ISHACK AI BOT

Amazon Linux AMI 2: CVE-2023-40030: Security patch for rust (ALAS-2024-2426) Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 08/24/2023 Created 01/24/2024 Added 01/23/2024 Modified 01/30/2025 Description Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by `cargo build --timings`. A malicious package included as a dependency may inject nearly arbitrary HTML here, potentially leading to cross-site scripting if the report is subsequently uploaded somewhere. The vulnerability affects users relying on dependencies from git, local paths, or alternative registries. Users who solely depend on crates.io are unaffected. Rust 1.60.0 introduced `cargo build --timings`, which produces a report of how long the different steps of the build process took. It includes lists of Cargo features for each crate. Prior to Rust 1.72, Cargo feature names were allowed to contain almost any characters (with some exceptions as used by the feature syntax), but it would produce a future incompatibility warning about them since Rust 1.49. crates.io is far more stringent about what it considers a valid feature name and has not allowed such feature names. As the feature names were included unescaped in the timings report, they could be used to inject Javascript into the page, for example with a feature name like `features = ["<img src='' onerror=alert(0)"]`. If this report were subsequently uploaded to a domain that uses credentials, the injected Javascript could access resources from the website visitor. This issue was fixed in Rust 1.72 by turning the future incompatibility warning into an error. Users should still exercise care in which package they download, by only including trusted dependencies in their projects. Please note that even with these vulnerabilities fixed, by design Cargo allows arbitrary code execution at build time thanks to build scripts and procedural macros: a malicious dependency will be able to cause damage regardless of these vulnerabilities. crates.io has server-side checks preventing this attack, and there are no packages on crates.io exploiting these vulnerabilities. crates.io users still need to excercise care in choosing their dependencies though, as remote code execution is allowed by design there as well. Solution(s) amazon-linux-ami-2-upgrade-cargo amazon-linux-ami-2-upgrade-clippy amazon-linux-ami-2-upgrade-rust amazon-linux-ami-2-upgrade-rust-analysis amazon-linux-ami-2-upgrade-rust-analyzer amazon-linux-ami-2-upgrade-rust-debugger-common amazon-linux-ami-2-upgrade-rust-debuginfo amazon-linux-ami-2-upgrade-rust-doc amazon-linux-ami-2-upgrade-rust-gdb amazon-linux-ami-2-upgrade-rust-src amazon-linux-ami-2-upgrade-rust-std-static amazon-linux-ami-2-upgrade-rust-toolset amazon-linux-ami-2-upgrade-rustfmt References https://attackerkb.com/topics/cve-2023-40030 AL2/ALAS-2024-2426 CVE - 2023-40030

Debian: CVE-2023-32559: nodejs -- security update Severity 9 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:C) Published 08/24/2023 Created 01/04/2024 Added 01/03/2024 Modified 01/30/2025 Description A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Solution(s) debian-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-32559 CVE - 2023-32559 DSA-5589-1

SUSE: CVE-2023-40030: SUSE Linux Security Advisory Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 08/24/2023 Created 09/22/2023 Added 09/22/2023 Modified 01/28/2025 Description Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by `cargo build --timings`. A malicious package included as a dependency may inject nearly arbitrary HTML here, potentially leading to cross-site scripting if the report is subsequently uploaded somewhere. The vulnerability affects users relying on dependencies from git, local paths, or alternative registries. Users who solely depend on crates.io are unaffected. Rust 1.60.0 introduced `cargo build --timings`, which produces a report of how long the different steps of the build process took. It includes lists of Cargo features for each crate. Prior to Rust 1.72, Cargo feature names were allowed to contain almost any characters (with some exceptions as used by the feature syntax), but it would produce a future incompatibility warning about them since Rust 1.49. crates.io is far more stringent about what it considers a valid feature name and has not allowed such feature names. As the feature names were included unescaped in the timings report, they could be used to inject Javascript into the page, for example with a feature name like `features = ["<img src='' onerror=alert(0)"]`. If this report were subsequently uploaded to a domain that uses credentials, the injected Javascript could access resources from the website visitor. This issue was fixed in Rust 1.72 by turning the future incompatibility warning into an error. Users should still exercise care in which package they download, by only including trusted dependencies in their projects. Please note that even with these vulnerabilities fixed, by design Cargo allows arbitrary code execution at build time thanks to build scripts and procedural macros: a malicious dependency will be able to cause damage regardless of these vulnerabilities. crates.io has server-side checks preventing this attack, and there are no packages on crates.io exploiting these vulnerabilities. crates.io users still need to excercise care in choosing their dependencies though, as remote code execution is allowed by design there as well. Solution(s) suse-upgrade-cargo suse-upgrade-cargo1-72 suse-upgrade-rust suse-upgrade-rust1-72 References https://attackerkb.com/topics/cve-2023-40030 CVE - 2023-40030

