAEHPGZ3ZINTBTI7AN/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T20:10:59.775490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T20:12:04.076Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "mock",
"vendor": "n/a"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "mock",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "mock",
"product": "Extra Packages for Enterprise Linux",
"vendor": "Fedora"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "mock",
"product": "Fedora",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Sankin Nikita Alexeevich for reporting this issue."
}
],
"datePublic": "2024-01-16T13:52:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T02:06:16.059Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6395"
},
{
"name": "RHBZ#2252206",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252206"
},
{
"url": "https://github.com/xsuchy/templated-dictionary/commit/0740bd0ca8d487301881541028977d120f8b8933"
},
{
"url": "https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6f5d98c4ef4e4b69"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/3"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBFYREAJH4T7GXXQZ4GJEREN4Q3AHS3K/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SP2BJC2AFLFJJAEHPGZ3ZINTBTI7AN/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-30T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-01-16T13:52:00+00:00",
"value": "Made public."
}
],
"title": "Mock: privilege escalation for users that can access mock configuration",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-20: Improper Input Validation"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-6395",
"datePublished": "2024-01-16T14:33:02.308Z",
"dateReserved": "2023-11-30T05:34:50.920Z",
"dateUpdated": "2025-02-13T17:26:22.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0232 (GCVE-0-2024-0232)
Vulnerability from nvd – Published: 2024-01-16 14:01 – Updated: 2025-11-21 06:24
VLAI?
Title
Sqlite: use-after-free bug in jsonparseaddnodearray
Summary
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.
Severity ?
4.7 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Affected:
0 , < 3.43.2
(semver)
|
|||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-13T20:18:59.193130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-13T20:19:06.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0232"
},
{
"name": "RHBZ#2243754",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243754"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240315-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.sqlite.org/download.html",
"defaultStatus": "unaffected",
"packageName": "sqlite",
"versions": [
{
"lessThan": "3.43.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "sqlite",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "sqlite",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "mingw-sqlite",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "sqlite",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "sqlite",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2023-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T06:24:19.419Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0232"
},
{
"name": "RHBZ#2243754",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243754"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-12T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Sqlite: use-after-free bug in jsonparseaddnodearray",
"x_redhatCweChain": "CWE-416: Use After Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-0232",
"datePublished": "2024-01-16T14:01:58.505Z",
"dateReserved": "2024-01-04T12:11:09.709Z",
"dateUpdated": "2025-11-21T06:24:19.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-51766 (GCVE-0-2023-51766)
Vulnerability from nvd – Published: 2023-12-24 00:00 – Updated: 2025-11-04 18:21
VLAI?
Summary
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:21:35.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"tags": [
"x_transferred"
],
"url": "https://exim.org/static/doc/security/CVE-2023-51766.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.exim.org/show_bug.cgi?id=3063"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/23/2"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.exim.org/exim.git/commit/5bb786d5ad568a88d50d15452aacc8404047e5ca"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.exim.org/exim.git/commit/cf1376206284f2a4f11e32d931d4aade34c206c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255852"
},
{
"tags": [
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"name": "[oss-security] 20231229 CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Exim/exim/blob/master/doc/doc-txt/cve-2023-51766"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/1"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/2"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"name": "[debian-lts-announce] 20240105 [SECURITY] [DLA 3708-1] exim4 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00002.html"
},
{
"name": "FEDORA-2024-1ef6197a49",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/"
},
{
"name": "FEDORA-2024-e0841c83bb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lwn.net/Articles/956533/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports \u003cLF\u003e.\u003cCR\u003e\u003cLF\u003e but some other popular e-mail servers do not."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:47:22.078Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"url": "https://exim.org/static/doc/security/CVE-2023-51766.txt"
},
{
"url": "https://bugs.exim.org/show_bug.cgi?id=3063"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/23/2"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"url": "https://git.exim.org/exim.git/commit/5bb786d5ad568a88d50d15452aacc8404047e5ca"
},
{
"url": "https://git.exim.org/exim.git/commit/cf1376206284f2a4f11e32d931d4aade34c206c5"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255852"
},
{
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"name": "[oss-security] 20231229 CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/2"
},
{
"url": "https://github.com/Exim/exim/blob/master/doc/doc-txt/cve-2023-51766"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/1"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/2"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/3"
},
{
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"name": "[debian-lts-announce] 20240105 [SECURITY] [DLA 3708-1] exim4 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00002.html"
},
{
"name": "FEDORA-2024-1ef6197a49",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/"
},
{
"name": "FEDORA-2024-e0841c83bb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/"
},
{
"url": "https://lwn.net/Articles/956533/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51766",
"datePublished": "2023-12-24T00:00:00.000Z",
"dateReserved": "2023-12-24T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:21:35.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4256 (GCVE-0-2023-4256)
Vulnerability from nvd – Published: 2023-12-21 16:03 – Updated: 2025-02-13 17:09
VLAI?
