{"vulnerability": "CVE-2022-2352", "sightings": [{"uuid": "ce9c23e5-31f2-4df1-acfe-91eaaf911220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/239", "content": "\u26a0\ufe0f Zero-Day: Vulnerability in JWT Secret Poisoning (CVE-2022-23529).\n\nhttps://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23529", "creation_timestamp": "2023-01-11T21:38:18.000000Z"}, {"uuid": "56849d01-6021-4854-8282-778c29fb2732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23526", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12496", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23526\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The _chartutil_ package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the _chartutil_ package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the _chartutil_ functions.\n\ud83d\udccf Published: 2022-12-15T00:43:40.383Z\n\ud83d\udccf Modified: 2025-04-18T15:58:33.758Z\n\ud83d\udd17 References:\n1. https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33\n2. https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d", "creation_timestamp": "2025-04-18T16:59:12.000000Z"}, {"uuid": "f0b4442e-3f47-40ab-8506-7edcf1ad378c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23525", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12495", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23525\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the _repo_package. The _repo_ package contains a handler that processes the index file of a repository. For example, the Helm client adds references to chart repositories where charts are managed. The _repo_ package parses the index file of the repository and loads it into structures Go can work with. Some index files can cause array data structures to be created causing a memory violation. Applications that use the _repo_ package in the Helm SDK to parse an index file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. The Helm Client will panic with an index file that causes a memory violation panic. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate index files that are correctly formatted before passing them to the _repo_ functions.\n\ud83d\udccf Published: 2022-12-15T00:38:09.873Z\n\ud83d\udccf Modified: 2025-04-18T15:58:58.833Z\n\ud83d\udd17 References:\n1. https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q\n2. https://github.com/helm/helm/commit/638ebffbc2e445156f3978f02fd83d9af1e56f5b", "creation_timestamp": "2025-04-18T16:59:11.000000Z"}, {"uuid": "94fac8ce-6175-47a7-a610-f473fc4df8ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23523", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12524", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23523\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the `linux-loader` crate entering an infinite loop if the ELF header of the kernel they are loading was modified in a malicious manner. This issue has been addressed in 0.8.1. The issue can be mitigated by ensuring that only trusted kernel images are loaded or by verifying that the headers do not point beyond the end of the file.\n\ud83d\udccf Published: 2022-12-13T07:41:47.047Z\n\ud83d\udccf Modified: 2025-04-18T18:28:35.965Z\n\ud83d\udd17 References:\n1. https://github.com/rust-vmm/linux-loader/security/advisories/GHSA-52h2-m2cf-9jh6\n2. https://github.com/rust-vmm/linux-loader/pull/125", "creation_timestamp": "2025-04-18T18:58:45.000000Z"}, {"uuid": "4987f1ed-4bae-4bc1-91ee-fc1c3d4d5545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23520", "type": "seen", "source": "https://t.me/ctinow/84952", "content": "Internet Bug Bounty: CVE-2022-23520: Incomplete fix for CVE-2022-32209 (XSS in Rails::Html::Sanitizer under certain configurations)\n\nhttps://ift.tt/MZuAXV3", "creation_timestamp": "2023-01-04T23:16:25.000000Z"}, {"uuid": "fb2e1c04-52df-4b61-8555-bcd05dcbdbf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "seen", "source": "https://t.me/ctinow/86506", "content": "CVE-2022-23529: Should You Be Concerned About the JsonWebToken Vulnerability?\n\nhttps://ift.tt/xbFWBaR", "creation_timestamp": "2023-01-12T13:56:45.000000Z"}, {"uuid": "219a97ca-e31a-4c1c-91a4-8ff14a221083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "Telegram/hIW2KpfnnjhRW5BHfE-LPjo0chKSmBdvnRRS60_MYjmg1Bg", "content": "", "creation_timestamp": "2023-02-14T08:11:51.000000Z"}, {"uuid": "9da1d677-7148-49cc-89eb-9b5dc0696569", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "seen", "source": "https://t.me/true_secator/3917", "content": "Auth0 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c JsonWebToken, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0432 22 000 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0430\u0441\u044c \u0431\u043e\u043b\u0435\u0435 36 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0440\u0430\u0437 \u0432 \u043c\u0435\u0441\u044f\u0446 \u043d\u0430 NPM.