SUSE: CVE-2023-4156: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:C) Published 08/24/2023 Created 08/28/2023 Added 08/28/2023 Modified 01/28/2025 Description A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information. Solution(s) suse-upgrade-gawk References https://attackerkb.com/topics/cve-2023-4156 CVE - 2023-4156

Debian: CVE-2023-4513: wireshark -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/24/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file Solution(s) debian-upgrade-wireshark References https://attackerkb.com/topics/cve-2023-4513 CVE - 2023-4513 DSA-5559-1

Alma Linux: CVE-2023-32559: Important: nodejs:16 security, bug fix, and enhancement update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:C) Published 08/24/2023 Created 09/28/2023 Added 09/28/2023 Modified 01/30/2025 Description A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Solution(s) alma-upgrade-nodejs alma-upgrade-nodejs-devel alma-upgrade-nodejs-docs alma-upgrade-nodejs-full-i18n alma-upgrade-nodejs-libs alma-upgrade-nodejs-nodemon alma-upgrade-nodejs-packaging alma-upgrade-nodejs-packaging-bundler alma-upgrade-npm References https://attackerkb.com/topics/cve-2023-32559 CVE - 2023-32559 https://errata.almalinux.org/8/ALSA-2023-5360.html https://errata.almalinux.org/8/ALSA-2023-5362.html https://errata.almalinux.org/9/ALSA-2023-5363.html https://errata.almalinux.org/9/ALSA-2023-5532.html

Wireshark : CVE-2023-4512 : CBOR dissector crash Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/24/2023 Created 09/25/2024 Added 09/24/2024 Modified 01/28/2025 Description CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file Solution(s) wireshark-upgrade-4_0_8 References https://attackerkb.com/topics/cve-2023-4512 CVE - 2023-4512 https://www.wireshark.org/security/wnpa-sec-2023-23.html

VMware Photon OS: CVE-2023-4513 Severity 5 CVSS (AV:L/AC:L/Au:N/C:P/I:P/A:P) Published 08/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4513 CVE - 2023-4513

Ubuntu: USN-6822-1 (CVE-2023-32559): Node.js vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:C) Published 08/24/2023 Created 07/02/2024 Added 07/01/2024 Modified 01/30/2025 Description A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Solution(s) ubuntu-upgrade-libnode108 ubuntu-upgrade-libnode72 ubuntu-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-32559 CVE - 2023-32559 USN-6822-1

Ubuntu: USN-6760-1 (CVE-2023-4508): Gerbv vulnerability Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/24/2023 Created 05/02/2024 Added 05/02/2024 Modified 01/28/2025 Description A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file. Solution(s) ubuntu-pro-upgrade-gerbv References https://attackerkb.com/topics/cve-2023-4508 CVE - 2023-4508 USN-6760-1

VMware Photon OS: CVE-2023-4511 Severity 5 CVSS (AV:L/AC:L/Au:N/C:P/I:P/A:P) Published 08/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4511 CVE - 2023-4511

VMware Photon OS: CVE-2023-32559 Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 08/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-32559 CVE - 2023-32559

VMware Photon OS: CVE-2023-4512 Severity 5 CVSS (AV:L/AC:L/Au:N/C:P/I:P/A:P) Published 08/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4512 CVE - 2023-4512