Title
Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
Summary
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.
Severity ?
5.5 (Medium)
CWE
- CWE-415 - Double Free
Assigner
References
Impacted products
Credits
Red Hat would like to thank iskindar97@gmail.com for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:04.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHBZ#2255212",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255212"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/appneta/tcpreplay/issues/813"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "tcpreplay",
"vendor": "n/a"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "tcpreplay",
"product": "Extra Packages for Enterprise Linux",
"vendor": "Fedora"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "tcpreplay",
"product": "Fedora",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank iskindar97@gmail.com for reporting this issue."
}
],
"datePublic": "2023-07-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Within tcpreplay\u0027s tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-24T02:06:07.371Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHBZ#2255212",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255212"
},
{
"url": "https://github.com/appneta/tcpreplay/issues/813"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-07-19T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-07-19T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c",
"x_redhatCweChain": "CWE-415: Double Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4256",
"datePublished": "2023-12-21T16:03:21.837Z",
"dateReserved": "2023-08-08T20:17:30.643Z",
"dateUpdated": "2025-02-13T17:09:26.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4255 (GCVE-0-2023-4255)
Vulnerability from nvd – Published: 2023-12-21 16:08 – Updated: 2025-02-13 17:09
VLAI?
Title
W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)
Summary
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.
Severity ?
5.5 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
Credits
Red Hat would like to thank iskindar97@gmail.com for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:03.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHBZ#2255207",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255207"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tats/w3m/issues/268"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tats/w3m/pull/273"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "w3m",
"vendor": "n/a"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "w3m",
"product": "Fedora",
"vendor": "Fedora"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "w3m",
"product": "Extra Packages for Enterprise Linux",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank iskindar97@gmail.com for reporting this issue."
}
],
"datePublic": "2023-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T02:06:14.580Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHBZ#2255207",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255207"
},
{
"url": "https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3"
},
{
"url": "https://github.com/tats/w3m/issues/268"
},
{
"url": "https://github.com/tats/w3m/pull/273"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-07-19T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-06-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)",
"x_redhatCweChain": "CWE-787: Out-of-bounds Write"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4255",
"datePublished": "2023-12-21T16:08:39.691Z",
"dateReserved": "2023-08-08T20:16:01.838Z",
"dateUpdated": "2025-02-13T17:09:26.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5764 (GCVE-0-2023-5764)
Vulnerability from nvd – Published: 2023-12-12 22:01 – Updated: 2025-11-20 18:07
VLAI?
Title
Ansible: template injection
Summary
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.
Severity ?
7.1 (High)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 |
Unaffected:
1:2.15.8-1.el8ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T03:55:28.216152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T19:39:40.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-10-25T13:07:31.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2023:7773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7773"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5764"
},
{
"name": "RHBZ#2247629",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247629"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20241025-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-core",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-core",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-core",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el9ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-core",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el9ap",
"versionType": "rpm"
}
]
}
],
"datePublic": "2023-11-02T12:57:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A template injection flaw was found in Ansible where a user\u0027s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T18:07:16.802Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:7773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7773"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5764"
},
{
"name": "RHBZ#2247629",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247629"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-02T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-11-02T12:57:00+00:00",
"value": "Made public."
}
],
"title": "Ansible: template injection",
"x_redhatCweChain": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-5764",
"datePublished": "2023-12-12T22:01:33.467Z",
"dateReserved": "2023-10-25T10:27:46.601Z",
"dateUpdated": "2025-11-20T18:07:16.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5341 (GCVE-0-2023-5341)
Vulnerability from nvd – Published: 2023-11-19 09:20 – Updated: 2025-11-20 17:58
VLAI?
