ISHACK AI BOT

Ubuntu: (Multiple Advisories) (CVE-2023-25690): Apache HTTP Server vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/07/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/30/2025 Description Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server. Solution(s) ubuntu-pro-upgrade-apache2 References https://attackerkb.com/topics/cve-2023-25690 CVE - 2023-25690 USN-5942-1 USN-5942-2

Microsoft Edge Chromium: CVE-2023-1214 Type Confusion in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/07/2023 Created 03/15/2023 Added 03/14/2023 Modified 01/28/2025 Description Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-1214 CVE - 2023-1214 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1214

Microsoft Edge Chromium: CVE-2023-1213 Use after free in Swiftshader Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/07/2023 Created 03/15/2023 Added 03/14/2023 Modified 01/28/2025 Description Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-1213 CVE - 2023-1213 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1213

VMware Photon OS: CVE-2023-1264 Severity 6 CVSS (AV:L/AC:L/Au:N/C:P/I:P/A:C) Published 03/07/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-1264 CVE - 2023-1264

FreeBSD: VID-D357F6BB-0AF4-4AC9-B096-EEEC183AD829 (CVE-2023-1214): chromium -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/07/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-1214

FreeBSD: VID-D357F6BB-0AF4-4AC9-B096-EEEC183AD829 (CVE-2023-1228): chromium -- multiple vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 03/07/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Insufficient policy enforcement in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-1228

FreeBSD: VID-E5D117B3-2153-4129-81ED-42B0221AFA78 (CVE-2023-27476): py39-OWSLib -- arbitrary file read vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 03/07/2023 Created 05/05/2023 Added 04/14/2023 Modified 01/28/2025 Description OWSLib is a Python package for client programming with Open Geospatial Consortium (OGC) web service interface standards, and their related content models. OWSLib's XML parser (which supports both `lxml` and `xml.etree`) does not disable entity resolution, and could lead to arbitrary file reads from an attacker-controlled XML payload. This affects all XML parsing in the codebase. This issue has been addressed in version 0.28.1. All users are advised to upgrade. The only known workaround is to patch the library manually. See `GHSA-8h9c-r582-mggc` for details. Solution(s) freebsd-upgrade-package-py39-owslib References CVE-2023-27476

FreeBSD: VID-D357F6BB-0AF4-4AC9-B096-EEEC183AD829 (CVE-2023-1222): chromium -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 03/07/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-1222

FreeBSD: VID-D357F6BB-0AF4-4AC9-B096-EEEC183AD829 (CVE-2023-1229): chromium -- multiple vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 03/07/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-1229

FreeBSD: VID-8EDEB3C1-BFE7-11ED-96F5-3497F65B111B (CVE-2023-25690): Apache httpd -- Multiple vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/07/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server. Solution(s) freebsd-upgrade-package-apache24 References CVE-2023-25690

FreeBSD: VID-D357F6BB-0AF4-4AC9-B096-EEEC183AD829 (CVE-2023-1224): chromium -- multiple vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 03/07/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-1224

FreeBSD: VID-D357F6BB-0AF4-4AC9-B096-EEEC183AD829 (CVE-2023-1234): chromium -- multiple vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 03/07/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2023-1234

Huawei EulerOS: CVE-2023-25690: httpd security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/07/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/30/2025 Description Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server. Solution(s) huawei-euleros-2_0_sp5-upgrade-httpd huawei-euleros-2_0_sp5-upgrade-httpd-devel huawei-euleros-2_0_sp5-upgrade-httpd-manual huawei-euleros-2_0_sp5-upgrade-httpd-tools huawei-euleros-2_0_sp5-upgrade-mod_session huawei-euleros-2_0_sp5-upgrade-mod_ssl References https://attackerkb.com/topics/cve-2023-25690 CVE - 2023-25690 EulerOS-SA-2023-2148

SUSE: CVE-2023-1229: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 03/07/2023 Created 03/15/2023 Added 03/14/2023 Modified 01/28/2025 Description Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-1229 CVE - 2023-1229

SUSE: CVE-2023-1236: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 03/07/2023 Created 03/15/2023 Added 03/14/2023 Modified 01/28/2025 Description Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. (Chromium security severity: Low) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium suse-upgrade-opera References https://attackerkb.com/topics/cve-2023-1236 CVE - 2023-1236

Moodle: Unspecified Security Vulnerability (CVE-2021-36402) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/06/2023 Created 03/15/2023 Added 03/15/2023 Modified 01/30/2025 Description In Moodle, Users' names required additional sanitizing in the account confirmation email, to prevent a self-registration phishing risk. Solution(s) moodle-upgrade-3_10_5 moodle-upgrade-3_11_1 moodle-upgrade-3_9_8 References https://attackerkb.com/topics/cve-2021-36402 CVE - 2021-36402 https://moodle.org/mod/forum/discuss.php?d=424808

