ISHACK AI BOT

OS X update for ImageIO (CVE-2023-32367) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for IOSurfaceAccelerator (CVE-2023-32369) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:C/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for IOSurface (CVE-2023-28202) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:C/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for IOSurface (CVE-2023-32382) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for IOSurface (CVE-2023-32389) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for GeoServices (CVE-2023-32352) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for ImageIO (CVE-2023-32422) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for ImageIO (CVE-2023-28204) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for ImageIO (CVE-2023-32375) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for SQLite (CVE-2023-32412) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for IOSurfaceAccelerator (CVE-2023-32394) Severity 2 CVSS (AV:L/AC:L/Au:N/C:P/I:N/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for LaunchServices (CVE-2023-32369) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:C/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Alma Linux: CVE-2023-32360: Important: cups security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 06/23/2023 Created 08/31/2023 Added 08/31/2023 Modified 01/28/2025 Description An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents. Solution(s) alma-upgrade-cups alma-upgrade-cups-client alma-upgrade-cups-devel alma-upgrade-cups-filesystem alma-upgrade-cups-ipptool alma-upgrade-cups-libs alma-upgrade-cups-lpd alma-upgrade-cups-printerapp References https://attackerkb.com/topics/cve-2023-32360 CVE - 2023-32360 https://errata.almalinux.org/8/ALSA-2023-4864.html https://errata.almalinux.org/9/ALSA-2023-4838.html

OS X update for LaunchServices (CVE-2023-32373) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Kernel (CVE-2022-46718) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 06/23/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Alma Linux: CVE-2023-3128: Moderate: grafana security and enhancement update (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/22/2023 Created 07/13/2023 Added 07/13/2023 Modified 01/28/2025 Description Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. Solution(s) alma-upgrade-grafana References https://attackerkb.com/topics/cve-2023-3128 CVE - 2023-3128 https://errata.almalinux.org/8/ALSA-2023-6972.html https://errata.almalinux.org/9/ALSA-2023-4030.html

VMware vCenter Server: CVE-2023-20893 (VMSA-2023-0014) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/22/2023 Created 06/27/2023 Added 06/27/2023 Modified 01/28/2025 Description The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server. Solution(s) vmware-vcenter-server-upgrade-latest References https://attackerkb.com/topics/cve-2023-20893 CVE - 2023-20893 https://www.vmware.com/security/advisories/VMSA-2023-0014

VMware vCenter Server: CVE-2023-20896 (VMSA-2023-0014) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 06/22/2023 Created 06/27/2023 Added 06/27/2023 Modified 01/28/2025 Description The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd). Solution(s) vmware-vcenter-server-upgrade-latest References https://attackerkb.com/topics/cve-2023-20896 CVE - 2023-20896 https://www.vmware.com/security/advisories/VMSA-2023-0014

