About the security content of macOS Big Sur 11.7

2022-09-12T00:00:00

Description

# About the security content of macOS Big Sur 11.7 This document describes the security content of macOS Big Sur 11.7. ## About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page. Apple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible. For more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. ![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png) ## macOS Big Sur 11.7 Released September 12, 2022 **AppleMobileFileIntegrity** Available for: macOS Big Sur Impact: An app may be able to access user-sensitive data Description: An issue in code signature validation was addressed with improved checks. CVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc. Entry added October 27, 2022 **ATS** Available for: macOS Big Sur Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-32904: Mickey Jin (@patch1t) Entry added October 27, 2022 **ATS** Available for: macOS Big Sur Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management. CVE-2022-32902: Mickey Jin (@patch1t) **Calendar** Available for: macOS Big Sur Impact: An app may be able to read sensitive location information Description: An access issue was addressed with improved access restrictions. CVE-2022-42819: an anonymous researcher Entry added October 27, 2022 **Contacts** Available for: macOS Big Sur Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved checks. CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security **GarageBand** Available for: macOS Big Sur Impact: An app may be able to access user-sensitive data Description: A configuration issue was addressed with additional restrictions. CVE-2022-32877: Wojciech Reguła (@_r3ggi) of SecuRing Entry added October 27, 2022 **ImageIO** Available for: macOS Big Sur Impact: Processing an image may lead to a denial-of-service Description: A denial-of-service issue was addressed with improved validation. CVE-2022-1622 Entry added October 27, 2022 **Image Processing** Available for: macOS Big Sur Impact: A sandboxed app may be able to determine which app is currently using the camera Description: The issue was addressed with additional restrictions on the observability of app states. CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit) Entry added October 27, 2022 **iMovie** Available for: macOS Big Sur Impact: A user may be able to view sensitive user information Description: This issue was addressed by enabling hardened runtime. CVE-2022-32896: Wojciech Reguła (@_r3ggi) **Kernel** Available for: macOS Big Sur Impact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-46701: Felix Poulin-Belanger Entry added May 11, 2023 **Kernel** Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-32914: Zweig of Kunlun Lab Entry added October 27, 2022 **Kernel** Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de) CVE-2022-32911: Zweig of Kunlun Lab CVE-2022-32924: Ian Beer of Google Project Zero Entry updated October 27, 2022 **Kernel** Available for: macOS Big Sur Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de) **Kernel** Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32894: an anonymous researcher **Kernel** Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: The issue was addressed with improved bounds checks. CVE-2022-32917: an anonymous researcher **Maps** Available for: macOS Big Sur Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions. CVE-2022-32883: Ron Masas of breakpointhq.com Entry updated October 27, 2022 **MediaLibrary** Available for: macOS Big Sur Impact: A user may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-32908: an anonymous researcher **ncurses** Available for: macOS Big Sur Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-39537 Entry added October 27, 2022 **PackageKit** Available for: macOS Big Sur Impact: An app may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2022-32900: Mickey Jin (@patch1t) **Sandbox** Available for: macOS Big Sur Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved restrictions. CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 27, 2022 **Security** Available for: macOS Big Sur Impact: An app may be able to bypass code signing checks Description: An issue in code signature validation was addressed with improved checks. CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de) Entry added October 27, 2022 **Sidecar** Available for: macOS Big Sur Impact: A user may be able to view restricted content from the lock screen Description: A logic issue was addressed with improved state management. CVE-2022-42790: Om kothawade of Zaprico Digital Entry added October 27, 2022 **SMB** Available for: macOS Big Sur Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling. CVE-2022-32934: Felix Poulin-Belanger Entry added October 27, 2022 **Vim** Available for: macOS Big Sur Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents Description: This issue was addressed with improved checks. CVE-2022-1720 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 Entry added October 27, 2022 **Weather** Available for: macOS Big Sur Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved state management. CVE-2022-32875: an anonymous researcher Entry added October 27, 2022 **WebKit** Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla: 242047 CVE-2022-32888: P1umer (@p1umer) Entry added October 27, 2022 ![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png) ## Additional recognition **apache** We would like to acknowledge Tricia Lee of Enterprise Service Center for their assistance. Entry added May 11, 2023 **Identity Services** We would like to acknowledge Joshua Jones for their assistance. Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information. Published Date: May 11, 2023

Affected Software

CPE Name	Name	Version
	macos big sur	11.7

{"id": "APPLE:CF4E2FCD25E41260852DC0DC2428E0AC", "vendorId": null, "type": "apple", "bulletinFamily": "software", "title": "About the security content of macOS Big Sur 11.7", "description": "# About the security content of macOS Big Sur 11.7\n\nThis document describes the security content of macOS Big Sur 11.7.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Big Sur 11.7\n\nReleased September 12, 2022\n\n**AppleMobileFileIntegrity**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc.\n\nEntry added October 27, 2022\n\n**ATS**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2022-32904: Mickey Jin (@patch1t)\n\nEntry added October 27, 2022\n\n**ATS**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32902: Mickey Jin (@patch1t)\n\n**Calendar**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to read sensitive location information\n\nDescription: An access issue was addressed with improved access restrictions.\n\nCVE-2022-42819: an anonymous researcher\n\nEntry added October 27, 2022\n\n**Contacts**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security\n\n**GarageBand**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: A configuration issue was addressed with additional restrictions.\n\nCVE-2022-32877: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added October 27, 2022\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-1622\n\nEntry added October 27, 2022\n\n**Image Processing**\n\nAvailable for: macOS Big Sur\n\nImpact: A sandboxed app may be able to determine which app is currently using the camera\n\nDescription: The issue was addressed with additional restrictions on the observability of app states.\n\nCVE-2022-32913: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\nEntry added October 27, 2022\n\n**iMovie**\n\nAvailable for: macOS Big Sur\n\nImpact: A user may be able to view sensitive user information\n\nDescription: This issue was addressed by enabling hardened runtime.\n\nCVE-2022-32896: Wojciech Regu\u0142a (@_r3ggi)\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-46701: Felix Poulin-Belanger\n\nEntry added May 11, 2023\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32914: Zweig of Kunlun Lab\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)\n\nCVE-2022-32911: Zweig of Kunlun Lab\n\nCVE-2022-32924: Ian Beer of Google Project Zero\n\nEntry updated October 27, 2022\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32894: an anonymous researcher\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32917: an anonymous researcher\n\n**Maps**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32883: Ron Masas of breakpointhq.com\n\nEntry updated October 27, 2022\n\n**MediaLibrary**\n\nAvailable for: macOS Big Sur\n\nImpact: A user may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-32908: an anonymous researcher\n\n**ncurses**\n\nAvailable for: macOS Big Sur\n\nImpact: A user may be able to cause unexpected app termination or arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2021-39537\n\nEntry added October 27, 2022\n\n**PackageKit**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32900: Mickey Jin (@patch1t)\n\n**Sandbox**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added October 27, 2022\n\n**Security**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to bypass code signing checks\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)\n\nEntry added October 27, 2022\n\n**Sidecar**\n\nAvailable for: macOS Big Sur\n\nImpact: A user may be able to view restricted content from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-42790: Om kothawade of Zaprico Digital\n\nEntry added October 27, 2022\n\n**SMB**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32934: Felix Poulin-Belanger\n\nEntry added October 27, 2022\n\n**Vim**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-1720\n\nCVE-2022-2000\n\nCVE-2022-2042\n\nCVE-2022-2124\n\nCVE-2022-2125\n\nCVE-2022-2126\n\nEntry added October 27, 2022\n\n**Weather**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32875: an anonymous researcher\n\nEntry added October 27, 2022\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242047 \nCVE-2022-32888: P1umer (@p1umer)\n\nEntry added October 27, 2022\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**apache**\n\nWe would like to acknowledge Tricia Lee of Enterprise Service Center for their assistance.