Title
Imagemagick: heap use-after-free in coders/bmp.c
Summary
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
Severity ?
6.2 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|||||||
|
|||||||||
Credits
Red Hat would like to thank Hardik shah of Vehere (Dawn Treaders team) for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5341",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-02T20:55:18.795590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:32.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5341"
},
{
"name": "RHBZ#2241774",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "ImageMagick",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "ImageMagick",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Hardik shah of Vehere (Dawn Treaders team) for reporting this issue."
}
],
"datePublic": "2023-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap use-after-free flaw was found in coders/bmp.c in ImageMagick."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T17:58:36.783Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5341"
},
{
"name": "RHBZ#2241774",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774"
},
{
"url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-02T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-02T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Imagemagick: heap use-after-free in coders/bmp.c",
"x_redhatCweChain": "CWE-416: Use After Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-5341",
"datePublished": "2023-11-19T09:20:12.642Z",
"dateReserved": "2023-10-02T15:57:15.547Z",
"dateUpdated": "2025-11-20T17:58:36.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5543 (GCVE-0-2023-5543)
Vulnerability from nvd – Published: 2023-11-09 21:35 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: duplicating a bigbluebutton activity assigns the same meeting id
Summary
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5543",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T21:03:37.918205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T21:03:45.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-77795"
},
{
"name": "RHBZ#2243442",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243442"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451584"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:47:25.315Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-77795"
},
{
"name": "RHBZ#2243442",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243442"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451584"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: duplicating a bigbluebutton activity assigns the same meeting id",
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5543",
"datePublished": "2023-11-09T21:35:38.116Z",
"dateReserved": "2023-10-12T00:08:16.985Z",
"dateUpdated": "2024-08-02T07:59:44.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5551 (GCVE-0-2023-5551)
Vulnerability from nvd – Published: 2023-11-09 19:39 – Updated: 2024-09-04 13:24
VLAI?
Title
Moodle: forum summary report shows students from other groups when in separate groups mode
Summary
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79310"
},
{
"name": "RHBZ#2243453",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243453"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451592"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5551",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T13:23:28.368236Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T13:24:24.392Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:48:56.245Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79310"
},
{
"name": "RHBZ#2243453",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243453"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451592"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: forum summary report shows students from other groups when in separate groups mode",
"x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5551",
"datePublished": "2023-11-09T19:39:11.940Z",
"dateReserved": "2023-10-12T00:54:22.507Z",
"dateUpdated": "2024-09-04T13:24:24.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5550 (GCVE-0-2023-5550)
Vulnerability from nvd – Published: 2023-11-09 19:38 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: rce due to lfi risk in some misconfigured shared hosting environments
Summary
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
Severity ?
6.5 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moodle",
"vendor": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "custom"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T19:58:39.374445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T20:20:34.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-72249"
},
{
"name": "RHBZ#2243452",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243452"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451591"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "In a shared hosting environment that has been misconfigured to allow access to other users\u0027 content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:48:40.047Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-72249"
},
{
"name": "RHBZ#2243452",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243452"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451591"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: rce due to lfi risk in some misconfigured shared hosting environments",
"x_redhatCweChain": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5550",
"datePublished": "2023-11-09T19:38:08.611Z",
"dateReserved": "2023-10-12T00:50:39.990Z",
"dateUpdated": "2024-08-02T07:59:44.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5549 (GCVE-0-2023-5549)
Vulnerability from nvd – Published: 2023-11-09 19:37 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: insufficient capability checks when updating the parent of a course category
Summary
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5549",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T18:16:10.000934Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:45.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-66730"
},
{
"name": "RHBZ#2243451",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243451"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:48:38.114Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-66730"
},
{
"name": "RHBZ#2243451",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243451"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451590"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: insufficient capability checks when updating the parent of a course category",
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5549",
"datePublished": "2023-11-09T19:37:15.856Z",
"dateReserved": "2023-10-12T00:45:57.574Z",
"dateUpdated": "2024-08-02T07:59:44.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5548 (GCVE-0-2023-5548)
Vulnerability from nvd – Published: 2023-11-09 19:36 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: cache poisoning risk with endpoint revision numbers
Summary
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.
Severity ?
