ISHACK AI BOT

VMware Photon OS: CVE-2023-23919 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-23919 CVE - 2023-23919

VMware Photon OS: CVE-2023-23920 Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:C/A:N) Published 02/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-23920 CVE - 2023-23920

Debian: CVE-2023-23918: nodejs -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 02/23/2023 Created 01/04/2024 Added 01/03/2024 Modified 01/28/2025 Description A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy. Solution(s) debian-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-23918 CVE - 2023-23918 DSA-5589-1

Debian: CVE-2023-23915: curl -- security update Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 02/23/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS. Solution(s) debian-upgrade-curl References https://attackerkb.com/topics/cve-2023-23915 CVE - 2023-23915

Debian: CVE-2023-23919: nodejs -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/23/2023 Created 01/04/2024 Added 01/03/2024 Modified 01/28/2025 Description A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service. Solution(s) debian-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-23919 CVE - 2023-23919 DSA-5589-1

Debian: CVE-2023-23914: curl -- security update Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:N) Published 02/23/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on. Solution(s) debian-upgrade-curl References https://attackerkb.com/topics/cve-2023-23914 CVE - 2023-23914

Ubuntu: USN-6672-1 (CVE-2023-23920): Node.js vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:M/C:N/I:C/A:N) Published 02/23/2023 Created 03/06/2024 Added 03/05/2024 Modified 01/28/2025 Description An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges. Solution(s) ubuntu-upgrade-libnode108 ubuntu-upgrade-libnode64 ubuntu-upgrade-libnode72 ubuntu-upgrade-nodejs References https://attackerkb.com/topics/cve-2023-23920 CVE - 2023-23920 DSA-5395 USN-6672-1

Ubuntu: USN-5891-1 (CVE-2023-23914): curl vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:N) Published 02/23/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on. Solution(s) ubuntu-upgrade-curl ubuntu-upgrade-libcurl3-gnutls ubuntu-upgrade-libcurl3-nss ubuntu-upgrade-libcurl4 References https://attackerkb.com/topics/cve-2023-23914 CVE - 2023-23914 USN-5891-1

CentOS Linux: CVE-2023-23920: Moderate: nodejs:16 security, bug fix, and enhancement update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:M/C:N/I:C/A:N) Published 02/23/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges. Solution(s) centos-upgrade-nodejs centos-upgrade-nodejs-debuginfo centos-upgrade-nodejs-debugsource centos-upgrade-nodejs-devel centos-upgrade-nodejs-docs centos-upgrade-nodejs-full-i18n centos-upgrade-nodejs-libs centos-upgrade-nodejs-libs-debuginfo centos-upgrade-nodejs-nodemon centos-upgrade-nodejs-packaging centos-upgrade-nodejs-packaging-bundler centos-upgrade-npm References DSA-5395 CVE-2023-23920

Huawei EulerOS: CVE-2023-23916: curl security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/23/2023 Created 07/05/2023 Added 07/05/2023 Modified 01/30/2025 Description An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. Solution(s) huawei-euleros-2_0_sp11-upgrade-curl huawei-euleros-2_0_sp11-upgrade-libcurl References https://attackerkb.com/topics/cve-2023-23916 CVE - 2023-23916 EulerOS-SA-2023-2286

CentOS Linux: CVE-2023-23916: Moderate: curl security update (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/23/2023 Created 03/10/2023 Added 03/09/2023 Modified 01/28/2025 Description An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. Solution(s) centos-upgrade-curl centos-upgrade-curl-debuginfo centos-upgrade-curl-debugsource centos-upgrade-curl-minimal centos-upgrade-curl-minimal-debuginfo centos-upgrade-libcurl centos-upgrade-libcurl-debuginfo centos-upgrade-libcurl-devel centos-upgrade-libcurl-minimal centos-upgrade-libcurl-minimal-debuginfo References DSA-5365 CVE-2023-23916

FreeBSD: VID-E8B20517-DBB6-11ED-BF28-589CFC0F81B0 (CVE-2023-25824): mod_gnutls -- Infinite Loop on request read timeout Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/23/2023 Created 05/05/2023 Added 04/16/2023 Modified 01/28/2025 Description Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from 0.9.0 to 0.12.0 (including) did not properly fail blocking read operations on TLS connections when the transport hit timeouts. Instead it entered an endless loop retrying the read operation, consuming CPU resources. This could be exploited for denial of service attacks. If trace level logging was enabled, it would also produce an excessive amount of log output during the loop, consuming disk space. The problem has been fixed in commit d7eec4e598158ab6a98bf505354e84352f9715ec, please update to version 0.12.1. There are no workarounds, users who cannot update should apply the errno fix detailed in the security advisory. Solution(s) freebsd-upgrade-package-ap24-mod_gnutls References CVE-2023-25824