\n\nEntry added May 11, 2023\n\n**Identity Services**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: May 11, 2023\n", "published": "2022-09-12T00:00:00", "modified": "2022-09-12T00:00:00", "epss": [{"cve": "CVE-2021-39537", "epss": 0.00851, "percentile": 0.79824, "modified": "2023-05-23"}, {"cve": "CVE-2022-1622", "epss": 0.00059, "percentile": 0.22813, "modified": "2023-06-17"}, {"cve": "CVE-2022-1720", "epss": 0.00265, "percentile": 0.62876, "modified": "2023-06-17"}, {"cve": "CVE-2022-2000", "epss": 0.00079, "percentile": 0.32824, "modified": "2023-06-17"}, {"cve": "CVE-2022-2042", "epss": 0.00056, "percentile": 0.21423, "modified": "2023-06-17"}, {"cve": "CVE-2022-2124", "epss": 0.00075, "percentile": 0.30543, "modified": "2023-06-17"}, {"cve": "CVE-2022-2125", "epss": 0.00078, "percentile": 0.32345, "modified": "2023-06-13"}, {"cve": "CVE-2022-2126", "epss": 0.00075, "percentile": 0.305, "modified": "2023-06-13"}, {"cve": "CVE-2022-32854", "epss": 0.00046, "percentile": 0.12913, "modified": "2023-08-11"}, {"cve": "CVE-2022-32864", "epss": 0.00048, "percentile": 0.14576, "modified": "2023-06-03"}, {"cve": "CVE-2022-32866", "epss": 0.00053, "percentile": 0.18856, "modified": "2023-06-03"}, {"cve": "CVE-2022-32875", "epss": 0.00045, "percentile": 0.12287, "modified": "2023-06-03"}, {"cve": "CVE-2022-32877", "epss": 0.00052, "percentile": 0.186, "modified": "2023-06-03"}, {"cve": "CVE-2022-32881", "epss": 0.0005, "percentile": 0.16498, "modified": "2023-06-03"}, {"cve": "CVE-2022-32883", "epss": 0.00047, "percentile": 0.1454, "modified": "2023-08-11"}, {"cve": "CVE-2022-32888", "epss": 0.00134, "percentile": 0.4735, "modified": "2023-06-07"}, {"cve": "CVE-2022-32894", "epss": 0.00077, "percentile": 0.31391, "modified": "2023-06-03"}, {"cve": "CVE-2022-32896", "epss": 0.00043, "percentile": 0.06986, "modified": "2023-08-16"}, {"cve": "CVE-2022-32900", "epss": 0.00043, "percentile": 0.06992, "modified": "2023-06-03"}, {"cve": "CVE-2022-32902", "epss": 0.00045, "percentile": 0.12526, "modified": "2023-06-03"}, {"cve": "CVE-2022-32904", "epss": 0.00052, "percentile": 0.186, "modified": "2023-06-03"}, {"cve": "CVE-2022-32908", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-32911", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-32913", "epss": 0.00045, "percentile": 0.12554, "modified": "2023-06-03"}, {"cve": "CVE-2022-32914", "epss": 0.00056, "percentile": 0.21229, "modified": "2023-06-03"}, {"cve": "CVE-2022-32917", "epss": 0.00059, "percentile": 0.22935, "modified": "2023-06-03"}, {"cve": "CVE-2022-32924", "epss": 0.00046, "percentile": 0.12952, "modified": "2023-06-03"}, {"cve": "CVE-2022-32934", "epss": 0.00153, "percentile": 0.50367, "modified": "2023-06-03"}, {"cve": "CVE-2022-42789", "epss": 0.00052, "percentile": 0.186, "modified": "2023-06-03"}, {"cve": "CVE-2022-42790", "epss": 0.00045, "percentile": 0.12287, "modified": "2023-06-03"}, {"cve": "CVE-2022-42793", "epss": 0.0005, "percentile": 0.1643, "modified": "2023-08-11"}, {"cve": "CVE-2022-42819", "epss": 0.00052, "percentile": 0.186, "modified": "2023-06-03"}, {"cve": "CVE-2022-46701", "epss": 0.00042, "percentile": 0.05711, "modified": "2023-08-16"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://support.apple.com/kb/HT213443", "reporter": "Apple", "references": ["https://support.apple.com/en-us/HT201222"], "cvelist": ["CVE-2021-39537", "CVE-2022-1622", "CVE-2022-1720", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-32854", "CVE-2022-32864", "CVE-2022-32866", "CVE-2022-32875", "CVE-2022-32877", "CVE-2022-32881", "CVE-2022-32883", "CVE-2022-32888", "CVE-2022-32894", "CVE-2022-32896", "CVE-2022-32900", "CVE-2022-32902", "CVE-2022-32904", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32913", "CVE-2022-32914", "CVE-2022-32917", "CVE-2022-32924", "CVE-2022-32934", "CVE-2022-42789", "CVE-2022-42790", "CVE-2022-42793", "CVE-2022-42819", "CVE-2022-46701"], "immutableFields": [], "lastseen": "2023-08-17T06:09:48", "viewCount": 16, "enchantments": {"affected_software": {"major_version": [{"name": "macos big sur", "version": 11}]}, "affected_software_major_version": [{"name": "macos big sur", "version": 11}], "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2023:2256", "ALSA-2023:2834"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-39537", "ALPINE:CVE-2022-1720", "ALPINE:CVE-2022-2000", "ALPINE:CVE-2022-2042", "ALPINE:CVE-2022-2124", "ALPINE:CVE-2022-2125", "ALPINE:CVE-2022-2126"]}, {"type": "amazon", "idList": ["ALAS-2022-1628", "ALAS2-2022-1829", "ALAS2-2022-1893", "ALAS2-2023-2088"]}, {"type": "apple", "idList": ["APPLE:00B94E757766A642E6CC57C541A7B04B", "APPLE:0D23664345B6256D45D541285C4AEB4A", "APPLE:138DC64ECE1F07104C6EF7D22CA29AAF", "APPLE:59B0AAEF029FEFCB696BDCC924053209", "APPLE:5D20BFFCE6B79E6E7DF122C3E4FF65AC", "APPLE:6F3B71CFB020FAD994EF3CE1B54E774D", "APPLE:721CCEB54852616E91D4F55C8F273EE3", "APPLE:83030F066E0A42EFBEAECA054548F487", "APPLE:8DB8A023F085402CC89932664B1481DC", "APPLE:9107D4B4EE91B3991ECFADF74C6E6782", "APPLE:94E98E15A096BFEBBCA4E7BF7D3D6C7D", "APPLE:97987E2E9AC46D65F7E0A95C1BDF9921", "APPLE:D9E25AE7DC689A52756D7203E6E753C8", "APPLE:E351282C4281387D6A17586B33AF689C", "APPLE:E6E6FB10A782896AF739FE023888D6F9", "APPLE:F99F855A2C143ACC1F38687F55E85474"]}, {"type": "attackerkb", "idList": ["AKB:768DA55B-E20A-49F0-AC15-CC1F4DC65DAC", "AKB:A0C8E5E1-E212-4D46-97F4-2C5A5F8F05F2"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2022-32894", "CISA-KEV-CVE-2022-32917"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:6F549C15AA8101FE972631A08A5F16F0", "CFOUNDRY:B7E6A5079F227CEE4C5688FD51374F06"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1655901698", "CLSA-2022:1657182572"]}, {"type": "cnvd", "idList": ["CNVD-2022-58457", "CNVD-2022-68098"]}, {"type": "cve", "idList": ["CVE-2021-39537", "CVE-2022-1622", "CVE-2022-1720", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-32854", "CVE-2022-32864", "CVE-2022-32866", "CVE-2022-32875", "CVE-2022-32877", "CVE-2022-32881", "CVE-2022-32883", "CVE-2022-32888", "CVE-2022-32894", "CVE-2022-32896", "CVE-2022-32900", "CVE-2022-32902", "CVE-2022-32904", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32913", "CVE-2022-32914", "CVE-2022-32917", "CVE-2022-32924", "CVE-2022-32934", "CVE-2022-42789", "CVE-2022-42790", "CVE-2022-42793", "CVE-2022-42819", "CVE-2022-46701"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3053-1:6E02B", "DEBIAN:DLA-3182-1:FC9F7", "DEBIAN:DLA-3204-1:C26DB", "DEBIAN:DSA-5333-1:E9E78"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-39537", "DEBIANCVE:CVE-2022-1622", "DEBIANCVE:CVE-2022-1720", "DEBIANCVE:CVE-2022-2000", "DEBIANCVE:CVE-2022-2042", "DEBIANCVE:CVE-2022-2124", "DEBIANCVE:CVE-2022-2125", "DEBIANCVE:CVE-2022-2126", "DEBIANCVE:CVE-2022-32888"]}, {"type": "fedora", "idList": ["FEDORA:04D3F30BA770", "FEDORA:1961D302B0F5", "FEDORA:652A53055F7D", "FEDORA:7692C30444C9", "FEDORA:E8F3430FC64B"]}, {"type": "gentoo", "idList": ["GLSA-202208-32", "GLSA-202210-10", "GLSA-202305-16", "GLSA-202305-32"]}, {"type": "hivepro", "idList": ["HIVEPRO:191275C5ECED2A57E4265562184B48DA"]}, {"type": "huntr", "idList": ["17DAB24D-BEEC-464D-9A72-5B6B11283705", "5CCFB386-7EB9-46E5-98E5-243EA4B358A8", "8628B4CD-4055-4059-AED4-64F7FDC10EBA", "8D196D9B-3D10-41D2-9F70-8EF0D08C946E", "8E9E056D-F733-4540-98B6-414BF36E0B42", "F61A64E2-D163-461B-A77E-46AB38E021F0"]}, {"type": "ibm", "idList": ["3B5A41AF3FFC24CF7D283C71B87D4654ECF7479BA687E47D5AD965C6BAB8EA65"]}, {"type": "mageia", "idList": ["MGASA-2022-0240", "MGASA-2022-0421", "MGASA-2022-0430"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:2B7FA24A43BE3D53EA1E393BEC594625", "MALWAREBYTES:570936F207FD4A3EB4366346C255209A", "MALWAREBYTES:6B076C11790BA7213FDAD04636FDD786", "MALWAREBYTES:E9F8D9962C90DF0556F1F4180FFAA7D7"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-094.NASL", "AL2022_ALAS2022-2022-116.NASL", "AL2022_ALAS2022-2022-155.NASL", "AL2022_ALAS2022-2022-183.NASL", "AL2022_ALAS2022-2022-194.NASL", "AL2022_ALAS2022-2022-217.NASL", "AL2023_ALAS2023-2023-023.NASL", "AL2023_ALAS2023-2023-050.NASL", "AL2023_ALAS2023-2023-098.NASL", "AL2_ALAS-2022-1829.NASL", "AL2_ALAS-2022-1893.NASL", "AL2_ALAS-2023-2088.NASL", "ALA_ALAS-2022-1628.NASL", "ALMA_LINUX_ALSA-2023-2256.NASL", "ALMA_LINUX_ALSA-2023-2834.NASL", "APPLETV_16_1.NASL", "APPLETV_16_2.NASL", "APPLE_IOS_1561_CHECK.NBIN", "APPLE_IOS_157_CHECK.NBIN", "APPLE_IOS_16_CHECK.NBIN", "CENTOS8_RHSA-2023-2834.NASL", "DEBIAN_DLA-3053.NASL", "DEBIAN_DLA-3182.NASL", "DEBIAN_DLA-3204.NASL", "DEBIAN_DSA-5333.NASL", "EULEROS_SA-2021-2806.NASL", "EULEROS_SA-2021-2917.NASL", "EULEROS_SA-2021-2925.NASL", "EULEROS_SA-2022-1047.NASL", "EULEROS_SA-2022-1210.NASL", "EULEROS_SA-2022-1229.NASL", "EULEROS_SA-2022-1380.NASL", "EULEROS_SA-2022-1406.NASL", "EULEROS_SA-2022-2237.NASL", "EULEROS_SA-2022-2250.NASL", "EULEROS_SA-2022-2263.NASL", "EULEROS_SA-2022-2282.NASL", "EULEROS_SA-2022-2307.NASL", "EULEROS_SA-2022-2336.NASL", "EULEROS_SA-2022-2369.NASL", "EULEROS_SA-2022-2405.NASL", "EULEROS_SA-2022-2423.NASL", "EULEROS_SA-2022-2436.NASL", "EULEROS_SA-2022-2451.NASL", "EULEROS_SA-2022-2483.NASL", "EULEROS_SA-2022-2541.NASL", "EULEROS_SA-2022-2594.NASL", "EULEROS_SA-2022-2639.NASL", "EULEROS_SA-2022-2810.NASL", "EULEROS_SA-2022-2879.NASL", "EULEROS_SA-2022-2897.NASL", "EULEROS_SA-2023-1303.NASL", "EULEROS_SA-2023-1736.NASL", "EULEROS_SA-2023-2251.NASL", "EULEROS_SA-2023-2442.NASL", "GENTOO_GLSA-202208-32.NASL", "GENTOO_GLSA-202210-10.NASL", "GENTOO_GLSA-202305-16.NASL", "GENTOO_GLSA-202305-32.NASL", "MACOS_HT213413.NASL", "MACOS_HT213443.NASL", "MACOS_HT213444.NASL", "MACOS_HT213532.NASL", "MARINER_LIBTIFF_CVE-2022-1622.NASL", "OPENSUSE-2021-1417.NASL", "OPENSUSE-2021-3490.NASL", "ORACLELINUX_ELSA-2023-2256.NASL", "ORACLELINUX_ELSA-2023-2834.NASL", "REDHAT-RHSA-2023-2256.NASL", "REDHAT-RHSA-2023-2834.NASL", "SUSE_SU-2021-3490-1.NASL", "SUSE_SU-2021-3491-1.NASL", "SUSE_SU-2022-3229-1.NASL", "SUSE_SU-2022-4207-1.NASL", "SUSE_SU-2022-4283-1.NASL", "SUSE_SU-2022-4284-1.NASL", "SUSE_SU-2022-4285-1.NASL", "SUSE_SU-2022-4619-1.NASL", "UBUNTU_USN-5477-1.NASL", "UBUNTU_USN-5492-1.NASL", "UBUNTU_USN-5516-1.NASL", "UBUNTU_USN-5723-1.NASL", "UBUNTU_USN-5730-1.NASL", "UBUNTU_USN-5995-1.NASL", "UBUNTU_USN-6099-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2023-2256", "ELSA-2023-2834"]}, {"type": "osv", "idList": ["OSV:CVE-2021-39537", "OSV:CVE-2022-2124", "OSV:CVE-2022-2125", "OSV:CVE-2022-2126", "OSV:DLA-3053-1", "OSV:DLA-3182-1", "OSV:DLA-3204-1", "OSV:DSA-5333-1"]}, {"type": "photon", "idList": ["PHSA-2021-0407", "PHSA-2021-0445", "PHSA-2021-3.0-0314", "PHSA-2022-0208", "PHSA-2022-0400", "PHSA-2022-0415", "PHSA-2022-0493", "PHSA-2022-3.0-0400", "PHSA-2022-3.0-0415", "PHSA-2022-4.0-0202", "PHSA-2022-4.0-0208"]}, {"type": "prion", "idList": ["PRION:CVE-2021-39537", "PRION:CVE-2022-1622", "PRION:CVE-2022-1720", "PRION:CVE-2022-2000", "PRION:CVE-2022-2042", "PRION:CVE-2022-2124", "PRION:CVE-2022-2125", "PRION:CVE-2022-2126", "PRION:CVE-2022-32854", "PRION:CVE-2022-32864", "PRION:CVE-2022-32866", "PRION:CVE-2022-32875", "PRION:CVE-2022-32877", "PRION:CVE-2022-32881", "PRION:CVE-2022-32883", "PRION:CVE-2022-32888", "PRION:CVE-2022-32894", "PRION:CVE-2022-32896", "PRION:CVE-2022-32900", "PRION:CVE-2022-32902", "PRION:CVE-2022-32904", "PRION:CVE-2022-32908", "PRION:CVE-2022-32911", "PRION:CVE-2022-32913", "PRION:CVE-2022-32914", "PRION:CVE-2022-32917", "PRION:CVE-2022-32924", "PRION:CVE-2022-32934", "PRION:CVE-2022-42789", "PRION:CVE-2022-42790", "PRION:CVE-2022-42793", "PRION:CVE-2022-42819", "PRION:CVE-2022-46701"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:DE2E40D3BB574E53C7448F3A304849C9", "QUALYSBLOG:F062F85432853297A014064EA7A5C183"]}, {"type": "redhat", "idList": ["RHSA-2023:2256", "RHSA-2023:2834"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-39537", "RH:CVE-2022-1622", "RH:CVE-2022-1720", "RH:CVE-2022-2000", "RH:CVE-2022-2042", "RH:CVE-2022-2124", "RH:CVE-2022-2125", "RH:CVE-2022-2126", "RH:CVE-2022-32888"]}, {"type": "redos", "idList": ["ROS-20220701-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:1417-1", "OPENSUSE-SU-2021:3490-1", "SUSE-SU-2022:3229-1"]}, {"type": "talosblog", "idList": ["TALOSBLOG:340C6278FFC694179634A24F686CBFDF", "TALOSBLOG:53D093A8C1C443878386CF6F108BED03", "TALOSBLOG:8702885301AC5E41DC818B2EF245CC29"]}, {"type": "thn", "idList": ["THN:221BD04ADD3814DC78AF58DFF41861F3", "THN:4B97BCD00CAE89549A57EBFAECA484AE", "THN:7A0BB9AD4437D8A1043E4BE4BA0E915C", "THN:A60A19BF44B2CA75E63F31234992BE54", "THN:DEAEC76D89D5583101E2E6036C289609", "THN:EC350D7E2CF02EC9CB76AA85E0D3F47A"]}, {"type": "threatpost", "idList": ["THREATPOST:DCD8C6A45F83A5C79CA1807D2B2A4A41"]}, {"type": "trellix", "idList": ["TRELLIX:EBD56C9F3321809BB35031678EE7699F"]}, {"type": "ubuntu", "idList": ["USN-5477-1", "USN-5492-1", "USN-5516-1", "USN-5723-1", "USN-5730-1", "USN-5995-1", "USN-6099-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-39537", "UB:CVE-2022-1622", "UB:CVE-2022-1623", "UB:CVE-2022-1720", "UB:CVE-2022-2000", "UB:CVE-2022-2042", "UB:CVE-2022-2124", "UB:CVE-2022-2125", "UB:CVE-2022-2126", "UB:CVE-2022-32888"]}, {"type": "veracode", "idList": ["VERACODE:33221", "VERACODE:35478", "VERACODE:36119", "VERACODE:36133", "VERACODE:36134", "VERACODE:36243", "VERACODE:36689", "VERACODE:36690"]}]}, "score": {"value": 