\n\nJsonWebToken \u2014 \u044d\u0442\u043e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0430\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f, \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438\u00a0\u0432\u0435\u0431-\u0442\u043e\u043a\u0435\u043d\u043e\u0432 JSON, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445 \u0441 \u0443\u0447\u0430\u0441\u0442\u0438\u0435\u043c Microsoft, Twilio, Salesforce, Intuit, Box, IBM, Docusign, Slack, SAP \u0438 \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438. \u0420\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f Okta.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f CVE-2022-23529 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 JsonWebToken \u0434\u043e 9.0.0. \u0415\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 7,6, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c\u0438 \u043c\u0435\u0436\u0434\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c JsonWebToken, \u0447\u0442\u043e \u0443\u0441\u043b\u043e\u0436\u043d\u044f\u0435\u0442 \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435.\n\nCVE-2022-23529 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 13 \u0438\u044e\u043b\u044f 2022 \u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u0430\u043c\u0438 Unit 42\u00a0Palo Alto Networks \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0442\u043e\u043a\u0435\u043d\u0430 JWS.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043c\u0435\u0442\u043e\u0434\u0443 verify\u00a0()\u00a0JsonWebToken, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 JWT \u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0442\u0430 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0412 \u0432\u0438\u0434\u0443 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 secretOrPublicKey \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u0430 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0442\u0443 \u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043d\u043e \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 \u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Auth0 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2022 \u0433\u043e\u0434\u0430 \u0438 \u043f\u043e\u0441\u043b\u0435 \u043a\u0440\u043e\u043f\u043e\u0442\u043b\u0438\u0432\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u043f\u043e \u0435\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e 21 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447 \u0441 JsonWebToken \u0432\u0435\u0440\u0441\u0438\u0438 9.0.0.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u0434\u0435\u0444\u0435\u043a\u0442\u043d\u043e\u0433\u043e \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0432\u0441\u044e \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043e\u0434\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043f\u043e\u043a\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 \u043d\u0435 \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u0434\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0448\u0438\u0440\u043e\u043a\u0443\u044e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c JsonWebToken \u0438 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0439, \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u0439 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b \u0438 \u044d\u043d\u0442\u0443\u0437\u0438\u0430\u0437\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0443\u0436 \u0442\u043e\u0447\u043d\u043e \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u043d\u0435\u0434\u043e\u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0442\u044c.", "creation_timestamp": "2023-01-10T13:38:05.000000Z"}, {"uuid": "ae5cdf9f-93d5-4592-a99b-371c7fb99bfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23520", "type": "seen", "source": "https://t.me/cibsecurity/54544", "content": "\u203c CVE-2022-23520 \u203c\n\nrails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both \"select\" and \"style\" elements. Code is only impacted if allowed tags are being overridden. This issue is patched in version 1.4.4. All users overriding the allowed tags to include both \"select\" and \"style\" should either upgrade or use this workaround: Remove either \"select\" or \"style\" from the overridden allowed tags. NOTE: Code is _not_ impacted if allowed tags are overridden using either the :tags option to the Action View helper method sanitize or the :tags option to the instance method SafeListSanitizer#sanitize.