CWE
- CWE-349 - Acceptance of Extraneous Untrusted Data With Trusted Data
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-77846"
},
{
"name": "RHBZ#2243449",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243449"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451589"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-349",
"description": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:48:28.693Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-77846"
},
{
"name": "RHBZ#2243449",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243449"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451589"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: cache poisoning risk with endpoint revision numbers",
"x_redhatCweChain": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5548",
"datePublished": "2023-11-09T19:36:18.676Z",
"dateReserved": "2023-10-12T00:42:28.476Z",
"dateUpdated": "2024-08-02T07:59:44.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5545 (GCVE-0-2023-5545)
Vulnerability from nvd – Published: 2023-11-09 19:33 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: auto-populated h5p author name causes a potential information leak
Summary
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:moodle:h5p:4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "4.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:moodle:h5p:4.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "4.2"
}
]
},
{
"cpes": [
"cpe:2.3:a:moodle:h5p:4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "4.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:moodle:h5p:3.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "3.11"
}
]
},
{
"cpes": [
"cpe:2.3:a:moodle:h5p:3.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "3.9"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-22T19:58:29.250008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:46.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-78820"
},
{
"name": "RHBZ#2243444",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243444"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451586"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "H5P metadata automatically populated the author with the user\u0027s username, which could be sensitive information."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:47:42.679Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-78820"
},
{
"name": "RHBZ#2243444",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243444"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451586"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: auto-populated h5p author name causes a potential information leak",
"x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5545",
"datePublished": "2023-11-09T19:33:18.127Z",
"dateReserved": "2023-10-12T00:18:04.007Z",
"dateUpdated": "2024-08-02T07:59:44.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5542 (GCVE-0-2023-5542)
Vulnerability from nvd – Published: 2023-11-09 19:27 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: students can view other users in "only see own membership" groups
Summary
Students in "Only see own membership" groups could see other students in the group, which should be hidden.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:moodle:moodle:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moodle",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "4.2.2"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T17:05:11.480942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:41.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79213"
},
{
"name": "RHBZ#2243441",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243441"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"status": "affected",
"version": "4.2.2"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "Students in \"Only see own membership\" groups could see other students in the group, which should be hidden."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:47:21.258Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79213"
},
{
"name": "RHBZ#2243441",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243441"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451583"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: students can view other users in \"only see own membership\" groups",
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5542",
"datePublished": "2023-11-09T19:27:38.733Z",
"dateReserved": "2023-10-12T00:01:12.085Z",
"dateUpdated": "2024-08-02T07:59:44.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5540 (GCVE-0-2023-5540)
Vulnerability from nvd – Published: 2023-11-09 19:15 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: authenticated remote code execution risk in imscp
Summary
A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.
Severity ?
4.7 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-22T20:12:01.101624Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:35.961Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79409"
},
{
"name": "RHBZ#2243432",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243432"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:47:11.209Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79409"
},
{
"name": "RHBZ#2243432",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243432"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451581"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: authenticated remote code execution risk in imscp",
"x_redhatCweChain": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5540",
"datePublished": "2023-11-09T19:15:53.821Z",
"dateReserved": "2023-10-11T23:39:10.773Z",
"dateUpdated": "2024-08-02T07:59:44.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5539 (GCVE-0-2023-5539)
Vulnerability from nvd – Published: 2023-11-09 19:11 – Updated: 2024-09-03 18:29
VLAI?
Title
Moodle: authenticated remote code execution risk in lesson
Summary
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.
Severity ?
4.7 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79408"
},
{
"name": "RHBZ#2243352",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243352"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451580"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moodle",
"vendor": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5539",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T18:23:49.115260Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T18:29:00.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T04:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:47:09.393Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79408"
},
{
"name": "RHBZ#2243352",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243352"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451580"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T04:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: authenticated remote code execution risk in lesson",
"x_redhatCweChain": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5539",
"datePublished": "2023-11-09T19:11:06.859Z",
"dateReserved": "2023-10-11T23:11:25.576Z",
"dateUpdated": "2024-09-03T18:29:00.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6395 (GCVE-0-2023-6395)
Vulnerability from cvelistv5 – Published: 2024-01-16 14:33 – Updated: 2025-02-13 17:26
VLAI?
Title
Mock: privilege escalation for users that can access mock configuration
Summary
The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.
Severity ?
