ISHACK AI BOT

Debian: CVE-2023-37378: nsis -- security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 07/03/2023 Created 07/10/2023 Added 07/10/2023 Modified 01/28/2025 Description Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory. Solution(s) debian-upgrade-nsis References https://attackerkb.com/topics/cve-2023-37378 CVE - 2023-37378 DLA-3483-1

Debian: CVE-2023-30589: nodejs -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/01/2023 Created 01/04/2024 Added 01/03/2024 Modified 01/30/2025 Description The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 Solution(s) debian-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-30589 CVE - 2023-30589 DSA-5589-1

Debian: CVE-2023-26136: node-tough-cookie -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/01/2023 Created 07/17/2023 Added 07/17/2023 Modified 01/28/2025 Description Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. Solution(s) debian-upgrade-node-tough-cookie References https://attackerkb.com/topics/cve-2023-26136 CVE - 2023-26136 DLA-3488-1

CentOS Linux: CVE-2023-30589: Moderate: nodejs:18 security, bug fix, and enhancement update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/01/2023 Created 08/02/2023 Added 08/01/2023 Modified 01/28/2025 Description The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 Solution(s) centos-upgrade-nodejs centos-upgrade-nodejs-debuginfo centos-upgrade-nodejs-debugsource centos-upgrade-nodejs-devel centos-upgrade-nodejs-docs centos-upgrade-nodejs-full-i18n centos-upgrade-nodejs-libs centos-upgrade-nodejs-libs-debuginfo centos-upgrade-nodejs-nodemon centos-upgrade-nodejs-packaging centos-upgrade-nodejs-packaging-bundler centos-upgrade-npm References CVE-2023-30589

Red Hat: CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/01/2023 Created 08/02/2023 Added 08/01/2023 Modified 01/30/2025 Description The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 Solution(s) redhat-upgrade-nodejs redhat-upgrade-nodejs-debuginfo redhat-upgrade-nodejs-debugsource redhat-upgrade-nodejs-devel redhat-upgrade-nodejs-docs redhat-upgrade-nodejs-full-i18n redhat-upgrade-nodejs-libs redhat-upgrade-nodejs-libs-debuginfo redhat-upgrade-nodejs-nodemon redhat-upgrade-nodejs-packaging redhat-upgrade-nodejs-packaging-bundler redhat-upgrade-npm References CVE-2023-30589 RHSA-2023:4330 RHSA-2023:4331 RHSA-2023:4536 RHSA-2023:4537 RHSA-2023:5361 RHSA-2023:5533 View more

OpenNMS Horizon Authenticated RCE Disclosed 07/01/2023 Created 03/21/2024 Description This module exploits built-in functionality in OpenNMS Horizon in order to execute arbitrary commands as the opennms user. For versions 32.0.2 and higher, this module requires valid credentials for a user with ROLE_FILESYSTEM_EDITOR privileges and either ROLE_ADMIN or ROLE_REST. For versions 32.0.1 and lower, credentials are required for a user with ROLE_FILESYSTEM_EDITOR, ROLE_REST, and/or ROLE_ADMIN privileges. In that case, the module will automatically escalate privileges via CVE-2023-40315 or CVE-2023-0872 if necessary. This module has been successfully tested against OpenNMS version 31.0.7 Author(s) Erik Wynter Platform Linux Architectures ARCH_CMD Development Source Code History

Rocky Linux: CVE-2023-30589: nodejs-16 (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/01/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/30/2025 Description The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 Solution(s) rocky-upgrade-nodejs rocky-upgrade-nodejs-debuginfo rocky-upgrade-nodejs-debugsource rocky-upgrade-nodejs-devel rocky-upgrade-nodejs-full-i18n rocky-upgrade-npm References https://attackerkb.com/topics/cve-2023-30589 CVE - 2023-30589 https://errata.rockylinux.org/RLSA-2023:4536 https://errata.rockylinux.org/RLSA-2023:4537

