https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 30 May 2026 17:34:08 +0000 https://db.gcve.eu/sighting/48ebc8cd-2645-4e55-b409-cf2097a636c5/export {"uuid": "48ebc8cd-2645-4e55-b409-cf2097a636c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23506", "type": "seen", "source": "https://t.me/cibsecurity/55838", "content": "\u203c CVE-2022-23506 \u203c\n\nSpinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images. Rosco prior to versions 1.29.2, 1.28.4, and 1.27.3 does not property mask secrets generated via packer builds. This can lead to exposure of sensitive AWS credentials in packer log files. Versions 1.29.2, 1.28.4, and 1.27.3 of Rosco contain fixes for this issue. A workaround is available. It's recommended to use short lived credentials via role assumption and IAM profiles. Additionally, credentials can be set in `/home/spinnaker/.aws/credentials` and `/home/spinnaker/.aws/config` as a volume mount for Rosco pods vs. setting credentials in roscos bake config properties. Last even with those it's recommend to use IAM Roles vs. long lived credentials. This drastically mitigates the risk of credentials exposure. If users have used static credentials, it's recommended to purge any bake logs for AWS, evaluate whether AWS_ACCESS_KEY, SECRET_KEY and/or other sensitive data has been introduced in log files and bake job logs. Then, rotate these credentials and evaluate potential improper use of those credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T00:17:46.000000Z"} {"uuid": "48ebc8cd-2645-4e55-b409-cf2097a636c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23506", "type": "seen", "source": "https://t.me/cibsecurity/55838", "content": "\u203c CVE-2022-23506 \u203c\n\nSpinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images. Rosco prior to versions 1.29.2, 1.28.4, and 1.27.3 does not property mask secrets generated via packer builds. This can lead to exposure of sensitive AWS credentials in packer log files. Versions 1.29.2, 1.28.4, and 1.27.3 of Rosco contain fixes for this issue. A workaround is available. It's recommended to use short lived credentials via role assumption and IAM profiles. Additionally, credentials can be set in `/home/spinnaker/.aws/credentials` and `/home/spinnaker/.aws/config` as a volume mount for Rosco pods vs. setting credentials in roscos bake config properties. Last even with those it's recommend to use IAM Roles vs. long lived credentials. This drastically mitigates the risk of credentials exposure. If users have used static credentials, it's recommended to purge any bake logs for AWS, evaluate whether AWS_ACCESS_KEY, SECRET_KEY and/or other sensitive data has been introduced in log files and bake job logs. Then, rotate these credentials and evaluate potential improper use of those credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T00:17:46.000000Z"} https://db.gcve.eu/sighting/48ebc8cd-2645-4e55-b409-cf2097a636c5/export Wed, 04 Jan 2023 00:17:46 +0000 https://db.gcve.eu/sighting/7d507c2e-31e5-4230-b584-81dfdf2bddb1/export {"uuid": "7d507c2e-31e5-4230-b584-81dfdf2bddb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23509", "type": "seen", "source": "https://t.me/cibsecurity/56154", "content": "\u203c CVE-2022-23509 \u203c\n\nWeave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps Run and the local S3 bucket is not encrypted. This allows privileged users or process to tap the local traffic to gain information permitting access to the s3 bucket. From that point, it would be possible to alter the bucket content, resulting in changes in the Kubernetes cluster's resources. There are no known workaround(s) for this vulnerability. This vulnerability has been fixed by commits ce2bbff and babd915. Users should upgrade to Weave GitOps version >= v0.12.0 released on 08/12/2022.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-09T16:27:33.000000Z"} {"uuid": "7d507c2e-31e5-4230-b584-81dfdf2bddb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23509", "type": "seen", "source": "https://t.me/cibsecurity/56154", "content": "\u203c CVE-2022-23509 \u203c\n\nWeave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps Run and the local S3 bucket is not encrypted. This allows privileged users or process to tap the local traffic to gain information permitting access to the s3 bucket. From that point, it would be possible to alter the bucket content, resulting in changes in the Kubernetes cluster's resources. There are no known workaround(s) for this vulnerability. This vulnerability has been fixed by commits ce2bbff and babd915. Users should upgrade to Weave GitOps version >= v0.12.0 released on 08/12/2022.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-09T16:27:33.000000Z"} https://db.gcve.eu/sighting/7d507c2e-31e5-4230-b584-81dfdf2bddb1/export Mon, 09 Jan 2023 16:27:33 +0000 https://db.gcve.eu/sighting/da210ae0-9450-4e6f-876d-27b132124f60/export {"uuid": "da210ae0-9450-4e6f-876d-27b132124f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23508", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/56155", "content": "\u203c CVE-2022-23508 \u203c\n\nWeave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in GitOps run could allow a local user or process to alter a Kubernetes cluster's resources. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. Its endpoint had no security controls to block unauthorized access, therefore allowing local users (and processes) on the same machine to see and alter the bucket content. By leveraging this vulnerability, an attacker could pick a workload of their choosing and inject it into the S3 bucket, which resulted in the successful deployment in the target cluster, without the need to provide any credentials to either the S3 bucket nor the target Kubernetes cluster. There are no known workarounds for this issue, please upgrade. This vulnerability has been fixed by commits 75268c4 and 966823b. Users should upgrade to Weave GitOps version >= v0.12.0 released on 08/12/2022. ### Workarounds There is no workaround for this vulnerability. ### References Disclosed by Paulo Gomes, Senior Software Engineer, Weaveworks. ### For more information If you have any questions or comments about this advisory: - Open an issue in [Weave GitOps repository](https://github.com/weaveworks/weave-gitops) - Email us at [support@weave.works](mailto:support@weave.works)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-09T16:27:34.000000Z"} {"uuid": "da210ae0-9450-4e6f-876d-27b132124f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23508", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/56155", "content": "\u203c CVE-2022-23508 \u203c\n\nWeave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in GitOps run could allow a local user or process to alter a Kubernetes cluster's resources. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. Its endpoint had no security controls to block unauthorized access, therefore allowing local users (and processes) on the same machine to see and alter the bucket content. By leveraging this vulnerability, an attacker could pick a workload of their choosing and inject it into the S3 bucket, which resulted in the successful deployment in the target cluster, without the need to provide any credentials to either the S3 bucket nor the target Kubernetes cluster. There are no known workarounds for this issue, please upgrade. This vulnerability has been fixed by commits 75268c4 and 966823b. Users should upgrade to Weave GitOps version >= v0.12.0 released on 08/12/2022. ### Workarounds There is no workaround for this vulnerability. ### References Disclosed by Paulo Gomes, Senior Software Engineer, Weaveworks. ### For more information If you have any questions or comments about this advisory: - Open an issue in [Weave GitOps repository](https://github.com/weaveworks/weave-gitops) - Email us at [support@weave.works](mailto:support@weave.works)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-09T16:27:34.000000Z"} https://db.gcve.eu/sighting/da210ae0-9450-4e6f-876d-27b132124f60/export Mon, 09 Jan 2023 16:27:34 +0000 https://db.gcve.eu/sighting/54bfe44b-c345-49ac-a4e6-343cd226e392/export {"uuid": "54bfe44b-c345-49ac-a4e6-343cd226e392", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23506", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7059", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23506\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images. Rosco prior to versions 1.29.2, 1.28.4, and 1.27.3 does not property mask secrets generated via packer builds. This can lead to exposure of sensitive AWS credentials in packer log files. Versions 1.29.2, 1.28.4, and 1.27.3 of Rosco contain fixes for this issue.\n\nA workaround is available. It's recommended to use short lived credentials via role assumption and IAM profiles. Additionally, credentials can be set in `/home/spinnaker/.aws/credentials` and `/home/spinnaker/.aws/config` as a volume mount for Rosco pods vs. setting credentials in roscos bake config properties. Last even with those it's recommend to use IAM Roles vs. long lived credentials. This drastically mitigates the risk of credentials exposure. If users have used static credentials, it's recommended to purge any bake logs for AWS, evaluate whether AWS_ACCESS_KEY, SECRET_KEY and/or other sensitive data has been introduced in log files and bake job logs. Then, rotate these credentials and evaluate potential improper use of those credentials.\n\ud83d\udccf Published: 2023-01-03T20:04:25.392Z\n\ud83d\udccf Modified: 2025-03-10T21:33:14.857Z\n\ud83d\udd17 References:\n1. https://github.com/spinnaker/spinnaker/security/advisories/GHSA-2233-cqj8-j2q5\n2. https://github.com/spinnaker/rosco/commit/e80cfaa1abfb3a0e9026d45d6027291bfb815daf", "creation_timestamp": "2025-03-10T21:39:11.000000Z"} {"uuid": "54bfe44b-c345-49ac-a4e6-343cd226e392", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23506", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7059", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23506\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images. Rosco prior to versions 1.29.2, 1.28.4, and 1.27.3 does not property mask secrets generated via packer builds. This can lead to exposure of sensitive AWS credentials in packer log files. Versions 1.29.2, 1.28.4, and 1.27.3 of Rosco contain fixes for this issue.\n\nA workaround is available. It's recommended to use short lived credentials via role assumption and IAM profiles. Additionally, credentials can be set in `/home/spinnaker/.aws/credentials` and `/home/spinnaker/.aws/config` as a volume mount for Rosco pods vs. setting credentials in roscos bake config properties. Last even with those it's recommend to use IAM Roles vs. long lived credentials. This drastically mitigates the risk of credentials exposure. If users have used static credentials, it's recommended to purge any bake logs for AWS, evaluate whether AWS_ACCESS_KEY, SECRET_KEY and/or other sensitive data has been introduced in log files and bake job logs. Then, rotate these credentials and evaluate potential improper use of those credentials.