-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-01-02T19:00:24.121322+00:00
- Loading branch information
1 parent
2d07c7f
commit d8f9638
Showing
17 changed files
with
689 additions
and
712 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2023-2585", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-21T10:15:34.533", | ||
| "lastModified": "2023-12-21T13:22:15.910", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "lastModified": "2024-01-02T18:28:16.777", | ||
| "vulnStatus": "Analyzed", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
|
|
@@ -16,6 +16,26 @@ | |
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 8.1, | ||
| "baseSeverity": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 2.8, | ||
| "impactScore": 5.2 | ||
| }, | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
|
|
@@ -39,6 +59,16 @@ | |
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "NVD-CWE-Other" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
|
|
@@ -50,34 +80,172 @@ | |
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
| { | ||
| "operator": "AND", | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:single_sign-on:7.6:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "2DEC61BC-E699-456E-99B6-C049F2A5F23F" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": false, | ||
| "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" | ||
| }, | ||
| { | ||
| "vulnerable": false, | ||
| "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" | ||
| }, | ||
| { | ||
| "vulnerable": false, | ||
| "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "operator": "AND", | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "EA983F8C-3A06-450A-AEFF-9429DE9A3454" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.9:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "01B0F191-ADDB-4AAE-A5C5-5CC16909E64A" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.10:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "FD75BCB4-F0E1-4C05-A2D7-001503C805C9" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "B02036DD-4489-480B-B7D4-4EB08952377B" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "C7E78C55-45B6-4E01-9773-D3468F8EA9C3" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "30E2CF79-2D56-48AB-952E-5DDAFE471073" | ||
| }, | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "54E24055-813B-4E6D-94B7-FAD5F78B8537" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": false, | ||
| "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", | ||
| "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", | ||
| "matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://access.redhat.com/errata/RHSA-2023:3883", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Vendor Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://access.redhat.com/errata/RHSA-2023:3884", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Vendor Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://access.redhat.com/errata/RHSA-2023:3885", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Vendor Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://access.redhat.com/errata/RHSA-2023:3888", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Vendor Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://access.redhat.com/errata/RHSA-2023:3892", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Vendor Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://access.redhat.com/security/cve/CVE-2023-2585", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Vendor Advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196335", | ||
| "source": "[email protected]" | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Issue Tracking", | ||
| "Vendor Advisory" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| { | ||
| "id": "CVE-2023-4280", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-01-02T17:15:09.520", | ||
| "lastModified": "2024-01-02T17:15:09.520", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", | ||
| "attackVector": "LOCAL", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "scope": "CHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH", | ||
| "baseScore": 9.3, | ||
| "baseSeverity": "CRITICAL" | ||
| }, | ||
| "exploitabilityScore": 2.5, | ||
| "impactScore": 6.0 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-125" | ||
| }, | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-20" | ||
| }, | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-787" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://community.silabs.com/069Vm0000004NinIAE", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://github.com/SiliconLabs/gecko_sdk", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
Oops, something went wrong.