SUSE: CVE-2023-3247: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 06/22/2023 Created 06/23/2023 Added 06/23/2023 Modified 01/28/2025 Description In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. Solution(s) suse-upgrade-apache2-mod_php7 suse-upgrade-apache2-mod_php74 suse-upgrade-apache2-mod_php8 suse-upgrade-php7 suse-upgrade-php7-bcmath suse-upgrade-php7-bz2 suse-upgrade-php7-calendar suse-upgrade-php7-cli suse-upgrade-php7-ctype suse-upgrade-php7-curl suse-upgrade-php7-dba suse-upgrade-php7-devel suse-upgrade-php7-dom suse-upgrade-php7-embed suse-upgrade-php7-enchant suse-upgrade-php7-exif suse-upgrade-php7-fastcgi suse-upgrade-php7-fileinfo suse-upgrade-php7-firebird suse-upgrade-php7-fpm suse-upgrade-php7-ftp suse-upgrade-php7-gd suse-upgrade-php7-gettext suse-upgrade-php7-gmp suse-upgrade-php7-iconv suse-upgrade-php7-intl suse-upgrade-php7-json suse-upgrade-php7-ldap suse-upgrade-php7-mbstring suse-upgrade-php7-mysql suse-upgrade-php7-odbc suse-upgrade-php7-opcache suse-upgrade-php7-openssl suse-upgrade-php7-pcntl suse-upgrade-php7-pdo suse-upgrade-php7-pgsql suse-upgrade-php7-phar suse-upgrade-php7-posix suse-upgrade-php7-readline suse-upgrade-php7-shmop suse-upgrade-php7-snmp suse-upgrade-php7-soap suse-upgrade-php7-sockets suse-upgrade-php7-sodium suse-upgrade-php7-sqlite suse-upgrade-php7-sysvmsg suse-upgrade-php7-sysvsem suse-upgrade-php7-sysvshm suse-upgrade-php7-test suse-upgrade-php7-tidy suse-upgrade-php7-tokenizer suse-upgrade-php7-xmlreader suse-upgrade-php7-xmlrpc suse-upgrade-php7-xmlwriter suse-upgrade-php7-xsl suse-upgrade-php7-zip suse-upgrade-php7-zlib suse-upgrade-php74 suse-upgrade-php74-bcmath suse-upgrade-php74-bz2 suse-upgrade-php74-calendar suse-upgrade-php74-ctype suse-upgrade-php74-curl suse-upgrade-php74-dba suse-upgrade-php74-devel suse-upgrade-php74-dom suse-upgrade-php74-enchant suse-upgrade-php74-exif suse-upgrade-php74-fastcgi suse-upgrade-php74-fileinfo suse-upgrade-php74-fpm suse-upgrade-php74-ftp suse-upgrade-php74-gd suse-upgrade-php74-gettext suse-upgrade-php74-gmp suse-upgrade-php74-iconv suse-upgrade-php74-intl suse-upgrade-php74-json suse-upgrade-php74-ldap suse-upgrade-php74-mbstring suse-upgrade-php74-mysql suse-upgrade-php74-odbc suse-upgrade-php74-opcache suse-upgrade-php74-openssl suse-upgrade-php74-pcntl suse-upgrade-php74-pdo suse-upgrade-php74-pgsql suse-upgrade-php74-phar suse-upgrade-php74-posix suse-upgrade-php74-readline suse-upgrade-php74-shmop suse-upgrade-php74-snmp suse-upgrade-php74-soap suse-upgrade-php74-sockets suse-upgrade-php74-sodium suse-upgrade-php74-sqlite suse-upgrade-php74-sysvmsg suse-upgrade-php74-sysvsem suse-upgrade-php74-sysvshm suse-upgrade-php74-tidy suse-upgrade-php74-tokenizer suse-upgrade-php74-xmlreader suse-upgrade-php74-xmlrpc suse-upgrade-php74-xmlwriter suse-upgrade-php74-xsl suse-upgrade-php74-zip suse-upgrade-php74-zlib suse-upgrade-php8 suse-upgrade-php8-bcmath suse-upgrade-php8-bz2 suse-upgrade-php8-calendar suse-upgrade-php8-cli suse-upgrade-php8-ctype suse-upgrade-php8-curl suse-upgrade-php8-dba suse-upgrade-php8-devel suse-upgrade-php8-dom suse-upgrade-php8-embed suse-upgrade-php8-enchant suse-upgrade-php8-exif suse-upgrade-php8-fastcgi suse-upgrade-php8-fileinfo suse-upgrade-php8-fpm suse-upgrade-php8-ftp suse-upgrade-php8-gd suse-upgrade-php8-gettext suse-upgrade-php8-gmp suse-upgrade-php8-iconv suse-upgrade-php8-intl suse-upgrade-php8-ldap suse-upgrade-php8-mbstring suse-upgrade-php8-mysql suse-upgrade-php8-odbc suse-upgrade-php8-opcache suse-upgrade-php8-openssl suse-upgrade-php8-pcntl suse-upgrade-php8-pdo suse-upgrade-php8-pgsql suse-upgrade-php8-phar suse-upgrade-php8-posix suse-upgrade-php8-readline suse-upgrade-php8-shmop suse-upgrade-php8-snmp suse-upgrade-php8-soap suse-upgrade-php8-sockets suse-upgrade-php8-sodium suse-upgrade-php8-sqlite suse-upgrade-php8-sysvmsg suse-upgrade-php8-sysvsem suse-upgrade-php8-sysvshm suse-upgrade-php8-test suse-upgrade-php8-tidy suse-upgrade-php8-tokenizer suse-upgrade-php8-xmlreader suse-upgrade-php8-xmlwriter suse-upgrade-php8-xsl suse-upgrade-php8-zip suse-upgrade-php8-zlib References https://attackerkb.com/topics/cve-2023-3247 CVE - 2023-3247

SUSE: CVE-2023-34241: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 06/22/2023 Created 06/23/2023 Added 06/23/2023 Modified 01/28/2025 Description OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue. Solution(s) suse-upgrade-cups suse-upgrade-cups-client suse-upgrade-cups-config suse-upgrade-cups-ddk suse-upgrade-cups-devel suse-upgrade-cups-devel-32bit suse-upgrade-cups-libs suse-upgrade-cups-libs-32bit suse-upgrade-libcups2 suse-upgrade-libcups2-32bit suse-upgrade-libcupscgi1 suse-upgrade-libcupscgi1-32bit suse-upgrade-libcupsimage2 suse-upgrade-libcupsimage2-32bit suse-upgrade-libcupsmime1 suse-upgrade-libcupsmime1-32bit suse-upgrade-libcupsppdc1 suse-upgrade-libcupsppdc1-32bit References https://attackerkb.com/topics/cve-2023-34241 CVE - 2023-34241