Oracle Linux: CVE-2023-45871: ELSA-2023-13043: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories) Severity 7 CVSS (AV:A/AC:H/Au:N/C:C/I:C/A:C) Published 08/24/2023 Created 12/20/2023 Added 12/14/2023 Modified 01/23/2025 Description An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. A flaw was found in igb_configure_rx_ring in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel&apos;s ring buffer, leading to a system integrity issue. Solution(s) oracle-linux-upgrade-kernel oracle-linux-upgrade-kernel-uek References https://attackerkb.com/topics/cve-2023-45871 CVE - 2023-45871 ELSA-2023-13043 ELSA-2024-12169 ELSA-2024-0897 ELSA-2024-1249 ELSA-2023-7749 ELSA-2023-13047 View more

VMware Photon OS: CVE-2023-40030 Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/24/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by `cargo build --timings`. A malicious package included as a dependency may inject nearly arbitrary HTML here, potentially leading to cross-site scripting if the report is subsequently uploaded somewhere. The vulnerability affects users relying on dependencies from git, local paths, or alternative registries. Users who solely depend on crates.io are unaffected. Rust 1.60.0 introduced `cargo build --timings`, which produces a report of how long the different steps of the build process took. It includes lists of Cargo features for each crate. Prior to Rust 1.72, Cargo feature names were allowed to contain almost any characters (with some exceptions as used by the feature syntax), but it would produce a future incompatibility warning about them since Rust 1.49. crates.io is far more stringent about what it considers a valid feature name and has not allowed such feature names. As the feature names were included unescaped in the timings report, they could be used to inject Javascript into the page, for example with a feature name like `features = ["<img src='' onerror=alert(0)"]`. If this report were subsequently uploaded to a domain that uses credentials, the injected Javascript could access resources from the website visitor. This issue was fixed in Rust 1.72 by turning the future incompatibility warning into an error. Users should still exercise care in which package they download, by only including trusted dependencies in their projects. Please note that even with these vulnerabilities fixed, by design Cargo allows arbitrary code execution at build time thanks to build scripts and procedural macros: a malicious dependency will be able to cause damage regardless of these vulnerabilities. crates.io has server-side checks preventing this attack, and there are no packages on crates.io exploiting these vulnerabilities. crates.io users still need to excercise care in choosing their dependencies though, as remote code execution is allowed by design there as well. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-40030 CVE - 2023-40030

Ubuntu: (CVE-2023-40030): rustc vulnerability Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 08/24/2023 Created 11/21/2024 Added 11/19/2024 Modified 01/30/2025 Description Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by `cargo build --timings`. A malicious package included as a dependency may inject nearly arbitrary HTML here, potentially leading to cross-site scripting if the report is subsequently uploaded somewhere. The vulnerability affects users relying on dependencies from git, local paths, or alternative registries. Users who solely depend on crates.io are unaffected. Rust 1.60.0 introduced `cargo build --timings`, which produces a report of how long the different steps of the build process took. It includes lists of Cargo features for each crate. Prior to Rust 1.72, Cargo feature names were allowed to contain almost any characters (with some exceptions as used by the feature syntax), but it would produce a future incompatibility warning about them since Rust 1.49. crates.io is far more stringent about what it considers a valid feature name and has not allowed such feature names. As the feature names were included unescaped in the timings report, they could be used to inject Javascript into the page, for example with a feature name like `features = ["<img src='' onerror=alert(0)"]`. If this report were subsequently uploaded to a domain that uses credentials, the injected Javascript could access resources from the website visitor. This issue was fixed in Rust 1.72 by turning the future incompatibility warning into an error. Users should still exercise care in which package they download, by only including trusted dependencies in their projects. Please note that even with these vulnerabilities fixed, by design Cargo allows arbitrary code execution at build time thanks to build scripts and procedural macros: a malicious dependency will be able to cause damage regardless of these vulnerabilities. crates.io has server-side checks preventing this attack, and there are no packages on crates.io exploiting these vulnerabilities. crates.io users still need to excercise care in choosing their dependencies though, as remote code execution is allowed by design there as well. Solution(s) ubuntu-upgrade-rustc References https://attackerkb.com/topics/cve-2023-40030 CVE - 2023-40030 https://github.com/rust-lang/cargo/commit/9835622853f08be9a4b58ebe29dcec8f43b64b33 https://github.com/rust-lang/cargo/commit/f975722a0eac934c0722f111f107c4ea2f5c4365 https://github.com/rust-lang/cargo/pull/12291 https://github.com/rust-lang/cargo/security/advisories/GHSA-wrrj-h57r-vx9p https://www.cve.org/CVERecord?id=CVE-2023-40030