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T20:23:23.000000Z"}, {"uuid": "ea17dcfc-71d0-4f5a-abfe-d039437686a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2352", "type": "seen", "source": "https://t.me/cibsecurity/50472", "content": "\u203c CVE-2022-2352 \u203c\n\nThe Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-26T16:21:55.000000Z"}, {"uuid": "65e03010-a3dd-4a34-a9c8-02aac2c18602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "seen", "source": "https://gist.github.com/sunnysaurav83/55ee274bac86ce598c5a7a9a3fabfa4f", "content": "", "creation_timestamp": "2025-07-07T04:08:35.000000Z"}, {"uuid": "7a2a185e-e937-47ff-a27e-c022c894da0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2022-23529", "type": "seen", "source": "https://gist.github.com/getter-io/a1082f6a755dbde6ee4e77d02b4d51b3", "content": "", "creation_timestamp": "2025-12-27T16:52:10.000000Z"}, {"uuid": "cc6a732f-2fb4-4b2b-a585-e7bec02ac4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23524", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12493", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23524\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to Uncontrolled Resource Consumption, resulting in Denial of Service. Input to functions in the _strvals_ package can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the _strvals_ package in the Helm SDK can have a Denial of Service attack when they use this package and it panics. This issue has been patched in 3.10.3. SDK users can validate strings supplied by users won't create large arrays causing significant memory usage before passing them to the _strvals_ functions.\n\ud83d\udccf Published: 2022-12-15T00:28:34.540Z\n\ud83d\udccf Modified: 2025-04-18T15:59:27.542Z\n\ud83d\udd17 References:\n1. https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r", "creation_timestamp": "2025-04-18T16:59:07.000000Z"}, {"uuid": "9524a129-003f-4dfc-88d5-f8038985abc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/29", "content": "Critical webkit Exploit!\n\nhttps://github.com/aalex954/CVE-2022-23529-Exploration", "creation_timestamp": "2023-02-15T18:15:24.000000Z"}, {"uuid": "9c6b3966-5eb3-4e2f-8a8b-1b4a09ebb8c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "Telegram/lueoUnRvjp8KIA0qTl0BMVLfaEBvf4PJtScDJX-XZ7O6ItQ", "content": "", "creation_timestamp": "2023-01-23T03:52:08.000000Z"}, {"uuid": "ea0539a8-cdd0-4c09-aac6-962a552bb7d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2213", "content": "#Threat_Research\n1. RCE bug in JWT Secret Poisoning (CVE-2022-23529)\nhttps://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529\n2. Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security\nhttps://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic\n3. Navigating the Vast Ocean of Sandbox Evasions\nhttps://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection", "creation_timestamp": "2023-01-11T16:22:11.000000Z"}, {"uuid": "5cfd7c01-a28a-46eb-be80-42bb3c395312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23521", "type": "seen", "source": "https://t.me/true_secator/3955", "content": "Git \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c RCE \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u043a\u0443\u0447\u0438.\n\n\u0422\u0440\u0435\u0442\u0438\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u044b\u0439 \u0434\u043b\u044f Windows \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0439 \u043d\u0430 Git GUI, \u0432\u044b\u0437\u0432\u0430\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u043f\u043e\u0438\u0441\u043a\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u042d\u0440\u0438\u043a \u0421\u0435\u0441\u0442\u0435\u0440\u0445\u0435\u043d\u043d \u0438 \u041c\u0430\u0440\u043a\u0443\u0441 \u0412\u0435\u0440\u0432\u044c\u0435  \u0438\u0437 X41, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0414\u0436\u043e\u0440\u043d \u0428\u043d\u0435\u0435\u0432\u0430\u0439\u0441 \u0438\u0437 GitLab \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0438\u0445 \u0432 \u0445\u043e\u0434\u0435\u00a0\u0430\u0443\u0434\u0438\u0442\u0430 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 Git \u043f\u043e \u0437\u0430\u043a\u0430\u0437\u0443\u00a0OSTIF.