ISHACK AI BOT

Debian: CVE-2023-36661: xmltooling -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/25/2023 Created 07/04/2023 Added 07/04/2023 Modified 01/28/2025 Description Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.) Solution(s) debian-upgrade-xmltooling References https://attackerkb.com/topics/cve-2023-36661 CVE - 2023-36661 DLA-3464-1 DSA-5432 DSA-5432-1

Rapid7 Insight Agent: CVE-2023-36632: Uncontrolled Recursion Severity 4 CVSS (AV:L/AC:H/Au:N/C:N/I:N/A:C) Published 06/25/2023 Created 03/20/2024 Added 03/19/2024 Modified 04/23/2024 Description Rapid7 Insight Agent versions below 4.0.6.14 suffer from a Uncontrolled Recursion vulnerability. Solution(s) rapid7-insightagent-upgrade-4_0_6_14 References https://attackerkb.com/topics/cve-2023-36632 CVE - 2023-36632 https://docs.rapid7.com/release-notes/insightagent/20240314/

Huawei EulerOS: CVE-2023-36664: ghostscript security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/25/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). Solution(s) huawei-euleros-2_0_sp9-upgrade-ghostscript huawei-euleros-2_0_sp9-upgrade-ghostscript-help References https://attackerkb.com/topics/cve-2023-36664 CVE - 2023-36664 EulerOS-SA-2023-2895

Huawei EulerOS: CVE-2023-36664: ghostscript security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/25/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). Solution(s) huawei-euleros-2_0_sp10-upgrade-ghostscript huawei-euleros-2_0_sp10-upgrade-ghostscript-help References https://attackerkb.com/topics/cve-2023-36664 CVE - 2023-36664 EulerOS-SA-2023-2809

SUSE: CVE-2023-36661: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/25/2023 Created 07/04/2023 Added 07/04/2023 Modified 01/28/2025 Description Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.) Solution(s) suse-upgrade-libxmltooling-devel suse-upgrade-libxmltooling-lite9 suse-upgrade-libxmltooling6 suse-upgrade-libxmltooling7 suse-upgrade-libxmltooling9 suse-upgrade-xmltooling-schemas References https://attackerkb.com/topics/cve-2023-36661 CVE - 2023-36661 DSA-5432

Ubuntu: USN-6762-1 (CVE-2015-20109): GNU C Library vulnerabilities Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/25/2023 Created 05/03/2024 Added 05/03/2024 Modified 01/28/2025 Description end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue. Solution(s) ubuntu-pro-upgrade-libc6 References https://attackerkb.com/topics/cve-2015-20109 CVE - 2015-20109 USN-6762-1

SUSE: CVE-2023-36664: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/25/2023 Created 07/17/2023 Added 07/17/2023 Modified 01/28/2025 Description Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). Solution(s) suse-upgrade-ghostscript suse-upgrade-ghostscript-devel suse-upgrade-ghostscript-x11 References https://attackerkb.com/topics/cve-2023-36664 CVE - 2023-36664 DSA-5446

Oracle Database: Critical Patch Update - April 2024 (CVE-2023-36632) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/25/2023 Created 04/29/2024 Added 04/25/2024 Modified 01/30/2025 Description The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or email.parser.Parser class. NOTE: the vendor's perspective is that this is neither a vulnerability nor a bug. The email package is intended to have size limits and to throw an exception when limits are exceeded; they were exceeded by the example demonstration code. Solution(s) oracle-apply-apr-2024-cpu References https://attackerkb.com/topics/cve-2023-36632 CVE - 2023-36632 http://www.oracle.com/security-alerts/cpuapr2024.html https://support.oracle.com/rs?type=doc&id=3000005.1

Rocky Linux: CVE-2023-36664: ghostscript (RLSA-2023-5459) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/25/2023 Created 03/07/2024 Added 08/15/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Gentoo Linux: CVE-2023-36664: GPL Ghostscript: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 06/25/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/28/2025 Description Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). Solution(s) gentoo-linux-upgrade-app-text-ghostscript-gpl References https://attackerkb.com/topics/cve-2023-36664 CVE - 2023-36664 202309-03