9.2, "vector": "NONE"}, "epss": [{"cve": "CVE-2021-39537", "epss": 0.00686, "percentile": 0.7715, "modified": "2023-05-02"}, {"cve": "CVE-2022-1622", "epss": 0.00049, "percentile": 0.15315, "modified": "2023-05-02"}, {"cve": "CVE-2022-1720", "epss": 0.00123, "percentile": 0.45242, "modified": "2023-05-02"}, {"cve": "CVE-2022-2000", "epss": 0.00056, "percentile": 0.21023, "modified": "2023-05-02"}, {"cve": "CVE-2022-2042", "epss": 0.00056, "percentile": 0.21278, "modified": "2023-05-02"}, {"cve": "CVE-2022-2124", "epss": 0.00075, "percentile": 0.30368, "modified": "2023-05-02"}, {"cve": "CVE-2022-2125", "epss": 0.00055, "percentile": 0.20809, "modified": "2023-05-02"}, {"cve": "CVE-2022-2126", "epss": 0.00075, "percentile": 0.30368, "modified": "2023-05-02"}, {"cve": "CVE-2022-32854", "epss": 0.00046, "percentile": 0.12901, "modified": "2023-05-02"}, {"cve": "CVE-2022-32864", "epss": 0.00048, "percentile": 0.14541, "modified": "2023-05-02"}, {"cve": "CVE-2022-32866", "epss": 0.00053, "percentile": 0.18847, "modified": "2023-05-02"}, {"cve": "CVE-2022-32875", "epss": 0.00045, "percentile": 0.12278, "modified": "2023-05-02"}, {"cve": "CVE-2022-32877", "epss": 0.00052, "percentile": 0.18586, "modified": "2023-05-02"}, {"cve": "CVE-2022-32881", "epss": 0.0005, "percentile": 0.16472, "modified": "2023-05-02"}, {"cve": "CVE-2022-32883", "epss": 0.00047, "percentile": 0.14517, "modified": "2023-05-02"}, {"cve": "CVE-2022-32888", "epss": 0.00123, "percentile": 0.45314, "modified": "2023-05-02"}, {"cve": "CVE-2022-32894", "epss": 0.00074, "percentile": 0.3016, "modified": "2023-05-02"}, {"cve": "CVE-2022-32896", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2022-32900", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2022-32902", "epss": 0.00045, "percentile": 0.12518, "modified": "2023-05-02"}, {"cve": "CVE-2022-32904", "epss": 0.00052, "percentile": 0.18586, "modified": "2023-05-02"}, {"cve": "CVE-2022-32908", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-32911", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-32913", "epss": 0.00045, "percentile": 0.12551, "modified": "2023-05-02"}, {"cve": "CVE-2022-32914", "epss": 0.00056, "percentile": 0.2124, "modified": "2023-05-02"}, {"cve": "CVE-2022-32917", "epss": 0.00059, "percentile": 0.22852, "modified": "2023-05-02"}, {"cve": "CVE-2022-32924", "epss": 0.00046, "percentile": 0.12939, "modified": "2023-05-02"}, {"cve": "CVE-2022-32934", "epss": 0.00153, "percentile": 0.50176, "modified": "2023-05-02"}, {"cve": "CVE-2022-42789", "epss": 0.00052, "percentile": 0.18586, "modified": "2023-05-02"}, {"cve": "CVE-2022-42790", "epss": 0.00045, "percentile": 0.12278, "modified": "2023-05-02"}, {"cve": "CVE-2022-42793", "epss": 0.0005, "percentile": 0.1647, "modified": "2023-05-02"}, {"cve": "CVE-2022-42819", "epss": 0.00052, "percentile": 0.18586, "modified": "2023-05-02"}], "vulnersScore": 9.2}, "_state": {"affected_software_major_version": 0, "dependencies": 1692252762, "score": 1692253360, "epss": 0}, "_internal": {"score_hash": "c71849a6a77272a911b0ed60a2e00be4"}, "affectedSoftware": [{"version": "11.7", "operator": "lt", "name": "macos big sur"}]}

{"nessus": [{"lastseen": "2023-05-17T16:34:48", "description": "The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7 Big Sur. It is, therefore, affected by multiple vulnerabilities :\n\n - Flaws with handling memory in the kernel. As a result, an app can be able to execute arbitrary code with kernel privileges or disclose kernel memory. (CVE-2022-32911, CVE-2022-32864)\n\n - Incorrect bounds checks in the kernel. As a result, an app can execute arbitrary code with kernel privileges. (CVE-2022-32894, CVE-2022-32917)\n\n - A logic issue in the Maps app. As a result an app can read sensitive location information.\n (CVE-2022-32883)\n\n - A flaw in the iMovie runtime. As a result a user can view sensitive information. (CVE-2022-32896)\n\n - A logic issue in the ATS and Contacts components. As a result an app can bypass privacy preferences.\n (CVE-2022-32854, CVE-2022-32900)\n\n - A logic issue in PackageKit. As a result an app can gain elevated privileges. (CVE-2022-32900)\n\n - A memory corruption issue in the MediaLibrary component. As a result a user can elevate privileges.\n (CVE-2022-32908)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "macOS 11.x < 11.7 (HT213443)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32854", "CVE-2022-32864", "CVE-2022-32883", "CVE-2022-32894", "CVE-2022-32896", "CVE-2022-32900", "CVE-2022-32902", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32917"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT213443.NASL", "href": "https://www.tenable.com/plugins/nessus/165108", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165108);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-32854\",\n \"CVE-2022-32864\",\n \"CVE-2022-32883\",\n \"CVE-2022-32894\",\n \"CVE-2022-32896\",\n \"CVE-2022-32900\",\n \"CVE-2022-32902\",\n \"CVE-2022-32908\",\n \"CVE-2022-32911\",\n \"CVE-2022-32917\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT213443\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/09/08\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0355-S\");\n\n script_name(english:\"macOS 11.x < 11.7 (HT213443)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update or supplemental update that fixes multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7 Big Sur. It is, therefore, \naffected by multiple vulnerabilities :\n\n - Flaws with handling memory in the kernel. As a result, an app can be able to execute arbitrary code with\n kernel privileges or disclose kernel memory. (CVE-2022-32911, CVE-2022-32864)\n\n - Incorrect bounds checks in the kernel. As a result, an app can execute arbitrary code with kernel\n privileges. (CVE-2022-32894, CVE-2022-32917)\n\n - A logic issue in the Maps app. As a result an app can read sensitive location information.\n (CVE-2022-32883)\n\n - A flaw in the iMovie runtime. As a result a user can view sensitive information. (CVE-2022-32896)\n\n - A logic issue in the ATS and Contacts components. As a result an app can bypass privacy preferences.\n (CVE-2022-32854, CVE-2022-32900)\n\n - A logic issue in PackageKit. As a result an app can gain elevated privileges. (CVE-2022-32900)\n\n - A memory corruption issue in the MediaLibrary component. As a result a user can elevate privileges.\n (CVE-2022-32908)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-gb/HT213443\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 11.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32894\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32917\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [{ 'min_version' : '11.0', 'fixed_version' : '11.7', 'fixed_display' : 'macOS Big Sur 11.7' }];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:34:20", "description": "The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6 Monterey. It is, therefore, affected by multiple vulnerabilities :\n\n - Flaws with handling memory in the kernel. As a result, an app can be able to execute arbitrary code with kernel privileges or disclose kernel memory. (CVE-2022-32911, CVE-2022-32864)\n\n - Incorrect bounds checks in the kernel. As a result, an app can execute arbitrary code with kernel privileges. (CVE-2022-32917)\n\n - A logic issue in the Maps app. As a result an app can read sensitive location information.\n (CVE-2022-32883)\n\n - A flaw in the iMovie runtime. As a result a user can view sensitive information. (CVE-2022-32896)\n\n - A logic issue in the ATS component. As a result an app can bypass privacy preferences. (CVE-2022-32900)\n\n - A logic issue in PackageKit. As a result an app can gain elevated privileges. (CVE-2022-32900)\n\n - A memory corruption issue in the MediaLibrary component. As a result a user can elevate privileges.\n (CVE-2022-32908)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "macOS 12.x < 12.6 (HT213444)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32864", "CVE-2022-32883", "CVE-2022-32896", "CVE-2022-32900", "CVE-2022-32902", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32917"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT213444.NASL", "href": "https://www.tenable.com/plugins/nessus/165106", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165106);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-32864\",\n \"CVE-2022-32883\",\n \"CVE-2022-32896\",\n \"CVE-2022-32900\",\n \"CVE-2022-32902\",\n \"CVE-2022-32908\",\n \"CVE-2022-32911\",\n \"CVE-2022-32917\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT213444\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/05\");\n script_xref(name:\"IAVA\", value:\"2022-A-0355-S\");\n\n script_name(english:\"macOS 12.x < 12.6 (HT213444)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update or supplemental update that fixes multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6 Monterey. It is, therefore,\naffected by multiple vulnerabilities :\n\n - Flaws with handling memory in the kernel. As a result, an app can be able to execute arbitrary code with\n kernel privileges or disclose kernel memory. (CVE-2022-32911, CVE-2022-32864)\n\n - Incorrect bounds checks in the kernel. As a result, an app can execute arbitrary code with kernel\n privileges. (CVE-2022-32917)\n\n - A logic issue in the Maps app. As a result an app can read sensitive location information.