6.7 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| n/a | mock | ||||||||||||||||||
|
|||||||||||||||||||
Credits
Red Hat would like to thank Sankin Nikita Alexeevich for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6395"
},
{
"name": "RHBZ#2252206",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252206"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xsuchy/templated-dictionary/commit/0740bd0ca8d487301881541028977d120f8b8933"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6f5d98c4ef4e4b69"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBFYREAJH4T7GXXQZ4GJEREN4Q3AHS3K/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SP2BJC2AFLFJJAEHPGZ3ZINTBTI7AN/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T20:10:59.775490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T20:12:04.076Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "mock",
"vendor": "n/a"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "mock",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "mock",
"product": "Extra Packages for Enterprise Linux",
"vendor": "Fedora"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "mock",
"product": "Fedora",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Sankin Nikita Alexeevich for reporting this issue."
}
],
"datePublic": "2024-01-16T13:52:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T02:06:16.059Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6395"
},
{
"name": "RHBZ#2252206",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252206"
},
{
"url": "https://github.com/xsuchy/templated-dictionary/commit/0740bd0ca8d487301881541028977d120f8b8933"
},
{
"url": "https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6f5d98c4ef4e4b69"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/3"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBFYREAJH4T7GXXQZ4GJEREN4Q3AHS3K/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SP2BJC2AFLFJJAEHPGZ3ZINTBTI7AN/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-30T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-01-16T13:52:00+00:00",
"value": "Made public."
}
],
"title": "Mock: privilege escalation for users that can access mock configuration",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-20: Improper Input Validation"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-6395",
"datePublished": "2024-01-16T14:33:02.308Z",
"dateReserved": "2023-11-30T05:34:50.920Z",
"dateUpdated": "2025-02-13T17:26:22.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0232 (GCVE-0-2024-0232)
Vulnerability from cvelistv5 – Published: 2024-01-16 14:01 – Updated: 2025-11-21 06:24
VLAI?
Title
Sqlite: use-after-free bug in jsonparseaddnodearray
Summary
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.
Severity ?
4.7 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Affected:
0 , < 3.43.2
(semver)
|
|||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-13T20:18:59.193130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-13T20:19:06.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0232"
},
{
"name": "RHBZ#2243754",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243754"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240315-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.sqlite.org/download.html",
"defaultStatus": "unaffected",
"packageName": "sqlite",
"versions": [
{
"lessThan": "3.43.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "sqlite",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "sqlite",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "mingw-sqlite",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "sqlite",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "sqlite",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2023-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T06:24:19.419Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0232"
},
{
"name": "RHBZ#2243754",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243754"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-12T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Sqlite: use-after-free bug in jsonparseaddnodearray",
"x_redhatCweChain": "CWE-416: Use After Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-0232",
"datePublished": "2024-01-16T14:01:58.505Z",
"dateReserved": "2024-01-04T12:11:09.709Z",
"dateUpdated": "2025-11-21T06:24:19.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-51766 (GCVE-0-2023-51766)
Vulnerability from cvelistv5 – Published: 2023-12-24 00:00 – Updated: 2025-11-04 18:21
VLAI?