Gentoo Linux: CVE-2023-36660: Nettle: Denial of Service Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/25/2023 Created 01/18/2024 Added 01/17/2024 Modified 01/28/2025 Description The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption. Solution(s) gentoo-linux-upgrade-dev-libs-nettle References https://attackerkb.com/topics/cve-2023-36660 CVE - 2023-36660 202401-24

Google Chrome Vulnerability: CVE-2023-3420 Type Confusion in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/27/2023 Created 06/27/2023 Added 06/27/2023 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2023-3420 CVE - 2023-3420 https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_26.html

SUSE: CVE-2023-1521: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/27/2023 Created 06/27/2023 Added 06/27/2023 Modified 02/28/2024 Description This CVE is addressed in the SUSE advisories SUSE-SU-2023:2637-1, SUSE-SU-2023:3526-1, CVE-2023-1521. Solution(s) suse-upgrade-sccache References https://attackerkb.com/topics/cve-2023-1521 CVE - 2023-1521 SUSE-SU-2023:2637-1 SUSE-SU-2023:3526-1

SUSE: CVE-2023-30590: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 06/27/2023 Created 06/28/2023 Added 06/28/2023 Modified 01/28/2025 Description The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: "Generates private and public Diffie-Hellman key values". The documented behavior is very different from the actual behavior, and this difference could easily lead to security issues in applications that use these APIs as the DiffieHellman may be used as the basis for application-level security, implications are consequently broad. Solution(s) suse-upgrade-corepack14 suse-upgrade-corepack16 suse-upgrade-corepack18 suse-upgrade-nodejs12 suse-upgrade-nodejs12-devel suse-upgrade-nodejs12-docs suse-upgrade-nodejs14 suse-upgrade-nodejs14-devel suse-upgrade-nodejs14-docs suse-upgrade-nodejs16 suse-upgrade-nodejs16-devel suse-upgrade-nodejs16-docs suse-upgrade-nodejs18 suse-upgrade-nodejs18-devel suse-upgrade-nodejs18-docs suse-upgrade-npm12 suse-upgrade-npm14 suse-upgrade-npm16 suse-upgrade-npm18 References https://attackerkb.com/topics/cve-2023-30590 CVE - 2023-30590

Debian: CVE-2023-36464: pypdf, pypdf2 -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 06/27/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request #969 and resolved in pull request #1828. Users are advised to upgrade. Users unable to upgrade may modify the line `while peek not in (b"\r", b"\n")` in `pypdf/generic/_data_structures.py` to `while peek not in (b"\r", b"\n", b"")`. Solution(s) debian-upgrade-pypdf debian-upgrade-pypdf2 References https://attackerkb.com/topics/cve-2023-36464 CVE - 2023-36464

SUSE: CVE-2023-30588: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 06/27/2023 Created 06/28/2023 Added 06/28/2023 Modified 01/28/2025 Description When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario. This vulnerability affects all active Node.js versions v16, v18, and, v20. Solution(s) suse-upgrade-corepack16 suse-upgrade-corepack18 suse-upgrade-nodejs16 suse-upgrade-nodejs16-devel suse-upgrade-nodejs16-docs suse-upgrade-nodejs18 suse-upgrade-nodejs18-devel suse-upgrade-nodejs18-docs suse-upgrade-npm16 suse-upgrade-npm18 References https://attackerkb.com/topics/cve-2023-30588 CVE - 2023-30588

Amazon Linux 2023: CVE-2024-0639: Important priority package update for kernel Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 06/27/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. Solution(s) amazon-linux-2023-upgrade-bpftool amazon-linux-2023-upgrade-bpftool-debuginfo amazon-linux-2023-upgrade-kernel amazon-linux-2023-upgrade-kernel-debuginfo amazon-linux-2023-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-2023-upgrade-kernel-debuginfo-common-x86-64 amazon-linux-2023-upgrade-kernel-devel amazon-linux-2023-upgrade-kernel-headers amazon-linux-2023-upgrade-kernel-libbpf amazon-linux-2023-upgrade-kernel-libbpf-devel amazon-linux-2023-upgrade-kernel-libbpf-static amazon-linux-2023-upgrade-kernel-livepatch-6-1-41-63-109 amazon-linux-2023-upgrade-kernel-tools amazon-linux-2023-upgrade-kernel-tools-debuginfo amazon-linux-2023-upgrade-kernel-tools-devel amazon-linux-2023-upgrade-perf amazon-linux-2023-upgrade-perf-debuginfo amazon-linux-2023-upgrade-python3-perf amazon-linux-2023-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-0639 CVE - 2024-0639 https://alas.aws.amazon.com/AL2023/ALAS-2023-299.html