SUSE: CVE-2023-3128: SUSE Linux Security Advisory Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 06/22/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. Solution(s) suse-upgrade-grafana References https://attackerkb.com/topics/cve-2023-3128 CVE - 2023-3128

CentOS Linux: CVE-2023-34241: Moderate: cups security and bug fix update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 06/22/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue. Solution(s) centos-upgrade-cups centos-upgrade-cups-client centos-upgrade-cups-client-debuginfo centos-upgrade-cups-debuginfo centos-upgrade-cups-debugsource centos-upgrade-cups-devel centos-upgrade-cups-filesystem centos-upgrade-cups-ipptool centos-upgrade-cups-ipptool-debuginfo centos-upgrade-cups-libs centos-upgrade-cups-libs-debuginfo centos-upgrade-cups-lpd centos-upgrade-cups-lpd-debuginfo centos-upgrade-cups-printerapp centos-upgrade-cups-printerapp-debuginfo References CVE-2023-34241

SUSE: CVE-2023-32373: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/22/2023 Created 06/23/2023 Added 06/23/2023 Modified 01/28/2025 Description A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Solution(s) suse-upgrade-libjavascriptcoregtk-4_0-18 suse-upgrade-libjavascriptcoregtk-4_0-18-32bit suse-upgrade-libjavascriptcoregtk-4_1-0 suse-upgrade-libjavascriptcoregtk-4_1-0-32bit suse-upgrade-libjavascriptcoregtk-5_0-0 suse-upgrade-libwebkit2gtk-4_0-37 suse-upgrade-libwebkit2gtk-4_0-37-32bit suse-upgrade-libwebkit2gtk-4_1-0 suse-upgrade-libwebkit2gtk-4_1-0-32bit suse-upgrade-libwebkit2gtk-5_0-0 suse-upgrade-libwebkit2gtk3-lang suse-upgrade-typelib-1_0-javascriptcore-4_0 suse-upgrade-typelib-1_0-javascriptcore-4_1 suse-upgrade-typelib-1_0-javascriptcore-5_0 suse-upgrade-typelib-1_0-webkit2-4_0 suse-upgrade-typelib-1_0-webkit2-4_1 suse-upgrade-typelib-1_0-webkit2-5_0 suse-upgrade-typelib-1_0-webkit2webextension-4_0 suse-upgrade-typelib-1_0-webkit2webextension-4_1 suse-upgrade-typelib-1_0-webkit2webextension-5_0 suse-upgrade-webkit-jsc-4 suse-upgrade-webkit-jsc-4-1 suse-upgrade-webkit-jsc-5-0 suse-upgrade-webkit2gtk-4-0-lang suse-upgrade-webkit2gtk-4-1-lang suse-upgrade-webkit2gtk-4_0-injected-bundles suse-upgrade-webkit2gtk-4_1-injected-bundles suse-upgrade-webkit2gtk-5-0-lang suse-upgrade-webkit2gtk-5_0-injected-bundles suse-upgrade-webkit2gtk3-devel suse-upgrade-webkit2gtk3-minibrowser suse-upgrade-webkit2gtk3-soup2-devel suse-upgrade-webkit2gtk3-soup2-minibrowser suse-upgrade-webkit2gtk4-devel suse-upgrade-webkit2gtk4-minibrowser References https://attackerkb.com/topics/cve-2023-32373 CVE - 2023-32373

Amazon Linux AMI 2: CVE-2023-34241: Security patch for cups (ALAS-2023-2109) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 06/22/2023 Created 07/21/2023 Added 07/21/2023 Modified 01/28/2025 Description OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue. Solution(s) amazon-linux-ami-2-upgrade-cups amazon-linux-ami-2-upgrade-cups-client amazon-linux-ami-2-upgrade-cups-debuginfo amazon-linux-ami-2-upgrade-cups-devel amazon-linux-ami-2-upgrade-cups-filesystem amazon-linux-ami-2-upgrade-cups-ipptool amazon-linux-ami-2-upgrade-cups-libs amazon-linux-ami-2-upgrade-cups-lpd References https://attackerkb.com/topics/cve-2023-34241 AL2/ALAS-2023-2109 CVE - 2023-34241

Apache Tomcat: Important: Information disclosure (CVE-2023-34981) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 06/22/2023 Created 06/23/2023 Added 06/22/2023 Modified 01/28/2025 Description A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SEND_HEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy (mod_proxy_ajp) would use the response headers from the previous request leading to an information leak. Solution(s) apache-tomcat-upgrade-10_1_9 apache-tomcat-upgrade-8_5_89 apache-tomcat-upgrade-9_0_75 References https://attackerkb.com/topics/cve-2023-34981 CVE - 2023-34981 http://tomcat.apache.org/security-10.html http://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-9.html