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: \u043e\u0434\u043d\u0430 CVE-2022-41903\u00a0- \u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 \u0444\u043e\u0440\u043c\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u043e\u043c\u043c\u0438\u0442\u043e\u0432 \u0438\u00a0CVE-2022-23521\u00a0- \u0432 \u043f\u0430\u0440\u0441\u0435\u0440\u0435 gitattributes - \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 2.30.7.\n\n\u0422\u0440\u0435\u0442\u044c\u044f, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-41953, \u0432\u0441\u0435 \u0435\u0449\u0435 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u041f\u041e Git GUI \u0434\u043b\u044f \u043a\u043b\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 \u0438\u043b\u0438 \u0438\u0437\u0431\u0435\u0433\u0430\u044f \u043a\u043b\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u043d\u0438\u0445 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043a\u0443\u0447\u0435 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u043b\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043b\u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE, \u0430 \u0434\u0440\u0443\u0433\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 - \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0430\u0440\u0445\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0447\u0442\u043e \u043e\u0431\u044b\u0447\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0430\u043c\u0438 Git.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0446\u0435\u043b\u044b\u043c\u0438 \u0447\u0438\u0441\u043b\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f\u043c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0447\u0442\u0435\u043d\u0438\u044e \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0433\u0440\u0430\u043d\u0438\u0446.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0443\u0433\u0440\u043e\u0437 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u00abgit-\u0430\u0440\u0445\u0438\u0432\u00bb \u0432 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 \u0438\u043b\u0438 \u0438\u0437\u0431\u0435\u0433\u0430\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445.\n\n\u0415\u0441\u043b\u0438 \u00abgit-\u0430\u0440\u0445\u0438\u0432\u00bb \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0447\u0435\u0440\u0435\u0437 \u00abgit daemon\u00bb, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0435\u0433\u043e \u043f\u0440\u0438 \u0440\u0430\u0431\u043e\u0442\u0435 \u0441 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u043c\u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u043c\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u00abgit config --global daemon.uploadArch false\u00bb.\n\nGitLab \u043d\u0430\u0441\u0442\u0430\u0438\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e\u043c, \u0447\u0442\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u043c \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u043c \u0437\u0430\u0449\u0438\u0442\u044b \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441\u043a\u043e\u0440\u0435\u0439\u0448\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Git v2.39.1.", "creation_timestamp": "2023-01-18T16:10:08.000000Z"}, {"uuid": "6196e9ab-a05b-4556-aa90-165c4a087546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23521", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2317", "content": "#exploit\n1. CVE-2023-0179:\nLinux kernel stack buffer overflow in nftables\nhttps://seclists.org/oss-sec/2023/q1/20\n\n2. Security Audit of Git:\nCVE-2022-23521:\nTruncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes\nCVE-2022-41903: \nOut of Bounds Memory Write in Log Formatting\nhttps://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif", "creation_timestamp": "2023-01-19T15:21:31.000000Z"}, {"uuid": "c9947dc1-ceb3-4178-b377-f9265bd076e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23522", "type": "seen", "source": "https://t.me/cibsecurity/61194", "content": "\u203c CVE-2022-23522 \u203c\n\nMindsDB is an open source machine learning platform. An unsafe extraction is being performed using `shutil.unpack_archive()` from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a **TarSlip** or a **ZipSlip variant**. Unpacking files using the high-level function `shutil.unpack_archive()` from a potentially malicious tarball without validating that the destination file path remained within the intended destination directory may cause files to be overwritten outside the destination directory. An attacker could craft a malicious tarball with a filename path, such as `../../../../../../../../etc/passwd`, and then serve the archive remotely using a personal bucket `s3`, thus, retrieve the tarball through **mindsdb** and overwrite the system files of the hosting server. This issue has been addressed in version 22.11.4.3. Users are advised to upgrade. Users unable to upgrade should avoid ingesting archives from untrusted sources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-30T22:35:30.000000Z"}, {"uuid": "5dbe985b-7079-43c8-b11e-dde61dc84364", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23523", "type": "seen", "source": "https://t.me/cibsecurity/54383", "content": "\u203c CVE-2022-23523 \u203c\n\nIn versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the `linux-loader` crate entering an infinite loop if the ELF header of the kernel they are loading was modified in a malicious manner. This issue has been addressed in 0.8.1. The issue can be mitigated by ensuring that only trusted kernel images are loaded or by verifying that the headers do not point beyond the end of the file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T12:32:30.000000Z"}, {"uuid": "2af08d25-f319-4566-a296-fad8f957d115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23527", "type": "seen", "source": "https://t.me/cibsecurity/54529", "content": "\u203c CVE-2022-23527 \u203c\n\nmod_auth_openidc is an OpenID Certified\u00e2\u201e\u00a2 authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /\\t, leading to an open redirect. This issue has been patched in version 2.4.12.2. Users unable to upgrade can mitigate the issue by configuring mod_auth_openidc to only allow redirection when the destination matches a given regular expression with OIDCRedirectURLsAllowed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T20:23:02.000000Z"}, {"uuid": "c2a60f35-1e54-41a2-8e34-dc0b82291180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "seen", "source": "https://t.me/cibsecurity/55088", "content": "\u203c CVE-2022-23529 \u203c\n\nnode-jsonwebtoken is a JsonWebToken implementation for node.js. For versions `&lt;= 8.5.1` of `jsonwebtoken` library, if a malicious actor has the ability to modify the key retrieval parameter (referring to the `secretOrPublicKey` argument from the readme link of the `jwt.verify()` function, they can write arbitrary files on the host machine. Users are affected only if untrusted entities are allowed to modify the key retrieval parameter of the `jwt.verify()` on a host that you control. This issue has been fixed, please update to version 9.0.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T00:13:06.000000Z"}, {"uuid": "9dc56061-206f-4ce6-b132-e36709a4607d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6928", "content": "Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)\n\nhttps://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/", "creation_timestamp": "2023-01-10T22:40:22.000000Z"}, {"uuid": "3a4b6ebd-cfbf-4ff5-aea6-d67356f0b132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7531", "content": "#Threat_Research\n1. RCE bug in JWT Secret Poisoning (CVE-2022-23529)\nhttps://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529\n2. Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security\nhttps://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic\n3. Navigating the Vast Ocean of Sandbox Evasions\nhttps://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection", "creation_timestamp": "2023-01-11T11:01:01.000000Z"}, {"uuid": "949448b3-422c-48df-9ec1-b2b6e7de3af1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23521", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7572", "content": "#exploit\n1. CVE-2023-0179:\nLinux kernel stack buffer overflow in nftables\nhttps://seclists.org/oss-sec/2023/q1/20\n]-&gt; https://github.com/TurtleARM/CVE-2023-0179-PoC\n\n2. Security Audit of Git:\nCVE-2022-23521:\nTruncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes\nCVE-2022-41903: \nOut of Bounds Memory Write in Log Formatting\nhttps://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif", "creation_timestamp": "2023-01-22T13:04:27.000000Z"}, {"uuid": "5631f69e-d613-4cc8-862e-950a2dfc7976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23521", "type": "seen", "source": "MISP/eab08996-dae5-4549-af05-7d51a85fe0cc", "content": "", "creation_timestamp": "2023-01-19T12:11:10.000000Z"}, {"uuid": "b85b6609-ce31-4736-9869-fb4613c85248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "seen", "source": "https://bsky.app/profile/ka-ka-xyz.bsky.social/post/3m2ow5ujcys2l", "content": "", "creation_timestamp": "2025-10-08T15:04:35.680518Z"}, {"uuid": "d84bc721-4cc1-4735-9c74-82b480233477", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10595", "content": "\u26a0\ufe0f Zero-Day: Vulnerability in JWT Secret Poisoning (CVE-2022-23529).