Summary
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:21:35.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"tags": [
"x_transferred"
],
"url": "https://exim.org/static/doc/security/CVE-2023-51766.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.exim.org/show_bug.cgi?id=3063"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/23/2"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.exim.org/exim.git/commit/5bb786d5ad568a88d50d15452aacc8404047e5ca"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.exim.org/exim.git/commit/cf1376206284f2a4f11e32d931d4aade34c206c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255852"
},
{
"tags": [
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"name": "[oss-security] 20231229 CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Exim/exim/blob/master/doc/doc-txt/cve-2023-51766"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/1"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/2"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"name": "[debian-lts-announce] 20240105 [SECURITY] [DLA 3708-1] exim4 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00002.html"
},
{
"name": "FEDORA-2024-1ef6197a49",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/"
},
{
"name": "FEDORA-2024-e0841c83bb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lwn.net/Articles/956533/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports \u003cLF\u003e.\u003cCR\u003e\u003cLF\u003e but some other popular e-mail servers do not."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:47:22.078Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"url": "https://exim.org/static/doc/security/CVE-2023-51766.txt"
},
{
"url": "https://bugs.exim.org/show_bug.cgi?id=3063"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/23/2"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"url": "https://git.exim.org/exim.git/commit/5bb786d5ad568a88d50d15452aacc8404047e5ca"
},
{
"url": "https://git.exim.org/exim.git/commit/cf1376206284f2a4f11e32d931d4aade34c206c5"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255852"
},
{
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"name": "[oss-security] 20231229 CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/2"
},
{
"url": "https://github.com/Exim/exim/blob/master/doc/doc-txt/cve-2023-51766"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/1"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/2"
},
{
"name": "[oss-security] 20240101 Re: CVE-2023-51766: Exim: SMTP smuggling",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/01/3"
},
{
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"name": "[debian-lts-announce] 20240105 [SECURITY] [DLA 3708-1] exim4 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00002.html"
},
{
"name": "FEDORA-2024-1ef6197a49",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/"
},
{
"name": "FEDORA-2024-e0841c83bb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/"
},
{
"url": "https://lwn.net/Articles/956533/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51766",
"datePublished": "2023-12-24T00:00:00.000Z",
"dateReserved": "2023-12-24T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:21:35.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4255 (GCVE-0-2023-4255)
Vulnerability from cvelistv5 – Published: 2023-12-21 16:08 – Updated: 2025-02-13 17:09
VLAI?
Title
W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)
Summary
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.
Severity ?
5.5 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
Credits
Red Hat would like to thank iskindar97@gmail.com for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:03.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHBZ#2255207",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255207"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tats/w3m/issues/268"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tats/w3m/pull/273"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "w3m",
"vendor": "n/a"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "w3m",
"product": "Fedora",
"vendor": "Fedora"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "w3m",
"product": "Extra Packages for Enterprise Linux",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank iskindar97@gmail.com for reporting this issue."
}
],
"datePublic": "2023-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T02:06:14.580Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHBZ#2255207",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255207"
},
{
"url": "https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3"
},
{
"url": "https://github.com/tats/w3m/issues/268"
},
{
"url": "https://github.com/tats/w3m/pull/273"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-07-19T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-06-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)",
"x_redhatCweChain": "CWE-787: Out-of-bounds Write"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4255",
"datePublished": "2023-12-21T16:08:39.691Z",
"dateReserved": "2023-08-08T20:16:01.838Z",
"dateUpdated": "2025-02-13T17:09:26.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4256 (GCVE-0-2023-4256)
Vulnerability from cvelistv5 – Published: 2023-12-21 16:03 – Updated: 2025-02-13 17:09
VLAI?
Title
Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
Summary
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.
Severity ?
5.5 (Medium)
CWE
- CWE-415 - Double Free
Assigner
References
Impacted products
Credits
Red Hat would like to thank iskindar97@gmail.com for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:04.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHBZ#2255212",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255212"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/appneta/tcpreplay/issues/813"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "tcpreplay",
"vendor": "n/a"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "tcpreplay",
"product": "Extra Packages for Enterprise Linux",
"vendor": "Fedora"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "tcpreplay",
"product": "Fedora",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank iskindar97@gmail.com for reporting this issue."
}
],
"datePublic": "2023-07-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Within tcpreplay\u0027s tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-24T02:06:07.371Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHBZ#2255212",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255212"
},
{
"url": "https://github.com/appneta/tcpreplay/issues/813"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-07-19T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-07-19T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c",
"x_redhatCweChain": "CWE-415: Double Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4256",
"datePublished": "2023-12-21T16:03:21.837Z",
"dateReserved": "2023-08-08T20:17:30.643Z",
"dateUpdated": "2025-02-13T17:09:26.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5764 (GCVE-0-2023-5764)
Vulnerability from cvelistv5 – Published: 2023-12-12 22:01 – Updated: 2025-11-20 18:07
VLAI?
Title
Ansible: template injection
Summary
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.
Severity ?
7.1 (High)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 |
Unaffected:
1:2.15.8-1.el8ap , < *
(rpm)
cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T03:55:28.216152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T19:39:40.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-10-25T13:07:31.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2023:7773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7773"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5764"
},
{
"name": "RHBZ#2247629",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247629"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20241025-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-core",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-core",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-core",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el9ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"packageName": "ansible-core",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.15.8-1.el9ap",
"versionType": "rpm"
}
]
}
],
"datePublic": "2023-11-02T12:57:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A template injection flaw was found in Ansible where a user\u0027s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T18:07:16.802Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:7773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7773"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5764"
},
{
"name": "RHBZ#2247629",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247629"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-02T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-11-02T12:57:00+00:00",
"value": "Made public."