\n\ud83d\udccf Published: 2023-01-03T20:04:25.392Z\n\ud83d\udccf Modified: 2025-03-10T21:33:14.857Z\n\ud83d\udd17 References:\n1. https://github.com/spinnaker/spinnaker/security/advisories/GHSA-2233-cqj8-j2q5\n2. https://github.com/spinnaker/rosco/commit/e80cfaa1abfb3a0e9026d45d6027291bfb815daf", "creation_timestamp": "2025-03-10T21:39:11.000000Z"} https://db.gcve.eu/sighting/54bfe44b-c345-49ac-a4e6-343cd226e392/export Mon, 10 Mar 2025 21:39:11 +0000 https://db.gcve.eu/sighting/54037633-5759-429e-874f-d4e656511725/export {"uuid": "54037633-5759-429e-874f-d4e656511725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23507", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12492", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23507\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Tendermint is a high-performance blockchain consensus engine for Byzantine fault tolerant applications. Versions prior to 0.28.0 contain a potential attack via Improper Verification of Cryptographic Signature, affecting anyone using the tendermint-light-client and related packages to perform light client verification (e.g. IBC-rs, Hermes). The light client does not check that the chain IDs of the trusted and untrusted headers match, resulting in a possible attack vector where someone who finds a header from an untrusted chain that satisfies all other verification conditions (e.g. enough overlapping validator signatures) could fool a light client. The attack vector is currently theoretical, and no proof-of-concept exists yet to exploit it on live networks. This issue is patched in version 0.28.0. There are no workarounds.\n\ud83d\udccf Published: 2022-12-15T00:01:04.540Z\n\ud83d\udccf Modified: 2025-04-18T15:59:54.978Z\n\ud83d\udd17 References:\n1. https://github.com/informalsystems/tendermint-rs/security/advisories/GHSA-xqqc-c5gw-c5r5", "creation_timestamp": "2025-04-18T16:59:06.000000Z"} {"uuid": "54037633-5759-429e-874f-d4e656511725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23507", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12492", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23507\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Tendermint is a high-performance blockchain consensus engine for Byzantine fault tolerant applications. Versions prior to 0.28.0 contain a potential attack via Improper Verification of Cryptographic Signature, affecting anyone using the tendermint-light-client and related packages to perform light client verification (e.g. IBC-rs, Hermes). The light client does not check that the chain IDs of the trusted and untrusted headers match, resulting in a possible attack vector where someone who finds a header from an untrusted chain that satisfies all other verification conditions (e.g. enough overlapping validator signatures) could fool a light client. The attack vector is currently theoretical, and no proof-of-concept exists yet to exploit it on live networks. This issue is patched in version 0.28.0. There are no workarounds.\n\ud83d\udccf Published: 2022-12-15T00:01:04.540Z\n\ud83d\udccf Modified: 2025-04-18T15:59:54.978Z\n\ud83d\udd17 References:\n1. https://github.com/informalsystems/tendermint-rs/security/advisories/GHSA-xqqc-c5gw-c5r5", "creation_timestamp": "2025-04-18T16:59:06.000000Z"} https://db.gcve.eu/sighting/54037633-5759-429e-874f-d4e656511725/export Fri, 18 Apr 2025 16:59:06 +0000 https://db.gcve.eu/sighting/c912438c-e009-4d96-a1b8-aa427d6e2a66/export {"uuid": "c912438c-e009-4d96-a1b8-aa427d6e2a66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23503", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12525", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23503\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible to inject code instructions to be processed and executed via TypoScript as PHP code. The existence of individual TypoScript instructions for a particular form item and a valid backend user account with access to the form module are needed to exploit this vulnerability. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:51:03.984Z\n\ud83d\udccf Modified: 2025-04-18T18:24:23.086Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-c5wx-6c2c-f7rm", "creation_timestamp": "2025-04-18T18:58:47.000000Z"} {"uuid": "c912438c-e009-4d96-a1b8-aa427d6e2a66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23503", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12525", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23503\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible to inject code instructions to be processed and executed via TypoScript as PHP code. The existence of individual TypoScript instructions for a particular form item and a valid backend user account with access to the form module are needed to exploit this vulnerability. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:51:03.984Z\n\ud83d\udccf Modified: 2025-04-18T18:24:23.086Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-c5wx-6c2c-f7rm", "creation_timestamp": "2025-04-18T18:58:47.000000Z"} https://db.gcve.eu/sighting/c912438c-e009-4d96-a1b8-aa427d6e2a66/export Fri, 18 Apr 2025 18:58:47 +0000 https://db.gcve.eu/sighting/a00b43fb-1b12-4664-aeed-9b291fe7060c/export {"uuid": "a00b43fb-1b12-4664-aeed-9b291fe7060c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23500", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12668", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23500\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This vulnerability is very similar, but not identical, to the one described in CVE-2021-21359. This issue is patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20 or 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:07:05.039Z\n\ud83d\udccf Modified: 