Red Hat JBossEAP: Prototype Pollution (CVE-2023-26136) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 07/01/2023 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.. A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2023-26136 CVE - 2023-26136 https://access.redhat.com/security/cve/CVE-2023-26136 https://bugzilla.redhat.com/show_bug.cgi?id=2219310 https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e https://github.com/salesforce/tough-cookie/issues/282 https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3 https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873 https://access.redhat.com/errata/RHSA-2023:5484 https://access.redhat.com/errata/RHSA-2023:5485 https://access.redhat.com/errata/RHSA-2023:5486 https://access.redhat.com/errata/RHSA-2023:5488 View more

OpenTSDB 2.4.1 unauthenticated command injection Disclosed 07/01/2023 Created 09/08/2023 Description This module exploits an unauthenticated command injection vulnerability in the key parameter in OpenTSDB through 2.4.1 (CVE-2023-36812/CVE-2023-25826) in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If the version is 2.4.1 or lower, the module performs additional checks to obtain the configured metrics and aggregators. It then randomly selects one metric and one aggregator and uses those to instruct the target server to plot a graph. As part of this request, the key parameter is set to the payload, which will then be executed by the target if the latter is vulnerable. This module has been successfully tested against OpenTSDB version 2.4.1. Author(s) Gal Goldstein Daniel Abeles Erik Wynter Platform Linux Architectures ARCH_CMD Development Source Code History

Alma Linux: CVE-2023-30589: Moderate: nodejs:18 security, bug fix, and enhancement update (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/01/2023 Created 08/03/2023 Added 08/03/2023 Modified 01/30/2025 Description The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 Solution(s) alma-upgrade-nodejs alma-upgrade-nodejs-devel alma-upgrade-nodejs-docs alma-upgrade-nodejs-full-i18n alma-upgrade-nodejs-libs alma-upgrade-nodejs-nodemon alma-upgrade-nodejs-packaging alma-upgrade-nodejs-packaging-bundler alma-upgrade-npm References https://attackerkb.com/topics/cve-2023-30589 CVE - 2023-30589 https://errata.almalinux.org/8/ALSA-2023-4536.html https://errata.almalinux.org/8/ALSA-2023-4537.html https://errata.almalinux.org/9/ALSA-2023-4330.html https://errata.almalinux.org/9/ALSA-2023-4331.html

Gentoo Linux: CVE-2023-30589: Node.js: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/01/2023 Created 05/10/2024 Added 05/10/2024 Modified 01/30/2025 Description The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 Solution(s) gentoo-linux-upgrade-net-libs-nodejs References https://attackerkb.com/topics/cve-2023-30589 CVE - 2023-30589 202405-29

Gentoo Linux: CVE-2023-30586: Node.js: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/01/2023 Created 05/10/2024 Added 05/10/2024 Modified 01/30/2025 Description A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine() API can be used to bypass the permission model when called with a compatible OpenSSL engine. The OpenSSL engine can, for example, disable the permission model in the host process by manipulating the process's stack memory to locate the permission model Permission::enabled_ in the host process's heap memory. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. Solution(s) gentoo-linux-upgrade-net-libs-nodejs References https://attackerkb.com/topics/cve-2023-30586 CVE - 2023-30586 202405-29

Ubuntu: USN-6735-1 (CVE-2023-30589): Node.js vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 07/01/2023 Created 04/17/2024 Added 04/17/2024 Modified 01/30/2025 Description The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 Solution(s) ubuntu-upgrade-libnode-dev ubuntu-upgrade-libnode108 ubuntu-upgrade-nodejs ubuntu-upgrade-nodejs-doc References https://attackerkb.com/topics/cve-2023-30589 CVE - 2023-30589 USN-6735-1