\n (CVE-2022-32883)\n\n - A flaw in the iMovie runtime. As a result a user can view sensitive information. (CVE-2022-32896)\n\n - A logic issue in the ATS component. As a result an app can bypass privacy preferences. (CVE-2022-32900)\n\n - A logic issue in PackageKit. As a result an app can gain elevated privileges. (CVE-2022-32900)\n\n - A memory corruption issue in the MediaLibrary component. As a result a user can elevate privileges.\n (CVE-2022-32908)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-gb/HT213444\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 12.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32917\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [\n {\n 'min_version': '12.0',\n 'fixed_version': '12.6',\n 'fixed_display': 'macOS Monterey 12.6'\n }\n];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-20T23:02:21", "description": "The version of Apple iOS running on the mobile device is prior to 16. It is, therefore, affected by multiple vulnerabilities:\n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32886)\n\n - An app may be able to disclose kernel memory (CVE-2022-32864)\n\n - An app may be able to execute arbitrary code with kernel privilege (CVE-2022-32911) \n - An application may be able to execute arbitrary code with kernel privileges (CVE-2022-32917)\n\n - A user may be able to elevate privileges (CVE-2022-32908)\n\n - Visiting a malicious website may lead to address bar spoofing (CVE-2022-32795)\n\n - An app may be able to bypass Privacy preferences (CVE-2022-32854) \n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32912)\n\n - A website may be able to track users through Safari web extensions (CVE-2022-32868)\n\n - A person with physical access to an iOS device may be able to access photos from the lock screen (CVE-2022-32872)\n\n - An app may be able to read sensitive location information (CVE-2022-32883)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "Apple iOS < 16 Multiple Vulnerabilities (HT213446)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32795", "CVE-2022-32854", "CVE-2022-32864", "CVE-2022-32868", "CVE-2022-32872", "CVE-2022-32883", "CVE-2022-32886", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32912", "CVE-2022-32917"], "modified": "2023-06-20T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_16_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/165105", "sourceData": "Binary data apple_ios_16_check.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-20T23:00:03", "description": "The version of Apple iOS running on the mobile device is prior to 15.7. It is, therefore, affected by multiple vulnerabilities:\n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32886)\n\n - An app may be able to disclose kernel memory (CVE-2022-32864)\n\n - An app may be able to execute arbitrary code with kernel privilege (CVE-2022-32911) \n - An application may be able to execute arbitrary code with kernel privileges (CVE-2022-32917)\n\n - A user may be able to elevate privileges (CVE-2022-32908)\n\n - Visiting a malicious website may lead to address bar spoofing (CVE-2022-32795)\n\n - An app may be able to bypass Privacy preferences (CVE-2022-32854) \n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2022-32912)\n\n - A website may be able to track users through Safari web extensions (CVE-2022-32868)\n\n - A person with physical access to an iOS device may be able to access photos from the lock screen (CVE-2022-32872)\n\n - An app may be able to read sensitive location information (CVE-2022-32883)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-13T00:00:00", "type": "nessus", "title": "Apple iOS < 15.7 Multiple Vulnerabilities (HT213445)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32795", "CVE-2022-32854", "CVE-2022-32864", "CVE-2022-32868", "CVE-2022-32872", "CVE-2022-32883", "CVE-2022-32886", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32912", "CVE-2022-32917"], "modified": "2023-06-20T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_157_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/164970", "sourceData": "Binary data apple_ios_157_check.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:49", "description": "According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-12-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : ncurses (EulerOS-SA-2021-2925)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2021-12-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ncurses", "p-cpe:/a:huawei:euleros:ncurses-base", "p-cpe:/a:huawei:euleros:ncurses-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2925.NASL", "href": "https://www.tenable.com/plugins/nessus/156411", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156411);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/30\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"EulerOS 2.0 SP9 : ncurses (EulerOS-SA-2021-2925)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2925\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5bd17f6d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ncurses packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ncurses-6.2-1.h1.r2.eulerosv2r9\",\n \"ncurses-base-6.2-1.h1.r2.eulerosv2r9\",\n \"ncurses-libs-6.2-1.h1.r2.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:54", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3490-1 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-21T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : ncurses (openSUSE-SU-2021:3490-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2021-10-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libncurses5", "p-cpe:/a:novell:opensuse:libncurses5-32bit", "p-cpe:/a:novell:opensuse:libncurses6", "p-cpe:/a:novell:opensuse:libncurses6-32bit", "p-cpe:/a:novell:opensuse:ncurses-devel", "p-cpe:/a:novell:opensuse:ncurses-devel-32bit", "p-cpe:/a:novell:opensuse:ncurses-utils", "p-cpe:/a:novell:opensuse:ncurses5-devel", "p-cpe:/a:novell:opensuse:ncurses5-devel-32bit", "p-cpe:/a:novell:opensuse:tack", "p-cpe:/a:novell:opensuse:terminfo", "p-cpe:/a:novell:opensuse:terminfo-base", "p-cpe:/a:novell:opensuse:terminfo-iterm", "p-cpe:/a:novell:opensuse:terminfo-screen", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-3490.NASL", "href": "https://www.tenable.com/plugins/nessus/154290", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:3490-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154290);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/21\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"openSUSE 15 Security Update : ncurses (openSUSE-SU-2021:3490-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the\nopenSUSE-SU-2021:3490-1 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190793\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2IZOG455BIMQ6NKBIPOWITV4SHIG5YT7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d57205e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39537\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libncurses5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libncurses5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libncurses6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libncurses6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:terminfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:terminfo-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:terminfo-iterm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:terminfo-screen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libncurses5-32bit-6.1-5.9.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libncurses5-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libncurses6-32bit-6.1-5.9.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libncurses6-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-32bit-6.1-5.9.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-utils-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses5-devel-32bit-6.1-5.9.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses5-devel-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tack-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'terminfo-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'terminfo-base-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'terminfo-iterm-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'terminfo-screen-6.1-5.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libncurses5 / libncurses5-32bit / libncurses6 / libncurses6-32bit / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:13", "description": "According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-02-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : ncurses (EulerOS-SA-2022-1210)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2022-02-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ncurses", "p-cpe:/a:huawei:euleros:ncurses-base", "p-cpe:/a:huawei:euleros:ncurses-devel", "p-cpe:/a:huawei:euleros:ncurses-help", "p-cpe:/a:huawei:euleros:ncurses-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1210.NASL", "href": "https://www.tenable.com/plugins/nessus/158424", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158424);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/25\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"EulerOS 2.0 SP10 : ncurses (EulerOS-SA-2022-1210)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1210\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9c80b5ac\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ncurses packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ncurses-6.2-1.h2.eulerosv2r10\",\n \"ncurses-base-6.2-1.h2.eulerosv2r10\",\n \"ncurses-devel-6.2-1.h2.eulerosv2r10\",\n \"ncurses-help-6.2-1.h2.eulerosv2r10\",\n \"ncurses-libs-6.2-1.h2.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:51", "description": "According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-02-11T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : ncurses (EulerOS-SA-2022-1047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2022-02-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ncurses", "p-cpe:/a:huawei:euleros:ncurses-base", "p-cpe:/a:huawei:euleros:ncurses-c%2b%2b-libs", "p-cpe:/a:huawei:euleros:ncurses-compat-libs", "p-cpe:/a:huawei:euleros:ncurses-devel", "p-cpe:/a:huawei:euleros:ncurses-libs", "p-cpe:/a:huawei:euleros:ncurses-term", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2022-1047.NASL", "href": "https://www.tenable.com/plugins/nessus/157923", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157923);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/11\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : ncurses (EulerOS-SA-2022-1047)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1047\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c36c432c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ncurses packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-c++-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-compat-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-term\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ncurses-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-base-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-c++-libs-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-compat-libs-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-devel-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-libs-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-term-6.1-8.20180923.h2.