ISHACK AI BOT

F5 Networks: CVE-2023-32762: K000148689: Qt vulnerability CVE-2023-32762 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 05/28/2023 Created 12/04/2024 Added 12/03/2024 Modified 01/28/2025 Description An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-32762 CVE - 2023-32762 https://my.f5.com/manage/s/article/K000148689

F5 Networks: CVE-2023-38197: K000148809: Qt vulnerabilities CVE-2023-38197 and CVE-2023-37369 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/28/2023 Created 12/04/2024 Added 12/03/2024 Modified 01/22/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-37369 CVE - 2023-37369 CVE - 2023-38197 https://my.f5.com/manage/s/article/K000148809

F5 Networks: CVE-2023-32763: K000148809: Qt vulnerabilities CVE-2023-38197, CVE-2023-37369, and CVE-2023-32763 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/28/2023 Created 12/04/2024 Added 12/03/2024 Modified 12/03/2024 Description An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-32763 CVE - 2023-32763 CVE - 2023-37369 CVE - 2023-38197 https://my.f5.com/manage/s/article/K000148809

F5 Networks: CVE-2023-37369: K000148809: Qt vulnerabilities CVE-2023-38197 and CVE-2023-37369 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/28/2023 Created 12/04/2024 Added 12/03/2024 Modified 01/22/2025 Description In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-37369 CVE - 2023-37369 CVE - 2023-38197 https://my.f5.com/manage/s/article/K000148809

Debian: CVE-2015-20108: ruby-saml -- security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/27/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used. Solution(s) debian-upgrade-ruby-saml References https://attackerkb.com/topics/cve-2015-20108 CVE - 2015-20108

Debian: CVE-2023-32695: node-socket.io-parser -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/27/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3. Solution(s) debian-upgrade-node-socket-io-parser References https://attackerkb.com/topics/cve-2023-32695 CVE - 2023-32695

Alpine Linux: CVE-2023-32323: Improper Input Validation Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:P) Published 05/26/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disabled are not affected. In versions of Synapse up to and including 1.73, Synapse did not limit the size of `invite_room_state`, meaning that it was possible to create an arbitrarily large invite event. Synapse 1.74 refuses to create oversized `invite_room_state` fields. Server operators should upgrade to Synapse 1.74 or newer urgently. Solution(s) alpine-linux-upgrade-synapse References https://attackerkb.com/topics/cve-2023-32323 CVE - 2023-32323 https://security.alpinelinux.org/vuln/CVE-2023-32323

Debian: CVE-2023-32307: sofia-sip -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/26/2023 Created 06/05/2023 Added 06/05/2023 Modified 01/28/2025 Description Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. The previous patch of [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54) fixed the vulnerability when attr_type did not match the enum value, but there are also vulnerabilities in the handling of other valid cases. The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. These issue have been addressed in version 1.13.15. Users are advised to upgrade. Solution(s) debian-upgrade-sofia-sip References https://attackerkb.com/topics/cve-2023-32307 CVE - 2023-32307 DLA-3441-1

Debian: CVE-2023-2855: wireshark -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/26/2023 Created 10/20/2023 Added 10/19/2023 Modified 01/28/2025 Description Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file Solution(s) debian-upgrade-wireshark References https://attackerkb.com/topics/cve-2023-2855 CVE - 2023-2855 DSA-5429 DSA-5429-1

Rocky Linux: CVE-2023-2283: libssh (RLSA-2023-3839) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 05/26/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK. Solution(s) rocky-upgrade-libssh rocky-upgrade-libssh-debuginfo rocky-upgrade-libssh-debugsource rocky-upgrade-libssh-devel References https://attackerkb.com/topics/cve-2023-2283 CVE - 2023-2283 https://errata.rockylinux.org/RLSA-2023:3839

Ubuntu: (Multiple Advisories) (CVE-2023-28321): curl vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 05/26/2023 Created 07/20/2023 Added 07/20/2023 Modified 01/30/2025 Description An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. Solution(s) ubuntu-pro-upgrade-curl ubuntu-pro-upgrade-libcurl3 ubuntu-pro-upgrade-libcurl3-gnutls ubuntu-pro-upgrade-libcurl3-nss ubuntu-pro-upgrade-libcurl4 References https://attackerkb.com/topics/cve-2023-28321 CVE - 2023-28321 USN-6237-1 USN-6237-2 USN-6237-3

VMware Photon OS: CVE-2023-1667 Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 05/26/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1667 CVE - 2023-1667

FreeBSD: VID-9BCFF2C4-1779-11EF-B489-B42E991FC52E (CVE-2023-32315): Openfire administration console authentication bypass Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 05/26/2023 Created 05/24/2024 Added 05/22/2024 Modified 01/28/2025 Description Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment to access restricted pages in the Openfire Admin Console reserved for administrative users. This vulnerability affects all versions of Openfire that have been released since April 2015, starting with version 3.10.0. The problem has been patched in Openfire release 4.7.5 and 4.6.8, and further improvements will be included in the yet-to-be released first version on the 4.8 branch (which is expected to be version 4.8.0). Users are advised to upgrade. If an Openfire upgrade isn’t available for a specific release, or isn’t quickly actionable, users may see the linked github advisory (GHSA-gw42-f939-fhvm) for mitigation advice. Solution(s) freebsd-upgrade-package-openfire References CVE-2023-32315