}
],
"title": "Ansible: template injection",
"x_redhatCweChain": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-5764",
"datePublished": "2023-12-12T22:01:33.467Z",
"dateReserved": "2023-10-25T10:27:46.601Z",
"dateUpdated": "2025-11-20T18:07:16.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5341 (GCVE-0-2023-5341)
Vulnerability from cvelistv5 – Published: 2023-11-19 09:20 – Updated: 2025-11-20 17:58
VLAI?
Title
Imagemagick: heap use-after-free in coders/bmp.c
Summary
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
Severity ?
6.2 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|||||||
|
|||||||||
Credits
Red Hat would like to thank Hardik shah of Vehere (Dawn Treaders team) for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5341",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-02T20:55:18.795590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:32.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5341"
},
{
"name": "RHBZ#2241774",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "ImageMagick",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "ImageMagick",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Hardik shah of Vehere (Dawn Treaders team) for reporting this issue."
}
],
"datePublic": "2023-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap use-after-free flaw was found in coders/bmp.c in ImageMagick."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T17:58:36.783Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5341"
},
{
"name": "RHBZ#2241774",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774"
},
{
"url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-02T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-02T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Imagemagick: heap use-after-free in coders/bmp.c",
"x_redhatCweChain": "CWE-416: Use After Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-5341",
"datePublished": "2023-11-19T09:20:12.642Z",
"dateReserved": "2023-10-02T15:57:15.547Z",
"dateUpdated": "2025-11-20T17:58:36.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5543 (GCVE-0-2023-5543)
Vulnerability from cvelistv5 – Published: 2023-11-09 21:35 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: duplicating a bigbluebutton activity assigns the same meeting id
Summary
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5543",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T21:03:37.918205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T21:03:45.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-77795"
},
{
"name": "RHBZ#2243442",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243442"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451584"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:47:25.315Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-77795"
},
{
"name": "RHBZ#2243442",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243442"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451584"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: duplicating a bigbluebutton activity assigns the same meeting id",
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5543",
"datePublished": "2023-11-09T21:35:38.116Z",
"dateReserved": "2023-10-12T00:08:16.985Z",
"dateUpdated": "2024-08-02T07:59:44.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5551 (GCVE-0-2023-5551)
Vulnerability from cvelistv5 – Published: 2023-11-09 19:39 – Updated: 2024-09-04 13:24
VLAI?
Title
Moodle: forum summary report shows students from other groups when in separate groups mode
Summary
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79310"
},
{
"name": "RHBZ#2243453",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243453"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451592"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5551",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T13:23:28.368236Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T13:24:24.392Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:48:56.245Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79310"
},
{
"name": "RHBZ#2243453",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243453"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451592"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: forum summary report shows students from other groups when in separate groups mode",
"x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5551",
"datePublished": "2023-11-09T19:39:11.940Z",
"dateReserved": "2023-10-12T00:54:22.507Z",
"dateUpdated": "2024-09-04T13:24:24.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5550 (GCVE-0-2023-5550)
Vulnerability from cvelistv5 – Published: 2023-11-09 19:38 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: rce due to lfi risk in some misconfigured shared hosting environments
Summary
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.
Severity ?
6.5 (Medium)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moodle",
"vendor": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "custom"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T19:58:39.374445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T20:20:34.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-72249"
},
{
"name": "RHBZ#2243452",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243452"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451591"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "In a shared hosting environment that has been misconfigured to allow access to other users\u0027 content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:48:40.047Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-72249"
},
{
"name": "RHBZ#2243452",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243452"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451591"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: rce due to lfi risk in some misconfigured shared hosting environments",
"x_redhatCweChain": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5550",
"datePublished": "2023-11-09T19:38:08.611Z",
"dateReserved": "2023-10-12T00:50:39.990Z",
"dateUpdated": "2024-08-02T07:59:44.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5549 (GCVE-0-2023-5549)
Vulnerability from cvelistv5 – Published: 2023-11-09 19:37 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: insufficient capability checks when updating the parent of a course category
Summary
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5549",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T18:16:10.000934Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:45.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-66730"
},
{
"name": "RHBZ#2243451",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243451"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:48:38.114Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-66730"
},
{
"name": "RHBZ#2243451",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243451"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451590"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: insufficient capability checks when updating the parent of a course category",
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5549",
"datePublished": "2023-11-09T19:37:15.856Z",
"dateReserved": "2023-10-12T00:45:57.574Z",
"dateUpdated": "2024-08-02T07:59:44.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5548 (GCVE-0-2023-5548)
Vulnerability from cvelistv5 – Published: 2023-11-09 19:36 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: cache poisoning risk with endpoint revision numbers
Summary
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.