\n\nhttps://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23529", "creation_timestamp": "2023-01-11T21:38:23.000000Z"}, {"uuid": "6d2fd37d-dd80-407b-895b-a369781af330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2352", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17180", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2352\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.\n\ud83d\udccf Published: 2022-09-26T12:35:32.000Z\n\ud83d\udccf Modified: 2025-05-21T19:21:14.244Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/dc99ac40-646a-4f8e-b2b9-dc55d6d4c55c", "creation_timestamp": "2025-05-21T19:42:50.000000Z"}, {"uuid": "eee07496-7e61-4ed0-888c-bb979342716d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23521", "type": "seen", "source": "https://t.me/alexmakus/4909", "content": "\u043a\u0441\u0442\u0430\u0442\u0438 \u043f\u0440\u043e \u0430\u043f\u0434\u0435\u0439\u0442\u044b, \u0447\u0438\u0442\u0430\u0442\u0435\u043b\u044c \u0442\u0443\u0442 \u043d\u0430\u043f\u043e\u043c\u043d\u0438\u043b \u0435\u0449\u0435 \u043f\u0440\u043e Atlassian. \u0422\u043e\u0436\u0435 \u0430\u043f\u0434\u0435\u0439\u0442\u044b, \u0434\u043b\u044f Bitbucket Server and Data, Bamboo Server and Data Center, Fisheye, Crucible, Sourcetree\n\nhttps://confluence.atlassian.com/security/multiple-products-security-advisory-git-buffer-overflow-cve-2022-41903-cve-2022-23521-1189805967.html", "creation_timestamp": "2023-02-15T19:38:55.000000Z"}, {"uuid": "4ed1ff5c-0655-434e-a747-c92794fc2111", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "seen", "source": "https://t.me/M_3_7_1/16746", "content": "\u062b\u063a\u0631\u0627\u062a RCE \u0641\u064a \u0645\u0643\u062a\u0628\u0629 \u0645\u0641\u062a\u0648\u062d\u0629 \u0627\u0644\u0645\u0635\u062f\u0631 - JsonWebToken \ud83d\udcda\n\n\u064a\u0642\u0648\u0644 \u0627\u0644\u0643\u062b\u064a\u0631\u0648\u0646 \u0623\u0646 \u0647\u0630\u0627 \u0647\u0648 Log4j \u0627\u0644\u062c\u062f\u064a\u062f \u060c \u0648\u0623\u0646\u0627 \u0634\u062e\u0635\u064a\u0627\u064b \u0623\u0634\u0643 \u0641\u064a \u0630\u0644\u0643 \u060c \u0644\u0643\u0646 \u062f\u0639\u0646\u0627 \u0646\u0641\u0647\u0645 \u0645\u0627 \u064a\u062f\u0648\u0631 \u062d\u0648\u0644\u0647. \ud83e\uddd0\n\n\u0642\u0627\u0645\u062a \u0634\u0631\u0643\u0629 Auth0 \u0628\u0625\u0635\u0644\u0627\u062d \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a RCE \u0641\u064a \u0645\u0643\u062a\u0628\u0629 \u0645\u0641\u062a\u0648\u062d\u0629 \u0627\u0644\u0645\u0635\u062f\u0631 - JsonWebToken \u0648\u0627\u0644\u062a\u064a \u062a\u0645 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647\u0627 \u0645\u0646 \u0642\u0628\u0644 \u0623\u0643\u062b\u0631 \u0645\u0646 22000 \u0645\u0634\u0631\u0648\u0639 \u0648\u064a\u062a\u0645 \u062a\u0646\u0632\u064a\u0644\u0647\u0627 \u0623\u0643\u062b\u0631 \u0645\u0646 36 \u0645\u0644\u064a\u0648\u0646 \u0645\u0631\u0629 \u0641\u064a \u0627\u0644\u0634\u0647\u0631.\n\nJsonWebToken \u0647\u064a \u0645\u0643\u062a\u0628\u0629 \u0645\u0641\u062a\u0648\u062d\u0629 \u0627\u0644\u0645\u0635\u062f\u0631 \u062a\u064f\u0633\u062a\u062e\u062f\u0645 \u0644\u0625\u0646\u0634\u0627\u0621 \u0631\u0645\u0632 \u0648\u064a\u0628 \u0648\u062a\u0648\u0642\u064a\u0639\u0647 \u0648\u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646\u0647 \u0628\u062a\u0646\u0633\u064a\u0642 JSON.\n\u064a\u062a\u0645 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647 \u0645\u0646 \u0642\u0628\u0644 \u0645\u0634\u0627\u0631\u064a\u0639 \u0634\u0631\u0643\u0627\u062a \u0645\u062b\u0644:\nMicrosoft \u0648 Twilio \u0648 Salesforce \u0648 Intuit \u0648 Box \u0648 IBM \u0648 Docusign \u0648 Slack \u0648 SAP \u0648\u063a\u064a\u0631\u0647\u0627 \u0627\u0644\u0643\u062b\u064a\u0631. \ud83d\udc6f\u200d\u2640\n\n\u0623\u0639\u0637\u064a\u062a \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0631\u0642\u0645 CVE-2022-23529 \u060c \u0645\u0639 \u0645\u0633\u062a\u0648\u0649 \u0627\u0644\u062e\u0637\u0648\u0631\u0629 CVSS = 7.6 \u0648\u062a\u0624\u062b\u0631 \u0639\u0644\u0649 \u0625\u0635\u062f\u0627\u0631\u0627\u062a JsonWebToken \u0642\u0628\u0644 9.0.0.\n\u064a\u0645\u0643\u0646 \u0623\u0646 \u064a\u0633\u0645\u062d \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0627\u0644\u0646\u0627\u062c\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u062a\u062c\u0627\u0648\u0632 \u0622\u0644\u064a\u0627\u062a \u0627\u0644\u0645\u0635\u0627\u062f\u0642\u0629 \u060c \u0648\u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0627\u0644\u0633\u0631\u064a\u0629 \u060c \u0648\u0633\u0631\u0642\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0623\u0648 \u062a\u0639\u062f\u064a\u0644\u0647\u0627.