SUSE: CVE-2023-40217: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 08/25/2023 Created 09/21/2023 Added 09/21/2023 Modified 01/28/2025 Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) Solution(s) suse-upgrade-libpython2_7-1_0 suse-upgrade-libpython2_7-1_0-32bit suse-upgrade-libpython3_10-1_0 suse-upgrade-libpython3_10-1_0-32bit suse-upgrade-libpython3_11-1_0 suse-upgrade-libpython3_11-1_0-32bit suse-upgrade-libpython3_4m1_0 suse-upgrade-libpython3_4m1_0-32bit suse-upgrade-libpython3_6m1_0 suse-upgrade-libpython3_6m1_0-32bit suse-upgrade-libpython3_9-1_0 suse-upgrade-libpython3_9-1_0-32bit suse-upgrade-python suse-upgrade-python-32bit suse-upgrade-python-base suse-upgrade-python-base-32bit suse-upgrade-python-curses suse-upgrade-python-demo suse-upgrade-python-devel suse-upgrade-python-doc suse-upgrade-python-doc-pdf suse-upgrade-python-gdbm suse-upgrade-python-idle suse-upgrade-python-tk suse-upgrade-python-xml suse-upgrade-python3 suse-upgrade-python3-base suse-upgrade-python3-curses suse-upgrade-python3-dbm suse-upgrade-python3-devel suse-upgrade-python3-doc suse-upgrade-python3-doc-devhelp suse-upgrade-python3-idle suse-upgrade-python3-testsuite suse-upgrade-python3-tk suse-upgrade-python3-tools suse-upgrade-python310 suse-upgrade-python310-32bit suse-upgrade-python310-base suse-upgrade-python310-base-32bit suse-upgrade-python310-curses suse-upgrade-python310-dbm suse-upgrade-python310-devel suse-upgrade-python310-doc suse-upgrade-python310-doc-devhelp suse-upgrade-python310-idle suse-upgrade-python310-testsuite suse-upgrade-python310-tk suse-upgrade-python310-tools suse-upgrade-python311 suse-upgrade-python311-32bit suse-upgrade-python311-base suse-upgrade-python311-base-32bit suse-upgrade-python311-curses suse-upgrade-python311-dbm suse-upgrade-python311-devel suse-upgrade-python311-doc suse-upgrade-python311-doc-devhelp suse-upgrade-python311-idle suse-upgrade-python311-testsuite suse-upgrade-python311-tk suse-upgrade-python311-tools suse-upgrade-python36 suse-upgrade-python36-base suse-upgrade-python36-devel suse-upgrade-python39 suse-upgrade-python39-32bit suse-upgrade-python39-base suse-upgrade-python39-base-32bit suse-upgrade-python39-curses suse-upgrade-python39-dbm suse-upgrade-python39-devel suse-upgrade-python39-doc suse-upgrade-python39-doc-devhelp suse-upgrade-python39-idle suse-upgrade-python39-testsuite suse-upgrade-python39-tk suse-upgrade-python39-tools References https://attackerkb.com/topics/cve-2023-40217 CVE - 2023-40217

IBM AIX: python_advisory6 (CVE-2023-40217): Vulnerability in python affects AIX Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 08/25/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/30/2025 Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) Solution(s) ibm-aix-python_advisory6 References https://attackerkb.com/topics/cve-2023-40217 CVE - 2023-40217 https://aix.software.ibm.com/aix/efixes/security/python_advisory6.asc