SUSE: CVE-2023-30585: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 06/27/2023 Created 06/28/2023 Added 06/28/2023 Modified 01/28/2025 Description A vulnerability has been identified in the Node.js (.msi version) installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the "msiexec.exe" process, running under the NT AUTHORITY\SYSTEM context, attempts to read the %USERPROFILE% environment variable from the current user's registry. The issue arises when the path referenced by the %USERPROFILE% environment variable does not exist. In such cases, the "msiexec.exe" process attempts to create the specified path in an unsafe manner, potentially leading to the creation of arbitrary folders in arbitrary locations. The severity of this vulnerability is heightened by the fact that the %USERPROFILE% environment variable in the Windows registry can be modified by standard (or "non-privileged") users. Consequently, unprivileged actors, including malicious entities or trojans, can manipulate the environment variable key to deceive the privileged "msiexec.exe" process. This manipulation can result in the creation of folders in unintended and potentially malicious locations. It is important to note that this vulnerability is specific to Windows users who install Node.js using the .msi installer. Users who opt for other installation methods are not affected by this particular issue. Solution(s) suse-upgrade-corepack16 suse-upgrade-corepack18 suse-upgrade-nodejs16 suse-upgrade-nodejs16-devel suse-upgrade-nodejs16-docs suse-upgrade-nodejs18 suse-upgrade-nodejs18-devel suse-upgrade-nodejs18-docs suse-upgrade-npm16 suse-upgrade-npm18 References https://attackerkb.com/topics/cve-2023-30585 CVE - 2023-30585

Huawei EulerOS: CVE-2023-3327: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/27/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/10/2024 Description Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-35823. Reason: This candidate is a reservation duplicate of CVE-2023-35823. Notes: All CVE users should reference CVE-2023-35823 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Solution(s) huawei-euleros-2_0_sp11-upgrade-bpftool huawei-euleros-2_0_sp11-upgrade-kernel huawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp11-upgrade-kernel-tools huawei-euleros-2_0_sp11-upgrade-kernel-tools-libs huawei-euleros-2_0_sp11-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-3327 CVE - 2023-3327 EulerOS-SA-2023-2860

Alpine Linux: CVE-2023-3436: Improper Locking Severity 2 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:P) Published 06/27/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream. Solution(s) alpine-linux-upgrade-xpdf References https://attackerkb.com/topics/cve-2023-3436 CVE - 2023-3436 https://security.alpinelinux.org/vuln/CVE-2023-3436

Debian: CVE-2023-3422: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/26/2023 Created 07/04/2023 Added 07/04/2023 Modified 01/28/2025 Description Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3422 CVE - 2023-3422 DSA-5440-1

FreeBSD: (Multiple Advisories) (CVE-2023-3422): electron22 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/26/2023 Created 06/28/2023 Added 06/27/2023 Modified 01/28/2025 Description Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron22 freebsd-upgrade-package-electron23 freebsd-upgrade-package-electron24 freebsd-upgrade-package-ungoogled-chromium References CVE-2023-3422

FreeBSD: (Multiple Advisories) (CVE-2023-3420): electron22 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/26/2023 Created 06/28/2023 Added 06/27/2023 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron22 freebsd-upgrade-package-electron23 freebsd-upgrade-package-electron24 freebsd-upgrade-package-ungoogled-chromium References CVE-2023-3420

Gentoo Linux: CVE-2023-3421: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/26/2023 Created 02/02/2024 Added 02/01/2024 Modified 01/28/2025 Description Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-3421 CVE - 2023-3421 202401-34

FreeBSD: (Multiple Advisories) (CVE-2023-3421): electron22 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/26/2023 Created 06/28/2023 Added 06/27/2023 Modified 01/28/2025 Description Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron22 freebsd-upgrade-package-electron23 freebsd-upgrade-package-electron24 freebsd-upgrade-package-ungoogled-chromium References CVE-2023-3421