\n\n\u0627\u0643\u062a\u0634\u0641 \u0628\u0627\u062d\u062b\u0648 Palo Alto Networks \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0641\u064a 13 \u064a\u0648\u0644\u064a\u0648 2022 \u060c \u0648\u0648\u062c\u062f \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0623\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u064a\u0645\u0643\u0646\u0647\u0645 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u064f\u0639\u062f \u0639\u0644\u0649 \u0627\u0644\u062e\u0648\u0627\u062f\u0645 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0637\u0631\u064a\u0642\u0629 \u0627\u0644\u062a\u062d\u0642\u0642 () \u0645\u0646 JsonWebToken \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0629 \u0644\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 JWT \u0648\u0625\u0631\u062c\u0627\u0639 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0627\u0644\u062a\u064a \u062a\u0645 \u0641\u0643 \u062a\u0634\u0641\u064a\u0631\u0647\u0627. \ud83e\udd14\n\n\u0646\u0638\u0631\u064b\u0627 \u0644\u0639\u062f\u0645 \u0648\u062c\u0648\u062f \u0645\u0635\u0627\u062f\u0642\u0629 \u0623\u062d\u062f \u0645\u0639\u0644\u0645\u0627\u062a secretOrPublicKey \u060c \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0625\u0631\u0633\u0627\u0644 \u0643\u0627\u0626\u0646 \u0645\u0635\u0645\u0645 \u062e\u0635\u064a\u0635\u064b\u0627 \u0644\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u064f\u0639\u062f \u0639\u0644\u0649 \u0627\u0644\u0643\u0645\u0628\u064a\u0648\u062a\u0631 \u0627\u0644\u0647\u062f\u0641.\n\n\u0623\u0643\u062f \u0641\u0631\u064a\u0642 Auth0 \u0627\u0644\u0645\u0634\u0643\u0644\u0629 \u0641\u064a \u0623\u063a\u0633\u0637\u0633 2022 \u0648\u0623\u0635\u062f\u0631 \u062a\u0635\u062d\u064a\u062d\u064b\u0627 \u0628\u0627\u0644\u0625\u0635\u062f\u0627\u0631 9.0.0 \u0641\u064a 21 \u062f\u064a\u0633\u0645\u0628\u0631 2022. \ud83d\udd14\n\n\u0639\u0644\u0649 \u0627\u0644\u0631\u063a\u0645 \u0645\u0646 \u062a\u0639\u0642\u064a\u062f \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0639\u0645\u0644\u064a \u060c \u0633\u062a\u0634\u0643\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u062a\u0647\u062f\u064a\u062f\u064b\u0627 \u062e\u0637\u064a\u0631\u064b\u0627 \u0644\u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u062a\u0648\u0631\u064a\u062f \u0644\u0641\u062a\u0631\u0629 \u0637\u0648\u064a\u0644\u0629 \u062d\u062a\u0649 \u064a\u062a\u0645 \u062a\u062d\u062f\u064a\u062b \u0645\u0639\u0638\u0645 \u0627\u0644\u0645\u0634\u0627\u0631\u064a\u0639 \u0625\u0644\u0649 \u0646\u0633\u062e\u0629 \u0622\u0645\u0646\u0629. \ud83d\udcc6", "creation_timestamp": "2024-01-06T18:19:53.000000Z"}, {"uuid": "ba053d33-6557-4c40-b1ca-ddfbea5111b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "seen", "source": "https://t.me/BABATATASASA/5510", "content": "JsonWebToken (CVE-2022-23529).\nChatGPT (CVE-2023-28858).\nApache Superset (CVE-2023-27524).\nPaperCut NG/MF (CVE-2023-27350).\nFortinet FortiOS (CVE-2022-41328).\nAdobe ColdFusion (CVE-2023-26360).\nMOVEit vulnerability (CVE-2023-34362).", "creation_timestamp": "2023-09-25T15:05:09.000000Z"}, {"uuid": "e76b1dc9-f23d-49fe-9817-16a199595a0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "seen", "source": "https://t.me/thehackernews/2935", "content": "\ud83d\udd25 Attention all open-source developers: If you're using \"jsonwebtoken\" library in your projects, you need to take urgent action.\n\nA high-severity security flaw [ CVE-2022-23529] has been discovered, leading to RCE attacks: https://thehackernews.com/2023/01/critical-security-flaw-found-in.html", "creation_timestamp": "2023-01-10T09:57:13.000000Z"}, {"uuid": "4a48011e-644f-4200-9e07-7f9b4834f68b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23529", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6844", "content": "Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)\nhttps://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/", "creation_timestamp": "2023-01-11T14:20:20.000000Z"}, {"uuid": "a90415fa-61b5-4416-9f20-b8d7314c7d1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23521", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "356bc3a2-ac19-4b53-a0be-2ef8c5d2401f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-23522", "type": "seen", "source": "https://bsky.app/profile/nerq-ai.bsky.social/post/3mhkj4mqna22w", "content": "", "creation_timestamp": "2026-03-21T07:30:05.434587Z"}]}