Alma Linux: CVE-2023-38710: Moderate: libreswan security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 08/25/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/30/2025 Description An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20. Solution(s) alma-upgrade-libreswan References https://attackerkb.com/topics/cve-2023-38710 CVE - 2023-38710 https://errata.almalinux.org/8/ALSA-2023-7052.html https://errata.almalinux.org/9/ALSA-2023-6549.html

Huawei EulerOS: CVE-2023-41080: tomcat security update Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 08/25/2023 Created 03/14/2024 Added 03/13/2024 Modified 01/30/2025 Description URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application. Solution(s) huawei-euleros-2_0_sp8-upgrade-tomcat huawei-euleros-2_0_sp8-upgrade-tomcat-admin-webapps huawei-euleros-2_0_sp8-upgrade-tomcat-el-3.0-api huawei-euleros-2_0_sp8-upgrade-tomcat-jsp-2.3-api huawei-euleros-2_0_sp8-upgrade-tomcat-lib huawei-euleros-2_0_sp8-upgrade-tomcat-servlet-4.0-api References https://attackerkb.com/topics/cve-2023-41080 CVE - 2023-41080 EulerOS-SA-2024-1305

Alma Linux: CVE-2023-38712: Moderate: libreswan security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 08/25/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart. Solution(s) alma-upgrade-libreswan References https://attackerkb.com/topics/cve-2023-38712 CVE - 2023-38712 https://errata.almalinux.org/8/ALSA-2023-7052.html https://errata.almalinux.org/9/ALSA-2023-6549.html