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:49", "description": "According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-12-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : ncurses (EulerOS-SA-2021-2917)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2021-12-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ncurses", "p-cpe:/a:huawei:euleros:ncurses-base", "p-cpe:/a:huawei:euleros:ncurses-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2917.NASL", "href": "https://www.tenable.com/plugins/nessus/156408", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156408);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/30\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"EulerOS 2.0 SP9 : ncurses (EulerOS-SA-2021-2917)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2917\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2ffed766\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ncurses packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ncurses-6.2-1.h1.r2.eulerosv2r9\",\n \"ncurses-base-6.2-1.h1.r2.eulerosv2r9\",\n \"ncurses-libs-6.2-1.h1.r2.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:35:45", "description": "The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3491-1 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-21T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : ncurses (SUSE-SU-2021:3491-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libncurses5", "p-cpe:/a:novell:suse_linux:libncurses5-32bit", "p-cpe:/a:novell:suse_linux:libncurses6", "p-cpe:/a:novell:suse_linux:libncurses6-32bit", "p-cpe:/a:novell:suse_linux:ncurses-devel", "p-cpe:/a:novell:suse_linux:ncurses-devel-32bit", "p-cpe:/a:novell:suse_linux:ncurses-utils", "p-cpe:/a:novell:suse_linux:tack", "p-cpe:/a:novell:suse_linux:terminfo", "p-cpe:/a:novell:suse_linux:terminfo-base", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-3491-1.NASL", "href": "https://www.tenable.com/plugins/nessus/154325", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3491-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154325);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-39537\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3491-1\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ncurses (SUSE-SU-2021:3491-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as\nreferenced in the SUSE-SU-2021:3491-1 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39537\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-October/009632.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8ba7f492\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libncurses5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libncurses5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libncurses6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libncurses6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ncurses-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ncurses-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:terminfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:terminfo-base\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libncurses5-32bit-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libncurses5-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libncurses6-32bit-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libncurses6-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'ncurses-devel-32bit-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'ncurses-devel-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'ncurses-utils-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'tack-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'terminfo-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'terminfo-base-5.9-75.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'ncurses-devel-5.9-75.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'ncurses-devel-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'libncurses5-32bit-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libncurses5-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libncurses6-32bit-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libncurses6-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'ncurses-devel-32bit-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'ncurses-utils-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'tack-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'terminfo-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'terminfo-base-5.9-75.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libncurses5 / libncurses5-32bit / libncurses6 / libncurses6-32bit / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:36:50", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3490-1 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-21T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : ncurses (SUSE-SU-2021:3490-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libncurses5", "p-cpe:/a:novell:suse_linux:libncurses5-32bit", "p-cpe:/a:novell:suse_linux:libncurses6", "p-cpe:/a:novell:suse_linux:libncurses6-32bit", "p-cpe:/a:novell:suse_linux:ncurses-devel", "p-cpe:/a:novell:suse_linux:ncurses-devel-32bit", "p-cpe:/a:novell:suse_linux:ncurses-utils", "p-cpe:/a:novell:suse_linux:ncurses5-devel", "p-cpe:/a:novell:suse_linux:tack", "p-cpe:/a:novell:suse_linux:terminfo", "p-cpe:/a:novell:suse_linux:terminfo-base", "p-cpe:/a:novell:suse_linux:terminfo-iterm", "p-cpe:/a:novell:suse_linux:terminfo-screen", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3490-1.NASL", "href": "https://www.tenable.com/plugins/nessus/154314", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3490-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154314);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-39537\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3490-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ncurses (SUSE-SU-2021:3490-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in\nthe SUSE-SU-2021:3490-1 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39537\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-October/009630.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76496c46\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libncurses5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libncurses5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libncurses6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libncurses6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ncurses-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ncurses-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ncurses5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:terminfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:terminfo-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:terminfo-iterm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:terminfo-screen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libncurses6-32bit-6.1-5.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'libncurses6-32bit-6.1-5.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'libncurses6-6.1-5.9.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'libncurses6-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'ncurses-devel-6.1-5.9.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'ncurses-devel-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'ncurses-utils-6.1-5.9.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'ncurses-utils-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'tack-6.1-5.9.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'tack-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'terminfo-6.1-5.9.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'terminfo-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'terminfo-base-6.1-5.9.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'terminfo-base-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'terminfo-iterm-6.1-5.9.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'terminfo-iterm-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'terminfo-screen-6.1-5.9.1', 'sp':'2', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'terminfo-screen-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.2']},\n {'reference':'libncurses6-32bit-6.1-5.9.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libncurses6-32bit-6.1-5.9.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libncurses6-6.1-5.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libncurses6-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'ncurses-devel-6.1-5.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'ncurses-devel-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'ncurses-utils-6.1-5.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'ncurses-utils-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'tack-6.1-5.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'tack-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'terminfo-6.1-5.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'terminfo-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'terminfo-base-6.1-5.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'terminfo-base-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'terminfo-iterm-6.1-5.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'terminfo-iterm-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'terminfo-screen-6.1-5.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'terminfo-screen-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'ncurses-devel-32bit-6.1-5.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.2']},\n {'reference':'ncurses-devel-32bit-6.1-5.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.2']},\n {'reference':'ncurses-devel-32bit-6.1-5.9.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.3']},\n {'reference':'ncurses-devel-32bit-6.1-5.9.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-development-tools-release-15.3']},\n {'reference':'libncurses5-32bit-6.1-5.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.2']},\n {'reference':'libncurses5-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.2']},\n {'reference':'ncurses5-devel-6.1-5.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.2']},\n {'reference':'libncurses5-32bit-6.1-5.9.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.3']},\n {'reference':'libncurses5-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.3']},\n {'reference':'ncurses5-devel-6.1-5.