2025-04-21T14:54:11.819Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-8c28-5mp7-v24h", "creation_timestamp": "2025-04-21T15:02:46.000000Z"} {"uuid": "a00b43fb-1b12-4664-aeed-9b291fe7060c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23500", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12668", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23500\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. In versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded. This vulnerability is very similar, but not identical, to the one described in CVE-2021-21359. This issue is patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20 or 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:07:05.039Z\n\ud83d\udccf Modified: 2025-04-21T14:54:11.819Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-8c28-5mp7-v24h", "creation_timestamp": "2025-04-21T15:02:46.000000Z"} https://db.gcve.eu/sighting/a00b43fb-1b12-4664-aeed-9b291fe7060c/export Mon, 21 Apr 2025 15:02:46 +0000 https://db.gcve.eu/sighting/1fca6092-de7c-4b4b-b334-5a9195fde98f/export {"uuid": "1fca6092-de7c-4b4b-b334-5a9195fde98f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23502", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12734", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23502\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. In versions prior to 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This applied to both frontend user sessions and backend user sessions. This issue is patched in versions 10.4.33, 11.5.20, 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:34:21.327Z\n\ud83d\udccf Modified: 2025-04-21T18:47:37.345Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-mgj2-q8wp-29rr", "creation_timestamp": "2025-04-21T19:02:14.000000Z"} {"uuid": "1fca6092-de7c-4b4b-b334-5a9195fde98f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23502", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12734", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23502\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. In versions prior to 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This applied to both frontend user sessions and backend user sessions. This issue is patched in versions 10.4.33, 11.5.20, 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:34:21.327Z\n\ud83d\udccf Modified: 2025-04-21T18:47:37.345Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-mgj2-q8wp-29rr", "creation_timestamp": "2025-04-21T19:02:14.000000Z"} https://db.gcve.eu/sighting/1fca6092-de7c-4b4b-b334-5a9195fde98f/export Mon, 21 Apr 2025 19:02:14 +0000 https://db.gcve.eu/sighting/bd33da8c-fe21-439d-9d7c-57f7ab8a5345/export {"uuid": "bd33da8c-fe21-439d-9d7c-57f7ab8a5345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23501", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12733", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23501\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account - however, credentials must be known to the adversary. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:23:46.127Z\n\ud83d\udccf Modified: 2025-04-21T18:48:09.949Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf", "creation_timestamp": "2025-04-21T19:02:14.000000Z"} {"uuid": "bd33da8c-fe21-439d-9d7c-57f7ab8a5345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23501", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12733", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23501\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account - however, credentials must be known to the adversary. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:23:46.127Z\n\ud83d\udccf Modified: 2025-04-21T18:48:09.949Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-jfp7-79g7-89rf", "creation_timestamp": "2025-04-21T19:02:14.000000Z"} https://db.gcve.eu/sighting/bd33da8c-fe21-439d-9d7c-57f7ab8a5345/export Mon, 21 Apr 2025 19:02:14 +0000 https://db.gcve.eu/sighting/e625a87d-70eb-44d6-b171-0261518af9b0/export {"uuid": "e625a87d-70eb-44d6-b171-0261518af9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23504", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12750", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23504\n\ud83d\udd25 CVSS Score: 5.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messages of other website visitors. A valid backend user account having administrator privileges is needed to exploit this vulnerability. This issue has been patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:58:05.232Z\n\ud83d\udccf Modified: 2025-04-21T19:21:19.354Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-8w3p-qh3x-6gjr", "creation_timestamp": "2025-04-21T20:03:22.000000Z"} {"uuid": "e625a87d-70eb-44d6-b171-0261518af9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23504", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12750", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23504\n\ud83d\udd25 CVSS Score: 5.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L)\n\ud83d\udd39 Description: TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messages of other website visitors. A valid backend user account having administrator privileges is needed to exploit this vulnerability. This issue has been patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.\n\ud83d\udccf Published: 2022-12-14T07:58:05.232Z\n\ud83d\udccf Modified: 2025-04-21T19:21:19.354Z\n\ud83d\udd17 References:\n1. https://github.com/TYPO3/typo3/security/advisories/GHSA-8w3p-qh3x-6gjr", "creation_timestamp": "2025-04-21T20:03:22.000000Z"} https://db.gcve.eu/sighting/e625a87d-70eb-44d6-b171-0261518af9b0/export Mon, 21 Apr 2025 20:03:22 +0000