Red Hat OpenShift: CVE-2023-2728: kube-apiserver: Bypassing enforce mountable secrets policy imposed by theServiceAccount admission plugin Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:N) Published 07/03/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers. Solution(s) linuxrpm-upgrade-buildah linuxrpm-upgrade-butane linuxrpm-upgrade-catch linuxrpm-upgrade-conmon linuxrpm-upgrade-container-selinux linuxrpm-upgrade-containernetworking-plugins linuxrpm-upgrade-containers-common linuxrpm-upgrade-coreos-installer linuxrpm-upgrade-cri-o linuxrpm-upgrade-cri-tools linuxrpm-upgrade-crun linuxrpm-upgrade-crun-wasm linuxrpm-upgrade-fmt linuxrpm-upgrade-golang-github-prometheus-promu linuxrpm-upgrade-google-benchmark linuxrpm-upgrade-gtest linuxrpm-upgrade-haproxy linuxrpm-upgrade-ignition linuxrpm-upgrade-kata-containers linuxrpm-upgrade-kernel linuxrpm-upgrade-kernel-rt linuxrpm-upgrade-microshift linuxrpm-upgrade-nmstate linuxrpm-upgrade-openshift linuxrpm-upgrade-openshift-ansible linuxrpm-upgrade-openshift-clients linuxrpm-upgrade-openshift-kuryr linuxrpm-upgrade-openshift4-aws-iso linuxrpm-upgrade-openstack-ironic linuxrpm-upgrade-openstack-ironic-inspector linuxrpm-upgrade-openstack-ironic-python-agent linuxrpm-upgrade-ovn23-09 linuxrpm-upgrade-podman linuxrpm-upgrade-python-automaton linuxrpm-upgrade-python-cinderclient linuxrpm-upgrade-python-cliff linuxrpm-upgrade-python-debtcollector linuxrpm-upgrade-python-decorator linuxrpm-upgrade-python-dracclient linuxrpm-upgrade-python-fixtures linuxrpm-upgrade-python-futurist linuxrpm-upgrade-python-glanceclient linuxrpm-upgrade-python-hardware linuxrpm-upgrade-python-ironic-lib linuxrpm-upgrade-python-ironic-prometheus-exporter linuxrpm-upgrade-python-keystoneauth1 linuxrpm-upgrade-python-keystoneclient linuxrpm-upgrade-python-keystonemiddleware linuxrpm-upgrade-python-openstacksdk linuxrpm-upgrade-python-os-service-types linuxrpm-upgrade-python-os-traits linuxrpm-upgrade-python-osc-lib linuxrpm-upgrade-python-oslo-cache linuxrpm-upgrade-python-oslo-concurrency linuxrpm-upgrade-python-oslo-config linuxrpm-upgrade-python-oslo-context linuxrpm-upgrade-python-oslo-db linuxrpm-upgrade-python-oslo-i18n linuxrpm-upgrade-python-oslo-log linuxrpm-upgrade-python-oslo-messaging linuxrpm-upgrade-python-oslo-middleware linuxrpm-upgrade-python-oslo-policy linuxrpm-upgrade-python-oslo-rootwrap linuxrpm-upgrade-python-oslo-serialization linuxrpm-upgrade-python-oslo-service linuxrpm-upgrade-python-oslo-upgradecheck linuxrpm-upgrade-python-oslo-utils linuxrpm-upgrade-python-oslo-versionedobjects linuxrpm-upgrade-python-osprofiler linuxrpm-upgrade-python-pbr linuxrpm-upgrade-python-proliantutils linuxrpm-upgrade-python-pycadf linuxrpm-upgrade-python-requestsexceptions linuxrpm-upgrade-python-scciclient linuxrpm-upgrade-python-stevedore linuxrpm-upgrade-python-sushy linuxrpm-upgrade-python-sushy-oem-idrac linuxrpm-upgrade-python-swiftclient linuxrpm-upgrade-python-tenacity linuxrpm-upgrade-python-tooz linuxrpm-upgrade-python-wrapt linuxrpm-upgrade-runc linuxrpm-upgrade-rust-afterburn linuxrpm-upgrade-skopeo linuxrpm-upgrade-spdlog linuxrpm-upgrade-toolbox linuxrpm-upgrade-wasmedge References https://attackerkb.com/topics/cve-2023-2728 CVE - 2023-2728 RHSA-2023:5008 RHSA-2023:5009

