ISHACK AI BOT

Red Hat JBossEAP: Creation of Temporary File With Insecure Permissions (CVE-2023-0482) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 01/31/2023 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2023-0482 CVE - 2023-0482 https://access.redhat.com/security/cve/CVE-2023-0482 https://bugzilla.redhat.com/show_bug.cgi?id=2166004 https://access.redhat.com/errata/RHSA-2023:1512 https://access.redhat.com/errata/RHSA-2023:1513 https://access.redhat.com/errata/RHSA-2023:1514 https://access.redhat.com/errata/RHSA-2023:1516 View more

Rocky Linux: CVE-2022-25147: apr-util (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:P) Published 01/31/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions. Solution(s) rocky-upgrade-apr-util rocky-upgrade-apr-util-bdb rocky-upgrade-apr-util-bdb-debuginfo rocky-upgrade-apr-util-debuginfo rocky-upgrade-apr-util-debugsource rocky-upgrade-apr-util-devel rocky-upgrade-apr-util-ldap rocky-upgrade-apr-util-ldap-debuginfo rocky-upgrade-apr-util-mysql rocky-upgrade-apr-util-mysql-debuginfo rocky-upgrade-apr-util-odbc rocky-upgrade-apr-util-odbc-debuginfo rocky-upgrade-apr-util-openssl rocky-upgrade-apr-util-openssl-debuginfo rocky-upgrade-apr-util-pgsql rocky-upgrade-apr-util-pgsql-debuginfo rocky-upgrade-apr-util-sqlite rocky-upgrade-apr-util-sqlite-debuginfo References https://attackerkb.com/topics/cve-2022-25147 CVE - 2022-25147 https://errata.rockylinux.org/RLSA-2023:3109 https://errata.rockylinux.org/RLSA-2023:3147

Rocky Linux: CVE-2022-25881: nodejs-and-nodejs-nodemon (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 01/31/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/30/2025 Description This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library. Solution(s) rocky-upgrade-nodejs rocky-upgrade-nodejs-debuginfo rocky-upgrade-nodejs-debugsource rocky-upgrade-nodejs-devel rocky-upgrade-nodejs-full-i18n rocky-upgrade-nodejs-libs rocky-upgrade-nodejs-libs-debuginfo rocky-upgrade-npm References https://attackerkb.com/topics/cve-2022-25881 CVE - 2022-25881 https://errata.rockylinux.org/RLSA-2023:1582 https://errata.rockylinux.org/RLSA-2023:1583 https://errata.rockylinux.org/RLSA-2023:1743 https://errata.rockylinux.org/RLSA-2023:2655

Red Hat: CVE-2022-25147: out-of-bounds writes in the apr_base64 (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:P) Published 01/31/2023 Created 05/17/2023 Added 05/17/2023 Modified 01/28/2025 Description Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions. Solution(s) redhat-upgrade-apr-util redhat-upgrade-apr-util-bdb redhat-upgrade-apr-util-bdb-debuginfo redhat-upgrade-apr-util-debuginfo redhat-upgrade-apr-util-debugsource redhat-upgrade-apr-util-devel redhat-upgrade-apr-util-ldap redhat-upgrade-apr-util-ldap-debuginfo redhat-upgrade-apr-util-mysql redhat-upgrade-apr-util-mysql-debuginfo redhat-upgrade-apr-util-nss redhat-upgrade-apr-util-odbc redhat-upgrade-apr-util-odbc-debuginfo redhat-upgrade-apr-util-openssl redhat-upgrade-apr-util-openssl-debuginfo redhat-upgrade-apr-util-pgsql redhat-upgrade-apr-util-pgsql-debuginfo redhat-upgrade-apr-util-sqlite redhat-upgrade-apr-util-sqlite-debuginfo References CVE-2022-25147 RHSA-2023:3109 RHSA-2023:3145 RHSA-2023:3146 RHSA-2023:3147 RHSA-2023:3178 RHSA-2023:3360 View more