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-legacy-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libncurses5 / libncurses5-32bit / libncurses6 / libncurses6-32bit / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:11", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1417-1 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-01T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : ncurses (openSUSE-SU-2021:1417-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2021-11-01T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libncurses5", "p-cpe:/a:novell:opensuse:libncurses5-32bit", "p-cpe:/a:novell:opensuse:libncurses6", "p-cpe:/a:novell:opensuse:libncurses6-32bit", "p-cpe:/a:novell:opensuse:ncurses-devel", "p-cpe:/a:novell:opensuse:ncurses-devel-32bit", "p-cpe:/a:novell:opensuse:ncurses-utils", "p-cpe:/a:novell:opensuse:ncurses5-devel", "p-cpe:/a:novell:opensuse:ncurses5-devel-32bit", "p-cpe:/a:novell:opensuse:tack", "p-cpe:/a:novell:opensuse:terminfo", "p-cpe:/a:novell:opensuse:terminfo-base", "p-cpe:/a:novell:opensuse:terminfo-iterm", "p-cpe:/a:novell:opensuse:terminfo-screen", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1417.NASL", "href": "https://www.tenable.com/plugins/nessus/154768", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1417-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154768);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/01\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"openSUSE 15 Security Update : ncurses (openSUSE-SU-2021:1417-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the\nopenSUSE-SU-2021:1417-1 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190793\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RTS45TDORJPZD3OEON7W6CTYLNX6KQ3J/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?35fae0b9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39537\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libncurses5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libncurses5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libncurses6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libncurses6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ncurses5-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:terminfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:terminfo-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:terminfo-iterm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:terminfo-screen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libncurses5-32bit-6.1-lp152.8.3.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libncurses5-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libncurses6-32bit-6.1-lp152.8.3.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libncurses6-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-32bit-6.1-lp152.8.3.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-utils-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses5-devel-32bit-6.1-lp152.8.3.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses5-devel-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tack-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'terminfo-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'terminfo-base-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'terminfo-iterm-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'terminfo-screen-6.1-lp152.8.3.1', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libncurses5 / libncurses5-32bit / libncurses6 / libncurses6-32bit / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:58", "description": "According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-18T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : ncurses (EulerOS-SA-2022-1406)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2022-04-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ncurses", "p-cpe:/a:huawei:euleros:ncurses-base", "p-cpe:/a:huawei:euleros:ncurses-libs", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-1406.NASL", "href": "https://www.tenable.com/plugins/nessus/159864", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159864);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/18\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : ncurses (EulerOS-SA-2022-1406)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1406\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6fc0d566\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ncurses packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ncurses-6.2-1.h2.eulerosv2r10\",\n \"ncurses-base-6.2-1.h2.eulerosv2r10\",\n \"ncurses-libs-6.2-1.h2.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:48", "description": "According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-12-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : ncurses (EulerOS-SA-2021-2806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2021-12-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ncurses", "p-cpe:/a:huawei:euleros:ncurses-base", "p-cpe:/a:huawei:euleros:ncurses-c%2b%2b-libs", "p-cpe:/a:huawei:euleros:ncurses-compat-libs", "p-cpe:/a:huawei:euleros:ncurses-devel", "p-cpe:/a:huawei:euleros:ncurses-libs", "p-cpe:/a:huawei:euleros:ncurses-term", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2806.NASL", "href": "https://www.tenable.com/plugins/nessus/156301", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156301);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/25\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"EulerOS 2.0 SP8 : ncurses (EulerOS-SA-2021-2806)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2806\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6ecab352\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ncurses packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-c++-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-compat-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-term\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ncurses-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-base-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-c++-libs-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-compat-libs-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-devel-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-libs-6.1-8.20180923.h2.eulerosv2r8\",\n \"ncurses-term-6.1-8.20180923.h2.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:57", "description": "According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-18T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : ncurses (EulerOS-SA-2022-1380)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2022-04-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ncurses", "p-cpe:/a:huawei:euleros:ncurses-base", "p-cpe:/a:huawei:euleros:ncurses-libs", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-1380.NASL", "href": "https://www.tenable.com/plugins/nessus/159847", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159847);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/18\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : ncurses (EulerOS-SA-2022-1380)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1380\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c296df16\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ncurses packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ncurses-6.2-1.h2.eulerosv2r10\",\n \"ncurses-base-6.2-1.h2.eulerosv2r10\",\n \"ncurses-libs-6.2-1.h2.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:30", "description": "According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-02-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : ncurses (EulerOS-SA-2022-1229)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537"], "modified": "2022-02-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ncurses", "p-cpe:/a:huawei:euleros:ncurses-base", "p-cpe:/a:huawei:euleros:ncurses-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1229.NASL", "href": "https://www.tenable.com/plugins/nessus/158363", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158363);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/25\");\n\n script_cve_id(\"CVE-2021-39537\");\n\n script_name(english:\"EulerOS 2.0 SP10 : ncurses (EulerOS-SA-2022-1229)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1229\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76c7c814\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ncurses packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"ncurses-6.2-1.h2.eulerosv2r10\",\n \"ncurses-base-6.2-1.h2.eulerosv2r10\",\n \"ncurses-libs-6.2-1.h2.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-29T22:45:50", "description": "The version of libtiff installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1622 advisory.\n\n - LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. (CVE-2022-1622)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-28T00:00:00", "type": "nessus", "title": "CBL Mariner 2.0 Security Update: libtiff (CVE-2022-1622)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1622"], "modified": "2023-08-29T00:00:00", "cpe": ["p-cpe:/a:microsoft:cbl-mariner:libtiff", "p-cpe:/a:microsoft:cbl-mariner:libtiff-debuginfo", "p-cpe:/a:microsoft:cbl-mariner:libtiff-devel", "x-cpe:/o:microsoft:cbl-mariner"], "id": "MARINER_LIBTIFF_CVE-2022-1622.NASL", "href": "https://www.tenable.com/plugins/nessus/173559", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173559);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/08/29\");\n\n script_cve_id(\"CVE-2022-1622\");\n\n script_name(english:\"CBL Mariner 2.0 Security Update: libtiff (CVE-2022-1622)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CBL Mariner host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of libtiff installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore,\naffected by a vulnerability as referenced in the CVE-2022-1622 advisory.