Ubuntu: (Multiple Advisories) (CVE-2023-0597): Linux kernel (OEM) vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 02/23/2023 Created 07/07/2023 Added 07/07/2023 Modified 01/28/2025 Description A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory. Solution(s) ubuntu-upgrade-linux-image-4-15-0-1125-oracle ubuntu-upgrade-linux-image-4-15-0-1146-kvm ubuntu-upgrade-linux-image-4-15-0-1156-gcp ubuntu-upgrade-linux-image-4-15-0-1162-aws ubuntu-upgrade-linux-image-4-15-0-1171-azure ubuntu-upgrade-linux-image-4-15-0-219-generic ubuntu-upgrade-linux-image-4-15-0-219-lowlatency ubuntu-upgrade-linux-image-5-15-0-1025-gkeop ubuntu-upgrade-linux-image-5-15-0-1030-nvidia ubuntu-upgrade-linux-image-5-15-0-1030-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1035-ibm ubuntu-upgrade-linux-image-5-15-0-1035-raspi ubuntu-upgrade-linux-image-5-15-0-1037-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1039-gcp ubuntu-upgrade-linux-image-5-15-0-1039-gke ubuntu-upgrade-linux-image-5-15-0-1039-kvm ubuntu-upgrade-linux-image-5-15-0-1040-oracle ubuntu-upgrade-linux-image-5-15-0-1041-aws ubuntu-upgrade-linux-image-5-15-0-1042-aws ubuntu-upgrade-linux-image-5-15-0-1043-azure-fde ubuntu-upgrade-linux-image-5-15-0-1045-azure ubuntu-upgrade-linux-image-5-15-0-1045-azure-fde ubuntu-upgrade-linux-image-5-15-0-79-generic ubuntu-upgrade-linux-image-5-15-0-79-generic-64k ubuntu-upgrade-linux-image-5-15-0-79-generic-lpae ubuntu-upgrade-linux-image-5-15-0-79-lowlatency ubuntu-upgrade-linux-image-5-15-0-79-lowlatency-64k ubuntu-upgrade-linux-image-5-17-0-1034-oem ubuntu-upgrade-linux-image-5-4-0-1025-iot ubuntu-upgrade-linux-image-5-4-0-1033-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1060-ibm ubuntu-upgrade-linux-image-5-4-0-1074-bluefield ubuntu-upgrade-linux-image-5-4-0-1080-gkeop ubuntu-upgrade-linux-image-5-4-0-1097-raspi ubuntu-upgrade-linux-image-5-4-0-1102-kvm ubuntu-upgrade-linux-image-5-4-0-1112-oracle ubuntu-upgrade-linux-image-5-4-0-1113-aws ubuntu-upgrade-linux-image-5-4-0-1117-gcp ubuntu-upgrade-linux-image-5-4-0-1119-azure ubuntu-upgrade-linux-image-5-4-0-166-generic ubuntu-upgrade-linux-image-5-4-0-166-generic-lpae ubuntu-upgrade-linux-image-5-4-0-166-lowlatency ubuntu-upgrade-linux-image-6-0-0-1019-oem ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-hwe ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-16-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-22-04 ubuntu-upgrade-linux-image-oem-22-04a ubuntu-upgrade-linux-image-oem-22-04b ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-16-04 ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-0597 CVE - 2023-0597 USN-6206-1 USN-6235-1 USN-6300-1 USN-6311-1 USN-6332-1 USN-6347-1 USN-6440-1 USN-6440-2 USN-6440-3 USN-6462-1 USN-6462-2 View more

IBM AIX: curl_advisory2 (CVE-2023-23916): Security vulnerabilities in cURL for AIX Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/23/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/30/2025 Description An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. Solution(s) ibm-aix-curl_advisory2 References https://attackerkb.com/topics/cve-2023-23916 CVE - 2023-23916 https://aix.software.ibm.com/aix/efixes/security/curl_advisory2.asc