FreeBSD: VID-4EE7FA77-19A6-11EE-8A05-080027EDA32C (CVE-2023-36053): Django -- multiple vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/01/2023 Created 07/04/2023 Added 07/03/2023 Modified 01/28/2025 Description In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. Solution(s) freebsd-upgrade-package-py310-django32 freebsd-upgrade-package-py310-django41 freebsd-upgrade-package-py310-django42 freebsd-upgrade-package-py311-django32 freebsd-upgrade-package-py311-django41 freebsd-upgrade-package-py311-django42 freebsd-upgrade-package-py38-django32 freebsd-upgrade-package-py38-django41 freebsd-upgrade-package-py38-django42 freebsd-upgrade-package-py39-django32 freebsd-upgrade-package-py39-django41 freebsd-upgrade-package-py39-django42 References CVE-2023-36053

Oracle Linux: CVE-2023-3247: ELSA-2023-5927:php:8.0 security update (IMPORTANT) (Multiple Advisories) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 07/03/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/08/2025 Description In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. A vulnerability was found in PHP where the weak randomness affects applications that use SOAP with HTTP Digest authentication against a possibly malicious server over HTTP allows a remote authenticated attackers to cause a stack information leak. Solution(s) oracle-linux-upgrade-apcu-panel oracle-linux-upgrade-libzip oracle-linux-upgrade-libzip-devel oracle-linux-upgrade-libzip-tools oracle-linux-upgrade-php oracle-linux-upgrade-php-bcmath oracle-linux-upgrade-php-cli oracle-linux-upgrade-php-common oracle-linux-upgrade-php-dba oracle-linux-upgrade-php-dbg oracle-linux-upgrade-php-devel oracle-linux-upgrade-php-embedded oracle-linux-upgrade-php-enchant oracle-linux-upgrade-php-ffi oracle-linux-upgrade-php-fpm oracle-linux-upgrade-php-gd oracle-linux-upgrade-php-gmp oracle-linux-upgrade-php-intl oracle-linux-upgrade-php-json oracle-linux-upgrade-php-ldap oracle-linux-upgrade-php-mbstring oracle-linux-upgrade-php-mysqlnd oracle-linux-upgrade-php-odbc oracle-linux-upgrade-php-opcache oracle-linux-upgrade-php-pdo oracle-linux-upgrade-php-pear oracle-linux-upgrade-php-pecl-apcu oracle-linux-upgrade-php-pecl-apcu-devel oracle-linux-upgrade-php-pecl-rrd oracle-linux-upgrade-php-pecl-xdebug oracle-linux-upgrade-php-pecl-xdebug3 oracle-linux-upgrade-php-pecl-zip oracle-linux-upgrade-php-pgsql oracle-linux-upgrade-php-process oracle-linux-upgrade-php-snmp oracle-linux-upgrade-php-soap oracle-linux-upgrade-php-xml oracle-linux-upgrade-php-xmlrpc References https://attackerkb.com/topics/cve-2023-3247 CVE - 2023-3247 ELSA-2023-5927 ELSA-2023-5926 ELSA-2024-0387 ELSA-2024-10952

Oracle Linux: (CVE-2023-2727) (Multiple Advisories): olcne security update Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:N) Published 07/03/2023 Created 05/22/2024 Added 05/21/2024 Modified 01/28/2025 Description Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers. Solution(s) oracle-linux-upgrade-kubeadm oracle-linux-upgrade-kubectl oracle-linux-upgrade-kubelet oracle-linux-upgrade-kubernetes oracle-linux-upgrade-olcne oracle-linux-upgrade-olcne-agent oracle-linux-upgrade-olcne-api-server oracle-linux-upgrade-olcne-calico-chart oracle-linux-upgrade-olcne-extra-modules oracle-linux-upgrade-olcne-gluster-chart oracle-linux-upgrade-olcne-grafana-chart oracle-linux-upgrade-olcne-istio-chart oracle-linux-upgrade-olcne-kubevirt-chart oracle-linux-upgrade-olcne-metallb-chart oracle-linux-upgrade-olcne-multus-chart oracle-linux-upgrade-olcne-nginx oracle-linux-upgrade-olcne-oci-ccm-chart oracle-linux-upgrade-olcne-olm-chart oracle-linux-upgrade-olcne-prometheus-chart oracle-linux-upgrade-olcne-rook-chart oracle-linux-upgrade-olcne-utils oracle-linux-upgrade-olcnectl oracle-linux-upgrade-yq References CVE-2023-2727