Alma Linux: CVE-2023-40217: Important: python3.11 security update (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 08/25/2023 Created 10/11/2023 Added 10/10/2023 Modified 02/13/2025 Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) Solution(s) alma-upgrade-babel alma-upgrade-platform-python alma-upgrade-platform-python-debug alma-upgrade-platform-python-devel alma-upgrade-python-nose-docs alma-upgrade-python-psycopg2-doc alma-upgrade-python-sqlalchemy-doc alma-upgrade-python-unversioned-command alma-upgrade-python2 alma-upgrade-python2-attrs alma-upgrade-python2-babel alma-upgrade-python2-backports alma-upgrade-python2-backports-ssl_match_hostname alma-upgrade-python2-bson alma-upgrade-python2-chardet alma-upgrade-python2-coverage alma-upgrade-python2-cython alma-upgrade-python2-debug alma-upgrade-python2-devel alma-upgrade-python2-dns alma-upgrade-python2-docs alma-upgrade-python2-docs-info alma-upgrade-python2-docutils alma-upgrade-python2-funcsigs alma-upgrade-python2-idna alma-upgrade-python2-ipaddress alma-upgrade-python2-jinja2 alma-upgrade-python2-libs alma-upgrade-python2-lxml alma-upgrade-python2-markupsafe alma-upgrade-python2-mock alma-upgrade-python2-nose alma-upgrade-python2-numpy alma-upgrade-python2-numpy-doc alma-upgrade-python2-numpy-f2py alma-upgrade-python2-pip alma-upgrade-python2-pip-wheel alma-upgrade-python2-pluggy alma-upgrade-python2-psycopg2 alma-upgrade-python2-psycopg2-debug alma-upgrade-python2-psycopg2-tests alma-upgrade-python2-py alma-upgrade-python2-pygments alma-upgrade-python2-pymongo alma-upgrade-python2-pymongo-gridfs alma-upgrade-python2-pymysql alma-upgrade-python2-pysocks alma-upgrade-python2-pytest alma-upgrade-python2-pytest-mock alma-upgrade-python2-pytz alma-upgrade-python2-pyyaml alma-upgrade-python2-requests alma-upgrade-python2-rpm-macros alma-upgrade-python2-scipy alma-upgrade-python2-setuptools alma-upgrade-python2-setuptools-wheel alma-upgrade-python2-setuptools_scm alma-upgrade-python2-six alma-upgrade-python2-sqlalchemy alma-upgrade-python2-test alma-upgrade-python2-tkinter alma-upgrade-python2-tools alma-upgrade-python2-urllib3 alma-upgrade-python2-virtualenv alma-upgrade-python2-wheel alma-upgrade-python2-wheel-wheel alma-upgrade-python3 alma-upgrade-python3-debug alma-upgrade-python3-devel alma-upgrade-python3-idle alma-upgrade-python3-libs alma-upgrade-python3-test alma-upgrade-python3-tkinter alma-upgrade-python3.11 alma-upgrade-python3.11-debug alma-upgrade-python3.11-devel alma-upgrade-python3.11-idle alma-upgrade-python3.11-libs alma-upgrade-python3.11-rpm-macros alma-upgrade-python3.11-test alma-upgrade-python3.11-tkinter alma-upgrade-python39 alma-upgrade-python39-attrs alma-upgrade-python39-cffi alma-upgrade-python39-chardet alma-upgrade-python39-cryptography alma-upgrade-python39-cython alma-upgrade-python39-debug alma-upgrade-python39-devel alma-upgrade-python39-idle alma-upgrade-python39-idna alma-upgrade-python39-iniconfig alma-upgrade-python39-libs alma-upgrade-python39-lxml alma-upgrade-python39-mod_wsgi alma-upgrade-python39-more-itertools alma-upgrade-python39-numpy alma-upgrade-python39-numpy-doc alma-upgrade-python39-numpy-f2py alma-upgrade-python39-packaging alma-upgrade-python39-pip alma-upgrade-python39-pip-wheel alma-upgrade-python39-pluggy alma-upgrade-python39-ply alma-upgrade-python39-psutil alma-upgrade-python39-psycopg2 alma-upgrade-python39-psycopg2-doc alma-upgrade-python39-psycopg2-tests alma-upgrade-python39-py alma-upgrade-python39-pybind11 alma-upgrade-python39-pybind11-devel alma-upgrade-python39-pycparser alma-upgrade-python39-pymysql alma-upgrade-python39-pyparsing alma-upgrade-python39-pysocks alma-upgrade-python39-pytest alma-upgrade-python39-pyyaml alma-upgrade-python39-requests alma-upgrade-python39-rpm-macros alma-upgrade-python39-scipy alma-upgrade-python39-setuptools alma-upgrade-python39-setuptools-wheel alma-upgrade-python39-six alma-upgrade-python39-test alma-upgrade-python39-tkinter alma-upgrade-python39-toml alma-upgrade-python39-urllib3 alma-upgrade-python39-wcwidth alma-upgrade-python39-wheel alma-upgrade-python39-wheel-wheel References https://attackerkb.com/topics/cve-2023-40217 CVE - 2023-40217 https://errata.almalinux.org/8/ALSA-2023-5463.html https://errata.almalinux.org/8/ALSA-2023-5994.html https://errata.almalinux.org/8/ALSA-2023-5997.html https://errata.almalinux.org/8/ALSA-2023-5998.html https://errata.almalinux.org/9/ALSA-2023-5456.html https://errata.almalinux.org/9/ALSA-2023-5462.html View more

Alpine Linux: CVE-2023-39742: Classic Buffer Overflow Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/25/2023 Created 03/22/2024 Added 03/26/2024 Modified 10/02/2024 Description giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. Solution(s) alpine-linux-upgrade-giflib References https://attackerkb.com/topics/cve-2023-39742 CVE - 2023-39742 https://security.alpinelinux.org/vuln/CVE-2023-39742

Rocky Linux: CVE-2023-40217: python3 (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 08/25/2023 Created 03/07/2024 Added 08/15/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Amazon Linux AMI 2: CVE-2023-4513: Security patch for wireshark (ALAS-2023-2267) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/24/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file Solution(s) amazon-linux-ami-2-upgrade-wireshark amazon-linux-ami-2-upgrade-wireshark-cli amazon-linux-ami-2-upgrade-wireshark-debuginfo amazon-linux-ami-2-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-4513 AL2/ALAS-2023-2267 CVE - 2023-4513