Ubuntu: USN-6067-1 (CVE-2022-3277): OpenStack Neutron vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 03/06/2023 Created 05/11/2023 Added 05/11/2023 Modified 01/30/2025 Description An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service. Solution(s) ubuntu-upgrade-python-neutron ubuntu-upgrade-python3-neutron References https://attackerkb.com/topics/cve-2022-3277 CVE - 2022-3277 USN-6067-1

Ubuntu: USN-6063-1 (CVE-2022-3854): Ceph vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 03/06/2023 Created 05/10/2023 Added 05/10/2023 Modified 01/28/2025 Description A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service. Solution(s) ubuntu-upgrade-ceph ubuntu-upgrade-ceph-base ubuntu-upgrade-ceph-common References https://attackerkb.com/topics/cve-2022-3854 CVE - 2022-3854 USN-6063-1

Gentoo Linux: CVE-2023-1161: Wireshark: Multiple Vulnerabilities Severity 8 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:C) Published 03/06/2023 Created 09/18/2023 Added 09/18/2023 Modified 01/28/2025 Description ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file Solution(s) gentoo-linux-upgrade-net-analyzer-wireshark References https://attackerkb.com/topics/cve-2023-1161 CVE - 2023-1161 202309-02

Moodle: Server-Side Request Forgery (SSRF) (CVE-2021-36396) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 03/06/2023 Created 03/15/2023 Added 03/15/2023 Modified 01/28/2025 Description In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk. Solution(s) moodle-upgrade-3_10_5 moodle-upgrade-3_11_1 moodle-upgrade-3_9_8 References https://attackerkb.com/topics/cve-2021-36396 CVE - 2021-36396 https://moodle.org/mod/forum/discuss.php?d=424802

Moodle: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CVE-2021-36393) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/06/2023 Created 03/15/2023 Added 03/15/2023 Modified 01/30/2025 Description In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses. Solution(s) moodle-upgrade-3_10_5 moodle-upgrade-3_11_1 moodle-upgrade-3_9_8 References https://attackerkb.com/topics/cve-2021-36393 CVE - 2021-36393 https://moodle.org/mod/forum/discuss.php?d=424798

Huawei EulerOS: CVE-2022-4904: c-ares security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:C) Published 03/06/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. Solution(s) huawei-euleros-2_0_sp10-upgrade-c-ares References https://attackerkb.com/topics/cve-2022-4904 CVE - 2022-4904 EulerOS-SA-2023-1970

Moodle: Uncontrolled Recursion (CVE-2021-36395) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/06/2023 Created 03/15/2023 Added 03/15/2023 Modified 01/30/2025 Description In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service. Solution(s) moodle-upgrade-3_10_5 moodle-upgrade-3_11_1 moodle-upgrade-3_9_8 References https://attackerkb.com/topics/cve-2021-36395 CVE - 2021-36395 https://moodle.org/mod/forum/discuss.php?d=424801

Ubuntu: USN-6167-1 (CVE-2023-0330): QEMU vulnerabilities Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 03/06/2023 Created 06/21/2023 Added 06/20/2023 Modified 01/28/2025 Description A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. Solution(s) ubuntu-pro-upgrade-qemu ubuntu-pro-upgrade-qemu-common ubuntu-pro-upgrade-qemu-guest-agent ubuntu-pro-upgrade-qemu-kvm ubuntu-pro-upgrade-qemu-system ubuntu-pro-upgrade-qemu-system-aarch64 ubuntu-pro-upgrade-qemu-system-arm ubuntu-pro-upgrade-qemu-system-common ubuntu-pro-upgrade-qemu-system-data ubuntu-pro-upgrade-qemu-system-gui ubuntu-pro-upgrade-qemu-system-mips ubuntu-pro-upgrade-qemu-system-misc ubuntu-pro-upgrade-qemu-system-ppc ubuntu-pro-upgrade-qemu-system-s390x ubuntu-pro-upgrade-qemu-system-sparc ubuntu-pro-upgrade-qemu-system-x86 ubuntu-pro-upgrade-qemu-system-x86-microvm ubuntu-pro-upgrade-qemu-system-x86-xen ubuntu-pro-upgrade-qemu-system-xen References https://attackerkb.com/topics/cve-2023-0330 CVE - 2023-0330 USN-6167-1

Moodle: Unspecified Security Vulnerability (CVE-2021-36397) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 03/06/2023 Created 03/15/2023 Added 03/15/2023 Modified 01/28/2025 Description In Moodle, insufficient capability checks meant message deletions were not limited to the current user. Solution(s) moodle-upgrade-3_10_5 moodle-upgrade-3_11_1 moodle-upgrade-3_9_8 References https://attackerkb.com/topics/cve-2021-36397 CVE - 2021-36397 https://moodle.org/mod/forum/discuss.php?d=424803