Oracle Linux: (CVE-2023-2728) (Multiple Advisories): olcne security update Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:N) Published 07/03/2023 Created 05/22/2024 Added 05/21/2024 Modified 01/28/2025 Description Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers. Solution(s) oracle-linux-upgrade-kubeadm oracle-linux-upgrade-kubectl oracle-linux-upgrade-kubelet oracle-linux-upgrade-kubernetes oracle-linux-upgrade-olcne oracle-linux-upgrade-olcne-agent oracle-linux-upgrade-olcne-api-server oracle-linux-upgrade-olcne-calico-chart oracle-linux-upgrade-olcne-extra-modules oracle-linux-upgrade-olcne-gluster-chart oracle-linux-upgrade-olcne-grafana-chart oracle-linux-upgrade-olcne-istio-chart oracle-linux-upgrade-olcne-kubevirt-chart oracle-linux-upgrade-olcne-metallb-chart oracle-linux-upgrade-olcne-multus-chart oracle-linux-upgrade-olcne-nginx oracle-linux-upgrade-olcne-oci-ccm-chart oracle-linux-upgrade-olcne-olm-chart oracle-linux-upgrade-olcne-prometheus-chart oracle-linux-upgrade-olcne-rook-chart oracle-linux-upgrade-olcne-utils oracle-linux-upgrade-olcnectl oracle-linux-upgrade-yq References CVE-2023-2728

Alpine Linux: CVE-2023-36183: Classic Buffer Overflow Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 07/03/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function. Solution(s) alpine-linux-upgrade-openimageio References https://attackerkb.com/topics/cve-2023-36183 CVE - 2023-36183 https://security.alpinelinux.org/vuln/CVE-2023-36183