OS X update for curl (CVE-2023-28322) Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 05/26/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/28/2025 Description An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-28322 CVE - 2023-28322 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845

OS X update for curl (CVE-2023-28321) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 05/26/2023 Created 07/25/2023 Added 07/25/2023 Modified 01/30/2025 Description An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. Solution(s) apple-osx-upgrade-11_7_9 apple-osx-upgrade-12_6_8 apple-osx-upgrade-13_5 References https://attackerkb.com/topics/cve-2023-28321 CVE - 2023-28321 https://support.apple.com/kb/HT213843 https://support.apple.com/kb/HT213844 https://support.apple.com/kb/HT213845

Huawei EulerOS: CVE-2023-32681: python-requests security update Severity 5 CVSS (AV:N/AC:H/Au:N/C:C/I:N/A:N) Published 05/26/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0. Solution(s) huawei-euleros-2_0_sp11-upgrade-python-requests-help References https://attackerkb.com/topics/cve-2023-32681 CVE - 2023-32681 EulerOS-SA-2023-2707

Gentoo Linux: CVE-2023-28322: curl: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 05/26/2023 Created 10/12/2023 Added 10/12/2023 Modified 01/28/2025 Description An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. Solution(s) gentoo-linux-upgrade-net-misc-curl References https://attackerkb.com/topics/cve-2023-28322 CVE - 2023-28322 202310-12

Huawei EulerOS: CVE-2023-1981: avahi security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/26/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/28/2025 Description A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash. Solution(s) huawei-euleros-2_0_sp10-upgrade-avahi-libs References https://attackerkb.com/topics/cve-2023-1981 CVE - 2023-1981 EulerOS-SA-2023-2372

Debian: CVE-2023-2856: wireshark -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/26/2023 Created 06/05/2023 Added 06/05/2023 Modified 01/28/2025 Description VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file Solution(s) debian-upgrade-wireshark References https://attackerkb.com/topics/cve-2023-2856 CVE - 2023-2856 DLA-3443-1 DSA-5429

Alma Linux: CVE-2023-2283: Moderate: libssh security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 05/26/2023 Created 07/04/2023 Added 07/04/2023 Modified 01/28/2025 Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK. Solution(s) alma-upgrade-libssh alma-upgrade-libssh-config alma-upgrade-libssh-devel References https://attackerkb.com/topics/cve-2023-2283 CVE - 2023-2283 https://errata.almalinux.org/8/ALSA-2023-3839.html https://errata.almalinux.org/9/ALSA-2023-6643.html

Ubuntu: (Multiple Advisories) (CVE-2023-1981): Avahi vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/26/2023 Created 06/02/2023 Added 06/02/2023 Modified 01/28/2025 Description A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash. Solution(s) ubuntu-pro-upgrade-avahi-daemon References https://attackerkb.com/topics/cve-2023-1981 CVE - 2023-1981 USN-6129-1 USN-6129-2

Alma Linux: CVE-2023-2002: Important: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 7 CVSS (AV:A/AC:L/Au:S/C:P/I:P/A:C) Published 05/26/2023 Created 07/12/2023 Added 07/12/2023 Modified 01/28/2025 Description A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla References https://attackerkb.com/topics/cve-2023-2002 CVE - 2023-2002 https://errata.almalinux.org/8/ALSA-2023-5244.html https://errata.almalinux.org/9/ALSA-2023-3708.html https://errata.almalinux.org/9/ALSA-2023-3723.html

Alma Linux: CVE-2023-1981: Moderate: avahi security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/26/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash. Solution(s) alma-upgrade-avahi alma-upgrade-avahi-autoipd alma-upgrade-avahi-compat-howl alma-upgrade-avahi-compat-howl-devel alma-upgrade-avahi-compat-libdns_sd alma-upgrade-avahi-compat-libdns_sd-devel alma-upgrade-avahi-devel alma-upgrade-avahi-glib alma-upgrade-avahi-glib-devel alma-upgrade-avahi-gobject alma-upgrade-avahi-gobject-devel alma-upgrade-avahi-libs alma-upgrade-avahi-tools alma-upgrade-avahi-ui alma-upgrade-avahi-ui-devel alma-upgrade-avahi-ui-gtk3 alma-upgrade-python3-avahi References https://attackerkb.com/topics/cve-2023-1981 CVE - 2023-1981 https://errata.almalinux.org/8/ALSA-2023-7190.html https://errata.almalinux.org/9/ALSA-2023-6707.html

Alma Linux: CVE-2023-1667: Moderate: libssh security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 05/26/2023 Created 07/04/2023 Added 07/04/2023 Modified 01/28/2025 Description A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. Solution(s) alma-upgrade-libssh alma-upgrade-libssh-config alma-upgrade-libssh-devel References https://attackerkb.com/topics/cve-2023-1667 CVE - 2023-1667 https://errata.almalinux.org/8/ALSA-2023-3839.html https://errata.almalinux.org/9/ALSA-2023-6643.html

Alma Linux: CVE-2023-2858: Moderate: wireshark security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/26/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file Solution(s) alma-upgrade-wireshark alma-upgrade-wireshark-cli alma-upgrade-wireshark-devel References https://attackerkb.com/topics/cve-2023-2858 CVE - 2023-2858 https://errata.almalinux.org/8/ALSA-2023-7015.html https://errata.almalinux.org/9/ALSA-2023-6469.html