Severity ?
CWE
- CWE-349 - Acceptance of Extraneous Untrusted Data With Trusted Data
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-77846"
},
{
"name": "RHBZ#2243449",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243449"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451589"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-349",
"description": "Acceptance of Extraneous Untrusted Data With Trusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:48:28.693Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-77846"
},
{
"name": "RHBZ#2243449",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243449"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451589"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: cache poisoning risk with endpoint revision numbers",
"x_redhatCweChain": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5548",
"datePublished": "2023-11-09T19:36:18.676Z",
"dateReserved": "2023-10-12T00:42:28.476Z",
"dateUpdated": "2024-08-02T07:59:44.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5545 (GCVE-0-2023-5545)
Vulnerability from cvelistv5 – Published: 2023-11-09 19:33 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: auto-populated h5p author name causes a potential information leak
Summary
H5P metadata automatically populated the author with the user's username, which could be sensitive information.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:moodle:h5p:4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "4.1"
}
]
},
{
"cpes": [
"cpe:2.3:a:moodle:h5p:4.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "4.2"
}
]
},
{
"cpes": [
"cpe:2.3:a:moodle:h5p:4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "4.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:moodle:h5p:3.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "3.11"
}
]
},
{
"cpes": [
"cpe:2.3:a:moodle:h5p:3.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "h5p",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "3.9"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-22T19:58:29.250008Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:46.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-78820"
},
{
"name": "RHBZ#2243444",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243444"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451586"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "4.0.11",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.11.17",
"status": "affected",
"version": "3.11.0",
"versionType": "semver"
},
{
"lessThan": "3.9.24",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "H5P metadata automatically populated the author with the user\u0027s username, which could be sensitive information."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:47:42.679Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-78820"
},
{
"name": "RHBZ#2243444",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243444"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451586"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: auto-populated h5p author name causes a potential information leak",
"x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5545",
"datePublished": "2023-11-09T19:33:18.127Z",
"dateReserved": "2023-10-12T00:18:04.007Z",
"dateUpdated": "2024-08-02T07:59:44.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5542 (GCVE-0-2023-5542)
Vulnerability from cvelistv5 – Published: 2023-11-09 19:27 – Updated: 2024-08-02 07:59
VLAI?
Title
Moodle: students can view other users in "only see own membership" groups
Summary
Students in "Only see own membership" groups could see other students in the group, which should be hidden.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:moodle:moodle:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "moodle",
"vendor": "moodle",
"versions": [
{
"status": "affected",
"version": "4.2.2"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T17:05:11.480942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:41.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79213"
},
{
"name": "RHBZ#2243441",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243441"
},
{
"tags": [
"x_transferred"
],
"url": "https://moodle.org/mod/forum/discuss.php?d=451583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.moodle.org",
"defaultStatus": "unaffected",
"packageName": "moodle",
"versions": [
{
"status": "affected",
"version": "4.2.2"
}
]
}
],
"datePublic": "2023-10-16T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "Students in \"Only see own membership\" groups could see other students in the group, which should be hidden."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T13:47:21.258Z",
"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"shortName": "fedora"
},
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-79213"
},
{
"name": "RHBZ#2243441",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243441"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=451583"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-16T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Moodle: students can view other users in \"only see own membership\" groups",
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
"assignerShortName": "fedora",
"cveId": "CVE-2023-5542",
"datePublished": "2023-11-09T19:27:38.733Z",
"dateReserved": "2023-10-12T00:01:12.085Z",
"dateUpdated": "2024-08-02T07:59:44.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}