Amazon Linux 2023: CVE-2023-3247: Medium priority package update for php8.1 (Multiple Advisories) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 07/03/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. A vulnerability was found in PHP where the weak randomness affects applications that use SOAP with HTTP Digest authentication against a possibly malicious server over HTTP allows a remote authenticated attackers to cause a stack information leak. Solution(s) amazon-linux-2023-upgrade-php8-1 amazon-linux-2023-upgrade-php8-1-bcmath amazon-linux-2023-upgrade-php8-1-bcmath-debuginfo amazon-linux-2023-upgrade-php8-1-cli amazon-linux-2023-upgrade-php8-1-cli-debuginfo amazon-linux-2023-upgrade-php8-1-common amazon-linux-2023-upgrade-php8-1-common-debuginfo amazon-linux-2023-upgrade-php8-1-dba amazon-linux-2023-upgrade-php8-1-dba-debuginfo amazon-linux-2023-upgrade-php8-1-dbg amazon-linux-2023-upgrade-php8-1-dbg-debuginfo amazon-linux-2023-upgrade-php8-1-debuginfo amazon-linux-2023-upgrade-php8-1-debugsource amazon-linux-2023-upgrade-php8-1-devel amazon-linux-2023-upgrade-php8-1-embedded amazon-linux-2023-upgrade-php8-1-embedded-debuginfo amazon-linux-2023-upgrade-php8-1-enchant amazon-linux-2023-upgrade-php8-1-enchant-debuginfo amazon-linux-2023-upgrade-php8-1-ffi amazon-linux-2023-upgrade-php8-1-ffi-debuginfo amazon-linux-2023-upgrade-php8-1-fpm amazon-linux-2023-upgrade-php8-1-fpm-debuginfo amazon-linux-2023-upgrade-php8-1-gd amazon-linux-2023-upgrade-php8-1-gd-debuginfo amazon-linux-2023-upgrade-php8-1-gmp amazon-linux-2023-upgrade-php8-1-gmp-debuginfo amazon-linux-2023-upgrade-php8-1-intl amazon-linux-2023-upgrade-php8-1-intl-debuginfo amazon-linux-2023-upgrade-php8-1-ldap amazon-linux-2023-upgrade-php8-1-ldap-debuginfo amazon-linux-2023-upgrade-php8-1-mbstring amazon-linux-2023-upgrade-php8-1-mbstring-debuginfo amazon-linux-2023-upgrade-php8-1-mysqlnd amazon-linux-2023-upgrade-php8-1-mysqlnd-debuginfo amazon-linux-2023-upgrade-php8-1-odbc amazon-linux-2023-upgrade-php8-1-odbc-debuginfo amazon-linux-2023-upgrade-php8-1-opcache amazon-linux-2023-upgrade-php8-1-opcache-debuginfo amazon-linux-2023-upgrade-php8-1-pdo amazon-linux-2023-upgrade-php8-1-pdo-debuginfo amazon-linux-2023-upgrade-php8-1-pgsql amazon-linux-2023-upgrade-php8-1-pgsql-debuginfo amazon-linux-2023-upgrade-php8-1-process amazon-linux-2023-upgrade-php8-1-process-debuginfo amazon-linux-2023-upgrade-php8-1-pspell amazon-linux-2023-upgrade-php8-1-pspell-debuginfo amazon-linux-2023-upgrade-php8-1-snmp amazon-linux-2023-upgrade-php8-1-snmp-debuginfo amazon-linux-2023-upgrade-php8-1-soap amazon-linux-2023-upgrade-php8-1-soap-debuginfo amazon-linux-2023-upgrade-php8-1-tidy amazon-linux-2023-upgrade-php8-1-tidy-debuginfo amazon-linux-2023-upgrade-php8-1-xml amazon-linux-2023-upgrade-php8-1-xml-debuginfo References https://attackerkb.com/topics/cve-2023-3247 CVE - 2023-3247 https://alas.aws.amazon.com/AL2023/ALAS-2023-303.html https://alas.aws.amazon.com/AL2023/ALAS-2023-325.html

Debian: CVE-2023-36183: openimageio -- security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 07/03/2023 Created 08/09/2023 Added 08/08/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function. Solution(s) debian-upgrade-openimageio References https://attackerkb.com/topics/cve-2023-36183 CVE - 2023-36183 DLA-3518-1

Debian: CVE-2023-36053: python-django -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 07/03/2023 Created 07/25/2023 Added 07/24/2023 Modified 01/28/2025 Description In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. Solution(s) debian-upgrade-python-django References https://attackerkb.com/topics/cve-2023-36053 CVE - 2023-36053 DLA-3500-1 DSA-5465

7-Zip: CVE-2023-52168: Heap-based Buffer Overflow Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 07/03/2023 Created 07/31/2024 Added 07/30/2024 Modified 07/31/2024 Description The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc. Solution(s) 7-zip-7-zip-upgrade-latest References https://attackerkb.com/topics/cve-2023-52168 CVE - 2023-52168 https://nvd.nist.gov/vuln/detail/CVE-2023-52168 https://www.7-zip.org/download.html

Alpine Linux: CVE-2023-2728: Vulnerability in Multiple Components Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:N) Published 07/03/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers. Solution(s) alpine-linux-upgrade-k3s References https://attackerkb.com/topics/cve-2023-2728 CVE - 2023-2728 https://security.alpinelinux.org/vuln/CVE-2023-2728

Debian: CVE-2020-22597: iotjs -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 07/03/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description An issue in Jerrscript- project Jerryscrip v. 2.3.0 allows a remote attacker to execute arbitrary code via the ecma_builtin_array_prototype_object_slice parameter. Solution(s) debian-upgrade-iotjs References https://attackerkb.com/topics/cve-2020-22597 CVE - 2020-22597