Amazon Linux AMI 2: CVE-2023-23605: Security patch for firefox, thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/23/2023 Created 02/23/2023 Added 02/23/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-23605 AL2/ALAS-2023-1951 AL2/ALASFIREFOX-2023-013 CVE - 2023-23605

Amazon Linux AMI 2: CVE-2023-23601: Security patch for firefox, thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 02/23/2023 Created 02/23/2023 Added 02/23/2023 Modified 01/28/2025 Description Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-23601 AL2/ALAS-2023-1951 AL2/ALASFIREFOX-2023-013 CVE - 2023-23601

Amazon Linux AMI 2: CVE-2023-23914: Security patch for curl (ALAS-2023-1986) Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:N) Published 02/23/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/28/2025 Description A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on. Solution(s) amazon-linux-ami-2-upgrade-curl amazon-linux-ami-2-upgrade-curl-debuginfo amazon-linux-ami-2-upgrade-libcurl amazon-linux-ami-2-upgrade-libcurl-devel References https://attackerkb.com/topics/cve-2023-23914 AL2/ALAS-2023-1986 CVE - 2023-23914

Amazon Linux AMI 2: CVE-2023-23598: Security patch for firefox, thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 02/23/2023 Created 02/23/2023 Added 02/23/2023 Modified 01/30/2025 Description Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-23598 AL2/ALAS-2023-1951 AL2/ALASFIREFOX-2023-013 CVE - 2023-23598

VMware Photon OS: CVE-2023-23914 Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:N) Published 02/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-23914 CVE - 2023-23914

Huawei EulerOS: CVE-2023-23916: curl security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/23/2023 Created 05/05/2023 Added 04/13/2023 Modified 01/30/2025 Description An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. Solution(s) huawei-euleros-2_0_sp8-upgrade-curl huawei-euleros-2_0_sp8-upgrade-libcurl huawei-euleros-2_0_sp8-upgrade-libcurl-devel References https://attackerkb.com/topics/cve-2023-23916 CVE - 2023-23916 EulerOS-SA-2023-1590

Amazon Linux AMI 2: CVE-2023-23915: Security patch for curl (ALAS-2023-1986) Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 02/23/2023 Created 03/08/2023 Added 03/07/2023 Modified 01/28/2025 Description A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS. Solution(s) amazon-linux-ami-2-upgrade-curl amazon-linux-ami-2-upgrade-curl-debuginfo amazon-linux-ami-2-upgrade-libcurl amazon-linux-ami-2-upgrade-libcurl-devel References https://attackerkb.com/topics/cve-2023-23915 AL2/ALAS-2023-1986 CVE - 2023-23915

Amazon Linux AMI 2: CVE-2023-20032: Security patch for clamav (ALAS-2023-1964) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 02/23/2023 Created 02/23/2023 Added 02/23/2023 Modified 01/30/2025 Description On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition. For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"]. Solution(s) amazon-linux-ami-2-upgrade-clamav amazon-linux-ami-2-upgrade-clamav-data amazon-linux-ami-2-upgrade-clamav-debuginfo amazon-linux-ami-2-upgrade-clamav-devel amazon-linux-ami-2-upgrade-clamav-doc amazon-linux-ami-2-upgrade-clamav-filesystem amazon-linux-ami-2-upgrade-clamav-lib amazon-linux-ami-2-upgrade-clamav-milter amazon-linux-ami-2-upgrade-clamav-update amazon-linux-ami-2-upgrade-clamd References https://attackerkb.com/topics/cve-2023-20032 AL2/ALAS-2023-1964 CVE - 2023-20032

Amazon Linux AMI 2: CVE-2023-23602: Security patch for firefox, thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 02/23/2023 Created 02/23/2023 Added 02/23/2023 Modified 01/28/2025 Description A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) amazon-linux-ami-2-upgrade-firefox amazon-linux-ami-2-upgrade-firefox-debuginfo amazon-linux-ami-2-upgrade-thunderbird amazon-linux-ami-2-upgrade-thunderbird-debuginfo References https://attackerkb.com/topics/cve-2023-23602 AL2/ALAS-2023-1951 AL2/ALASFIREFOX-2023-013 CVE - 2023-23602

VMware Photon OS: CVE-2023-23916 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-23916 CVE - 2023-23916

VMware Photon OS: CVE-2023-23918 Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 02/23/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-23918 CVE - 2023-23918