Amazon Linux 2023: CVE-2023-0512: Important priority package update for vim Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. A divide-by-zero flaw was found in Vim's adjust_skipcol() function in the move.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a floating point exception error and causing an application to crash, eventually leading to a denial of service. Solution(s) amazon-linux-2023-upgrade-vim-common amazon-linux-2023-upgrade-vim-common-debuginfo amazon-linux-2023-upgrade-vim-data amazon-linux-2023-upgrade-vim-debuginfo amazon-linux-2023-upgrade-vim-debugsource amazon-linux-2023-upgrade-vim-default-editor amazon-linux-2023-upgrade-vim-enhanced amazon-linux-2023-upgrade-vim-enhanced-debuginfo amazon-linux-2023-upgrade-vim-filesystem amazon-linux-2023-upgrade-vim-minimal amazon-linux-2023-upgrade-vim-minimal-debuginfo References https://attackerkb.com/topics/cve-2023-0512 CVE - 2023-0512 https://alas.aws.amazon.com/AL2023/ALAS-2023-117.html

Red Hat: CVE-2022-24963: apr: integer overflow/wraparound in apr_encode (Multiple Advisories) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 01/31/2023 Created 12/13/2023 Added 12/12/2023 Modified 01/28/2025 Description Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0. Solution(s) redhat-upgrade-apr redhat-upgrade-apr-debuginfo redhat-upgrade-apr-debugsource redhat-upgrade-apr-devel References CVE-2022-24963 RHSA-2023:7711

OS X update for ColorSync (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

SUSE: CVE-2022-48303: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/30/2023 Created 02/22/2023 Added 02/21/2023 Modified 01/28/2025 Description GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. Solution(s) suse-upgrade-tar suse-upgrade-tar-backup-scripts suse-upgrade-tar-doc suse-upgrade-tar-lang suse-upgrade-tar-rmt suse-upgrade-tar-tests References https://attackerkb.com/topics/cve-2022-48303 CVE - 2022-48303

Oracle Linux: CVE-2022-39324: ELSA-2023-6420:grafana security and enhancement update (MODERATE) (Multiple Advisories) Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:P) Published 01/30/2023 Created 11/18/2023 Added 11/16/2023 Modified 11/30/2024 Description Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. This issue is fixed in versions 8.5.16 and 9.2.8. A flaw was found in the grafana package. While creating a snapshot, an attacker may manipulate a hidden HTTP parameter to inject a malicious URL in the "Open original dashboard" button. Solution(s) oracle-linux-upgrade-grafana References https://attackerkb.com/topics/cve-2022-39324 CVE - 2022-39324 ELSA-2023-6420

OS X update for Quick Look (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Crash Reporter (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for DesktopServices (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for curl (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Amazon Linux AMI: CVE-2023-0512: Security patch for vim (ALAS-2023-1703) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 03/24/2023 Added 03/23/2023 Modified 01/28/2025 Description Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1703 CVE-2023-0512

OS X update for IOAcceleratorFamily (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

VMware Photon OS: CVE-2022-48303 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 01/30/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2022-48303 CVE - 2022-48303

OS X update for NetworkExtension (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Alma Linux: CVE-2023-0266: Important: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/30/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-0266 CVE - 2023-0266 https://errata.almalinux.org/8/ALSA-2023-1566.html https://errata.almalinux.org/8/ALSA-2023-1584.html https://errata.almalinux.org/9/ALSA-2023-1469.html https://errata.almalinux.org/9/ALSA-2023-1470.html

OS X update for TextKit (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Messages (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for Mail (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Debian: CVE-2022-48303: tar -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 01/30/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. Solution(s) debian-upgrade-tar References https://attackerkb.com/topics/cve-2022-48303 CVE - 2022-48303

Debian: CVE-2023-0474: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 01/31/2023 Added 01/30/2023 Modified 01/28/2025 Description Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-0474 CVE - 2023-0474 DSA-5328-1

OS X update for Foundation (CVE-2023-0512) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 01/30/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Debian: CVE-2023-0240: linux -- security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 01/30/2023 Created 03/07/2023 Added 03/06/2023 Modified 01/30/2025 Description There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will use the init_cred or the previous linked requests identity to do operations instead of using the current identity. This can lead to reference counting issues causing use-after-free. We recommend upgrading past version 5.10.161. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2023-0240 CVE - 2023-0240 DLA-3349-1