ISHACK AI BOT

FreeBSD: VID-A0321B74-031D-485C-BB76-EDD75256A6F0 (CVE-2023-39151): jenkins -- Stored XSS vulnerability Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 07/26/2023 Created 07/28/2023 Added 07/27/2023 Modified 01/28/2025 Description Jenkins 2.415 and earlier, LTS 2.401.2 and earlier does not sanitize or properly encode URLs in build logs when transforming them into hyperlinks, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control build log contents. Solution(s) freebsd-upgrade-package-jenkins freebsd-upgrade-package-jenkins-lts References CVE-2023-39151

GameOver(lay) Privilege Escalation and Container Escape Disclosed 07/26/2023 Created 12/19/2024 Description This module exploits the use of unsafe functions in a number of Ubuntu kernels utilizing vunerable versions of overlayfs. To mitigate CVE-2021-3493 the Linux kernel added a call to vfs_setxattr during ovl_do_setxattr. Due to independent changes to the kernel by the Ubuntu development team __vfs_setxattr_noperm is called during ovl_do_setxattr without calling the intermediate safety function vfs_setxattr. Ultimatly this module allows for root access to be achieved by writing setuid capabilities to a file which are not sanitized after being unioned with the upper mounted directory. Author(s) g1vi h00die bwatters-r7 gardnerapp Platform Linux,Unix Development Source Code History

SUSE: CVE-2023-38285: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/26/2023 Created 09/26/2023 Added 09/26/2023 Modified 01/28/2025 Description Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity. Solution(s) suse-upgrade-libmodsecurity3 suse-upgrade-libmodsecurity3-32bit suse-upgrade-libmodsecurity3-64bit suse-upgrade-modsecurity suse-upgrade-modsecurity-devel References https://attackerkb.com/topics/cve-2023-38285 CVE - 2023-38285

JetBrains IntelliJ IDEA: CVE-2023-39261: Plugin for Space was requesting excessive permissions (IDEA-321747) Severity 3 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:N) Published 07/26/2023 Created 01/31/2025 Added 01/29/2025 Modified 02/05/2025 Description In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions Solution(s) jetbrains-intellij-idea-upgrade-latest References https://attackerkb.com/topics/cve-2023-39261 CVE - 2023-39261 https://www.jetbrains.com/privacy-security/issues-fixed/

Amazon Linux AMI: CVE-2023-30577: Security patch for amanda (ALAS-2023-1808) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/26/2023 Created 08/24/2023 Added 08/23/2023 Modified 01/28/2025 Description AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. Solution(s) amazon-linux-upgrade-amanda References ALAS-2023-1808 CVE-2023-30577

Debian: CVE-2023-30577: amanda -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 07/26/2023 Created 12/12/2023 Added 12/11/2023 Modified 01/28/2025 Description AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. Solution(s) debian-upgrade-amanda References https://attackerkb.com/topics/cve-2023-30577 CVE - 2023-30577 DLA-3681-1

SUSE: CVE-2023-3732: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/26/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Out of bounds memory access in Mojo in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3732 CVE - 2023-3732

SUSE: CVE-2023-3738: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/26/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Inappropriate implementation in Autofill in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3738 CVE - 2023-3738

SUSE: CVE-2023-3740: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 07/26/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Insufficient validation of untrusted input in Themes in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially serve malicious content to a user via a crafted background URL. (Chromium security severity: Low) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3740 CVE - 2023-3740

SUSE: CVE-2023-3728: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/26/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3728 CVE - 2023-3728

SUSE: CVE-2023-3736: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 07/26/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 115.0.5790.98 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3736 CVE - 2023-3736

OS X update for sips (CVE-2023-32443) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:C) Published 07/25/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-32443 CVE - 2023-32443 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845

OS X update for PackageKit (CVE-2023-38259) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 07/25/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to access user-sensitive data. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-38259 CVE - 2023-38259 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845

FreeBSD: VID-B1AC663F-3AA9-11EE-B887-B42E991FC52E (CVE-2023-38500): typo3 -- multiple vulnerabilities Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 07/25/2023 Created 08/16/2023 Added 08/15/2023 Modified 01/28/2025 Description TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP, aiming to provide cross-site-scripting-safe markup based on explicitly allowed tags, attributes and values. Starting in version 1.0.0 and prior to versions 1.5.1 and 2.1.2, due to an encoding issue in the serialization layer, malicious markup nested in a `noscript` element was not encoded correctly. `noscript` is disabled in the default configuration, but might have been enabled in custom scenarios. This allows bypassing the cross-site scripting mechanism of TYPO3 HTML Sanitizer. Versions 1.5.1 and 2.1.2 fix the problem. Solution(s) freebsd-upgrade-package-typo3-11-php80 freebsd-upgrade-package-typo3-11-php81 freebsd-upgrade-package-typo3-12-php80 freebsd-upgrade-package-typo3-12-php81 References CVE-2023-38500

