{"vulnerability": "cve-2023-4528", "sightings": [{"uuid": "202f990d-ed0b-4411-811e-93d9482165f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45288", "type": "seen", "source": "https://t.me/arpsyndicate/4574", "content": "#ExploitObserverAlert\n\nCVE-2023-45288\n\nDESCRIPTION: Exploit Observer has 45 entries in 10 file formats related to CVE-2023-45288. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.\n\nFIRST-EPSS: 0.000450000\nARPS-EXPLOITABILITY: 0.7345311", "creation_timestamp": "2024-04-12T09:16:16.000000Z"}, {"uuid": "d866aee0-b004-423a-9ba1-28238df40dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4528", "type": "seen", "source": "https://t.me/arpsyndicate/59", "content": "#ExploitObserverAlert\n\nCVE-2023-4528\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-4528. Unsafe deserialization in JSCAPE MFT Server versions prior to\u00a02023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface\n\nFIRST-EPSS: 0.000520000\nNVD-IS: 5.9\nNVD-ES: 1.2", "creation_timestamp": "2023-11-10T21:41:08.000000Z"}, {"uuid": "666cae37-3689-44fb-ba88-7ec340b48c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45287", "type": "seen", "source": "https://t.me/ctinow/167322", "content": "https://ift.tt/sULE419\nCVE-2023-45287 Golang Vulnerability in NetApp Products", "creation_timestamp": "2024-01-12T15:31:40.000000Z"}, {"uuid": "155f93ed-41a9-4051-9316-e3484590cfa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45288", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lrvmlum4hc2w", "content": "", "creation_timestamp": "2025-06-18T18:17:21.475893Z"}, {"uuid": "2421a48a-6f05-4c00-82a5-be49c89c1b65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45281", "type": "seen", "source": "https://t.me/cibsecurity/72590", "content": "\u203c CVE-2023-45281 \u203c\n\nAn issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T20:34:34.000000Z"}, {"uuid": "98ba7ca5-e465-444e-8a7e-0f4b1a4ebaa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45282", "type": "seen", "source": "https://t.me/cibsecurity/71757", "content": "\u203c CVE-2023-45282 \u203c\n\nIn NASA Open MCT (aka openmct) 2.2.5 before 545a177, prototype pollution can occur via an import action.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T22:13:45.000000Z"}, {"uuid": "0a05cec3-e5eb-44ec-bc05-a094b2483347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45289", "type": "seen", "source": "https://t.me/ctinow/200865", "content": "https://ift.tt/sb9IhJS\nCVE-2023-45289", "creation_timestamp": "2024-03-06T00:26:55.000000Z"}, {"uuid": "2908c308-3980-4eae-aa90-342f9b133f73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45289", "type": "seen", "source": "https://t.me/ctinow/200997", "content": "https://ift.tt/aISTiey\nCVE-2023-45289", "creation_timestamp": "2024-03-06T04:41:51.000000Z"}, {"uuid": "efd7267d-5bce-4207-836d-420b71304c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45289", "type": "seen", "source": "https://t.me/ctinow/200853", "content": "https://ift.tt/sb9IhJS\nCVE-2023-45289", "creation_timestamp": "2024-03-06T00:26:40.000000Z"}, {"uuid": "3b6a922f-c4c2-4991-bf21-3aaef7a7b646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45285", "type": "seen", "source": "https://t.me/ctinow/160838", "content": "https://ift.tt/8be6Kp4\nCVE-2023-45285 | Google Go up to 1.20.11/1.21.4 cmd-go cleartext transmission", "creation_timestamp": "2023-12-30T10:06:37.000000Z"}, {"uuid": "da1e18c1-aee9-409e-a1b5-9f5f1894ae8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45282", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113650832054100134", "content": "", "creation_timestamp": "2024-12-14T11:01:14.398462Z"}, {"uuid": "285c14a5-546a-4e69-961c-153f65d349f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45288", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lrvufmn5bk2w", "content": "", "creation_timestamp": "2025-06-18T20:37:01.608647Z"}, {"uuid": "dff6337d-6f32-43e0-9ad7-5a30c6c0f11c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45286", "type": "seen", "source": "https://t.me/ctinow/156776", "content": "https://ift.tt/wkuO1IG\nCVE-2023-45286 | go-resty prior 2.10.0 HTTP Request sync.Pool.Put information disclosure (Issue 739)", "creation_timestamp": "2023-12-20T07:07:39.000000Z"}, {"uuid": "88a0d247-82ac-450a-a28f-888898596033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45282", "type": "published-proof-of-concept", "source": "https://t.me/scorpionisready/942", "content": "Prototype Pollution in NASAs Open MCT CVE-2023-45282\n\nhttps://visionspace.com/prototype-pollution-in-nasas-open-mct-cve-2023-45282/", "creation_timestamp": "2024-11-25T21:18:52.000000Z"}, {"uuid": "c5980e3d-a9c7-45e1-b91d-f0b897cf950f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45288", "type": "seen", "source": "https://t.me/arpsyndicate/4415", "content": "#ExploitObserverAlert\n\nCVE-2023-45288\n\nDESCRIPTION: Exploit Observer has 43 entries in 10 file formats related to CVE-2023-45288. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-04-09T20:26:43.000000Z"}, {"uuid": "0ce7781a-a759-4d7f-bc9f-a8b1cf6aab4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45288", "type": "seen", "source": "https://t.me/arpsyndicate/4385", "content": "#ExploitObserverAlert\n\nCVE-2023-45288\n\nDESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-45288. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-04-07T22:26:02.000000Z"}, {"uuid": "5750d996-2bbf-4d03-b78b-5463ec897763", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45289", "type": "seen", "source": "https://t.me/arpsyndicate/4129", "content": "#ExploitObserverAlert\n\nCVE-2023-45289\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-45289. When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-03-07T08:37:20.000000Z"}, {"uuid": "c17f3803-b6f6-4ff6-b3ad-4a9e2ce83971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45287", "type": "seen", "source": "https://t.me/ctinow/159011", "content": "https://ift.tt/UIKyNG7\nCVE-2023-45287 | Google Go up to 1.19.x math-big timing discrepancy", "creation_timestamp": "2023-12-24T12:41:32.000000Z"}, {"uuid": "646d7cad-cb86-42ca-af5e-6bc6c7b59113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4528", "type": "seen", "source": "https://t.me/cibsecurity/70107", "content": "\u203c CVE-2023-4528 \u203c\n\nUnsafe deserialization in JSCAPE MFT Server versions prior to\u00c2\u00a02023.1.9 (Windows, Linux, and MacOS) permits an attacker to run arbitrary Java code (including OS commands) via its management interface\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-07T22:18:54.000000Z"}, {"uuid": "0e86f52b-4aaf-4a6c-865c-36e6f266b564", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45282", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9362", "content": "Prototype Pollution in NASAs Open MCT CVE-2023-45282\n\nhttps://visionspace.com/prototype-pollution-in-nasas-open-mct-cve-2023-45282/", "creation_timestamp": "2024-11-23T11:40:16.000000Z"}, {"uuid": "0e364f65-e021-468a-9008-ee0fe0749d4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-45282", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113577221793310504", "content": "", "creation_timestamp": "2024-12-01T11:01:11.158129Z"}]}