FreeBSD: VID-B1AC663F-3AA9-11EE-B887-B42E991FC52E (CVE-2023-38499): typo3 -- multiple vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 07/25/2023 Created 08/16/2023 Added 08/15/2023 Modified 01/28/2025 Description TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site by adding handcrafted query parameters to the URL of a site that was publicly available. TYPO3 versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, 12.4.4 fix the problem. Solution(s) freebsd-upgrade-package-typo3-11-php80 freebsd-upgrade-package-typo3-11-php81 freebsd-upgrade-package-typo3-12-php80 freebsd-upgrade-package-typo3-12-php81 References CVE-2023-38499

OS X update for PackageKit (CVE-2023-38602) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 07/25/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-38602 CVE - 2023-38602 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845

OS X update for Kernel (CVE-2023-32433) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 07/25/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-32433 CVE - 2023-32433 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845

IBM AIX: python_advisory7 (CVE-2023-37920): Vulnerability in python affects AIX Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/25/2023 Created 12/23/2023 Added 12/22/2023 Modified 01/30/2025 Description Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. Solution(s) ibm-aix-python_advisory7 References https://attackerkb.com/topics/cve-2023-37920 CVE - 2023-37920 https://aix.software.ibm.com/aix/efixes/security/python_advisory7.asc

Ubuntu: USN-6842-1 (CVE-2023-39130): gdb vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 07/25/2023 Created 06/21/2024 Added 06/21/2024 Modified 01/28/2025 Description GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c. Solution(s) ubuntu-pro-upgrade-gdb ubuntu-pro-upgrade-gdbserver References https://attackerkb.com/topics/cve-2023-39130 CVE - 2023-39130 USN-6842-1

Oracle Linux: (CVE-2023-35944) (Multiple Advisories): olcne security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 07/25/2023 Created 09/07/2023 Added 09/06/2023 Modified 01/28/2025 Description Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTTP/2, however, some internal scheme checks are case-sensitive. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, this can lead to the rejection of requests with mixed-case schemes such as `htTp` or `htTps`, or the bypassing of some requests such as `https` in unencrypted connections. With a fix in versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, Envoy will now lowercase scheme values by default, and change the internal scheme checks that were case-sensitive to be case-insensitive. There are no known workarounds for this issue. Solution(s) oracle-linux-upgrade-istio oracle-linux-upgrade-istio-istioctl oracle-linux-upgrade-kubevirt oracle-linux-upgrade-olcne oracle-linux-upgrade-olcne-agent oracle-linux-upgrade-olcne-api-server oracle-linux-upgrade-olcne-calico-chart oracle-linux-upgrade-olcne-gluster-chart oracle-linux-upgrade-olcne-grafana-chart oracle-linux-upgrade-olcne-istio-chart oracle-linux-upgrade-olcne-kubevirt-chart oracle-linux-upgrade-olcne-metallb-chart oracle-linux-upgrade-olcne-multus-chart oracle-linux-upgrade-olcne-nginx oracle-linux-upgrade-olcne-oci-ccm-chart oracle-linux-upgrade-olcne-olm-chart oracle-linux-upgrade-olcne-prometheus-chart oracle-linux-upgrade-olcne-rook-chart oracle-linux-upgrade-olcne-utils oracle-linux-upgrade-olcnectl oracle-linux-upgrade-virtctl References CVE-2023-35944

Oracle Linux: (CVE-2023-35942) (Multiple Advisories): olcne security update Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 07/25/2023 Created 09/07/2023 Added 09/06/2023 Modified 01/28/2025 Description Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update. Solution(s) oracle-linux-upgrade-istio oracle-linux-upgrade-istio-istioctl oracle-linux-upgrade-kubevirt oracle-linux-upgrade-olcne oracle-linux-upgrade-olcne-agent oracle-linux-upgrade-olcne-api-server oracle-linux-upgrade-olcne-calico-chart oracle-linux-upgrade-olcne-gluster-chart oracle-linux-upgrade-olcne-grafana-chart oracle-linux-upgrade-olcne-istio-chart oracle-linux-upgrade-olcne-kubevirt-chart oracle-linux-upgrade-olcne-metallb-chart oracle-linux-upgrade-olcne-multus-chart oracle-linux-upgrade-olcne-nginx oracle-linux-upgrade-olcne-oci-ccm-chart oracle-linux-upgrade-olcne-olm-chart oracle-linux-upgrade-olcne-prometheus-chart oracle-linux-upgrade-olcne-rook-chart oracle-linux-upgrade-olcne-utils oracle-linux-upgrade-olcnectl oracle-linux-upgrade-virtctl References CVE-2023-35942

OS X update for Grapher (CVE-2023-32418) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 07/25/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-32418 CVE - 2023-32418 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845

OS X update for Grapher (CVE-2023-36854) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 07/25/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-36854 CVE - 2023-36854 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845

Azul Zulu: CVE-2023-22041: Vulnerability in the Hotspot component Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 07/25/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.Successful attacks of this vulnerability can result inunauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts).CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). Solution(s) azul-zulu-upgrade-latest References https://attackerkb.com/topics/cve-2023-22041 CVE - 2023-22041 https://www.azul.com/downloads/

Debian: CVE-2023-37327: gst-plugins-good1.0 -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 07/25/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of FLAC audio files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20775. Solution(s) debian-upgrade-gst-plugins-good1-0 References https://attackerkb.com/topics/cve-2023-37327 CVE - 2023-37327 DSA-5445-1