\n\n - LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers\n to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix\n is available with commit b4e79bfa. (CVE-2022-1622)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://nvd.nist.gov/vuln/detail/CVE-2022-1622\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1622\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:microsoft:cbl-mariner:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:microsoft:cbl-mariner:libtiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:microsoft:cbl-mariner:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:microsoft:cbl-mariner\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MarinerOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CBLMariner/release\", \"Host/CBLMariner/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CBLMariner/release');\nif (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');\nvar os_ver = pregmatch(pattern: \"CBL-Mariner ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);\n\nif (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu)\n audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);\n\nvar pkgs = [\n {'reference':'libtiff-4.4.0-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-4.4.0-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-debuginfo-4.4.0-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-debuginfo-4.4.0-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libtiff / libtiff-debuginfo / libtiff-devel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:34:35", "description": "The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.5.1 Monterey. It is, therefore, affected by multiple vulnerabilities :\n\n - An out-of-bound write issue in Webkit that may lead to arbitrary code execution when processing maliciously crafted web content. (CVE-2022-32893)\n\n - An out-of-bounds write issue in the kernel that may lead to arbitrary code execution with kernel privileges. (CVE-2022-32894)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2022-08-19T00:00:00", "type": "nessus", "title": "macOS 12.x < 12.5.1 (HT213413)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32893", "CVE-2022-32894"], "modified": "2022-12-06T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT213413.NASL", "href": "https://www.tenable.com/plugins/nessus/164288", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164288);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2022-32893\", \"CVE-2022-32894\");\n script_xref(name:\"APPLE-SA\", value:\"HT213413\");\n script_xref(name:\"IAVA\", value:\"2022-A-0336-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/09/08\");\n\n script_name(english:\"macOS 12.x < 12.5.1 (HT213413)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update or supplemental update that fixes multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.5.1 Monterey. It is, therefore,\naffected by multiple vulnerabilities :\n\n - An out-of-bound write issue in Webkit that may lead to arbitrary code execution when processing\n maliciously crafted web content. (CVE-2022-32893)\n\n - An out-of-bounds write issue in the kernel that may lead to arbitrary code execution with kernel\n privileges. (CVE-2022-32894)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-gb/HT213413\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 12.5.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32893\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [\n {\n 'min_version': '12.0',\n 'fixed_version': '12.5.1',\n 'fixed_display': 'macOS Monterey 12.5.1'\n }\n];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-11T07:12:20", "description": "The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5723-1 advisory.\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124, CVE-2022-2175)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-2125)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-15T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5723-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1674", "CVE-2022-1725", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2175", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2304"], "modified": "2023-07-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "p-cpe:/a:canonical:ubuntu_linux:vim", "p-cpe:/a:canonical:ubuntu_linux:vim-athena", "p-cpe:/a:canonical:ubuntu_linux:vim-athena-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-common", "p-cpe:/a:canonical:ubuntu_linux:vim-gnome", "p-cpe:/a:canonical:ubuntu_linux:vim-gnome-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk3", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk3-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gui-common", "p-cpe:/a:canonical:ubuntu_linux:vim-nox", "p-cpe:/a:canonical:ubuntu_linux:vim-nox-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-runtime", "p-cpe:/a:canonical:ubuntu_linux:vim-tiny"], "id": "UBUNTU_USN-5723-1.NASL", "href": "https://www.tenable.com/plugins/nessus/167513", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5723-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167513);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\n \"CVE-2022-1674\",\n \"CVE-2022-1725\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2175\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2304\"\n );\n script_xref(name:\"USN\", value:\"5723-1\");\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n script_xref(name:\"IAVB\", value:\"2023-B-0016-S\");\n\n script_name(english:\"Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5723-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5723-1 advisory.\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim\n prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124, CVE-2022-2175)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-2125)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183,\n CVE-2022-2206)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5723-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2304\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-athena\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-athena-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gnome-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk3-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gui-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-nox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-nox-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-tiny\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'vim', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-athena', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-athena-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-common', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-gnome', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-gnome-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-gtk', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-gtk-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-gtk3', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-gtk3-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-gui-common', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-nox', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-nox-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-runtime', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'},\n {'osver': '16.04', 'pkgname': 'vim-tiny', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm13'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim / vim-athena / vim-athena-py2 / vim-common / vim-gnome / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-11T14:42:27", "description": "The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5492-1 advisory.\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-2042)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-23T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM : Vim vulnerability (USN-5492-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2042"], "modified": "2023-07-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "p-cpe:/a:canonical:ubuntu_linux:vim", "p-cpe:/a:canonical:ubuntu_linux:vim-athena", "p-cpe:/a:canonical:ubuntu_linux:vim-athena-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-common", "p-cpe:/a:canonical:ubuntu_linux:vim-gnome", "p-cpe:/a:canonical:ubuntu_linux:vim-gnome-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk3", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk3-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gui-common", "p-cpe:/a:canonical:ubuntu_linux:vim-nox", "p-cpe:/a:canonical:ubuntu_linux:vim-nox-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-runtime", "p-cpe:/a:canonical:ubuntu_linux:vim-tiny"], "id": "UBUNTU_USN-5492-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162514", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5492-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162514);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\"CVE-2022-2042\");\n script_xref(name:\"USN\", value:\"5492-1\");\n\n script_name(english:\"Ubuntu 16.04 ESM : Vim vulnerability (USN-5492-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the\nUSN-5492-1 advisory.\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-2042)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5492-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2042\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-athena\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-athena-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gnome-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk3-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gui-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-nox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-nox-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-tiny\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'vim', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-athena', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-athena-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-common', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-gnome', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-gnome-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-gtk', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-gtk-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-gtk3', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-gtk3-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-gui-common', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-nox', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-nox-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-runtime', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'},\n {'osver': '16.04', 'pkgname': 'vim-tiny', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm7'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim / vim-athena / vim-athena-py2 / vim-common / vim-gnome / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-22T22:33:04", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3053 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-1968)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-20T00:00:00", "type": "nessus", "title": "Debian DLA-3053-1 : vim - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3903", "CVE-2022-0417", "CVE-2022-0943", "CVE-2022-1720", "CVE-2022-1851", "CVE-2022-1898", "CVE-2022-1968", "CVE-2022-2124", "CVE-2022-2126"], "modified": "2022-06-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:vim", "p-cpe:/a:debian:debian_linux:vim-athena", "p-cpe:/a:debian:debian_linux:vim-common", "p-cpe:/a:debian:debian_linux:vim-doc", "p-cpe:/a:debian:debian_linux:vim-gnome", "p-cpe:/a:debian:debian_linux:vim-gtk", "p-cpe:/a:debian:debian_linux:vim-gtk3", "p-cpe:/a:debian:debian_linux:vim-gui-common", "p-cpe:/a:debian:debian_linux:vim-nox", "p-cpe:/a:debian:debian_linux:vim-runtime", "p-cpe:/a:debian:debian_linux:vim-tiny", "p-cpe:/a:debian:debian_linux:xxd", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-3053.NASL", "href": "https://www.tenable.com/plugins/nessus/162406", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3053. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162406);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/20\");\n\n script_cve_id(\n \"CVE-2021-3903\",\n \"CVE-2022-0417\",\n \"CVE-2022-0943\",\n \"CVE-2022-1720\",\n \"CVE-2022-1851\",\n \"CVE-2022-1898\",\n \"CVE-2022-1968\",\n \"CVE-2022-2124\",\n \"CVE-2022-2126\"\n );\n\n script_name(english:\"Debian DLA-3053-1 : vim - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-3053 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This\n vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-1968)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/vim\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0417\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0943\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2124\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2126\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/vim\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vim packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 2\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1968\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-athena\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gui-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-nox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-tiny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xxd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'vim', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-athena', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-common', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-doc', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-gnome', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-gtk', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-gtk3', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-gui-common', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-nox', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-runtime', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'vim-tiny', 'reference': '2:8.0.0197-4+deb9u7'},\n {'release': '9.0', 'prefix': 'xxd', 'reference': '2:8.0.0197-4+deb9u7'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim / vim-athena / vim-common / vim-doc / vim-gnome / vim-gtk / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-20T22:58:32", "description": "The version of Apple iOS running on the mobile device is prior to 15.6.1. It is, therefore, affected by multiple vulnerabilities:\n - An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. (CVE-2022-32894) \n - Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2022-32893) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-19T00:00:00", "type": "nessus", "title": "Apple iOS < 15.6.1 Multiple Vulnerabilities (HT213412)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32893", "CVE-2022-32894"], "modified": "2023-06-20T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_1561_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/164289", "sourceData": "Binary data apple_ios_1561_check.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-21T14:07:03", "description": "The version of ncurses installed on the remote host is prior to 6.2-4.20200222. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-217 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\n - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-09T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : ncurses (ALAS2022-2022-217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537", "CVE-2022-29458"], "modified": "2023-09-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ncurses", "p-cpe:/a:amazon:linux:ncurses-base", "p-cpe:/a:amazon:linux:ncurses-compat-libs", "p-cpe:/a:amazon:linux:ncurses-debuginfo", "p-cpe:/a:amazon:linux:ncurses-devel", "p-cpe:/a:amazon:linux:ncurses-libs", "p-cpe:/a:amazon:linux:ncurses-static", "p-cpe:/a:amazon:linux:ncurses-term", "p-cpe:/a:amazon:linux:ncurses-c%2b%2b-libs", "cpe:/o:amazon:linux:2022", "p-cpe:/a:amazon:linux:ncurses-compat-libs-debuginfo", "p-cpe:/a:amazon:linux:ncurses-debugsource", "p-cpe:/a:amazon:linux:ncurses-libs-debuginfo", "p-cpe:/a:amazon:linux:ncurses-c%2b%2b-libs-debuginfo"], "id": "AL2022_ALAS2022-2022-217.NASL", "href": "https://www.tenable.com/plugins/nessus/168553", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-217.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168553);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/20\");\n\n script_cve_id(\"CVE-2021-39537\", \"CVE-2022-29458\");\n\n script_name(english:\"Amazon Linux 2022 : ncurses (ALAS2022-2022-217)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of ncurses installed on the remote host is prior to 6.2-4.20200222. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2022-2022-217 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\n - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings\n in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-217.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39537.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-29458.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update ncurses' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-c++-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-c++-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-compat-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-compat-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-term\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'ncurses-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-base-6.2-4.20200222.amzn2022.0.2', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debugsource-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debugsource-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debugsource-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-debuginfo-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.2-4.20200222.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.2-4.20200222.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.2-4.20200222.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-term-6.2-4.20200222.amzn2022.0.2', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses / ncurses-base / ncurses-c++-libs / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-21T21:27:50", "description": "The version of ncurses installed on the remote host is prior to 6.0-8.20170212. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1893 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\n - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-07T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : ncurses (ALAS-2022-1893)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537", "CVE-2022-29458"], "modified": "2023-09-20T00:00:00", "cpe": ["cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:ncurses", "p-cpe:/a:amazon:linux:ncurses-base", "p-cpe:/a:amazon:linux:ncurses-compat-libs", "p-cpe:/a:amazon:linux:ncurses-debuginfo", "p-cpe:/a:amazon:linux:ncurses-devel", "p-cpe:/a:amazon:linux:ncurses-libs", "p-cpe:/a:amazon:linux:ncurses-static", "p-cpe:/a:amazon:linux:ncurses-term", "p-cpe:/a:amazon:linux:ncurses-c%2b%2b-libs"], "id": "AL2_ALAS-2022-1893.NASL", "href": "https://www.tenable.com/plugins/nessus/168462", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1893.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168462);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/20\");\n\n script_cve_id(\"CVE-2021-39537\", \"CVE-2022-29458\");\n\n script_name(english:\"Amazon Linux 2 : ncurses (ALAS-2022-1893)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of ncurses installed on the remote host is prior to 6.0-8.20170212. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1893 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\n - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings\n in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1893.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39537.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-29458.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update ncurses' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-c++-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-compat-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-term\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'ncurses-6.0-8.20170212.amzn2.1.4', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-6.0-8.20170212.amzn2.1.4', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-6.0-8.20170212.amzn2.1.4', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-base-6.0-8.20170212.amzn2.1.4', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.0-8.20170212.amzn2.1.4', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.0-8.20170212.amzn2.1.4', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.0-8.20170212.amzn2.1.4', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.0-8.20170212.amzn2.1.4', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.0-8.20170212.amzn2.1.4', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.0-8.20170212.amzn2.1.4', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.0-8.20170212.amzn2.1.4', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.0-8.20170212.amzn2.1.4', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.0-8.20170212.amzn2.1.4', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.0-8.20170212.amzn2.1.4', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-term-6.0-8.20170212.amzn2.1.4', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses / ncurses-base / ncurses-c++-libs / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:36", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-023 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\n - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : ncurses, ncurses-base, ncurses-c++-libs (ALAS2023-2023-023)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39537", "CVE-2022-29458"], "modified": "2023-04-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ncurses", "p-cpe:/a:amazon:linux:ncurses-base", "p-cpe:/a:amazon:linux:ncurses-c%2b%2b-libs", "p-cpe:/a:amazon:linux:ncurses-c%2b%2b-libs-debuginfo", "p-cpe:/a:amazon:linux:ncurses-compat-libs", "p-cpe:/a:amazon:linux:ncurses-compat-libs-debuginfo", "p-cpe:/a:amazon:linux:ncurses-debuginfo", "p-cpe:/a:amazon:linux:ncurses-debugsource", "p-cpe:/a:amazon:linux:ncurses-devel", "p-cpe:/a:amazon:linux:ncurses-libs", "p-cpe:/a:amazon:linux:ncurses-libs-debuginfo", "p-cpe:/a:amazon:linux:ncurses-static", "p-cpe:/a:amazon:linux:ncurses-term", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-023.NASL", "href": "https://www.tenable.com/plugins/nessus/173173", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-023.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173173);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/20\");\n\n script_cve_id(\"CVE-2021-39537\", \"CVE-2022-29458\");\n\n script_name(english:\"Amazon Linux 2023 : ncurses, ncurses-base, ncurses-c++-libs (ALAS2023-2023-023)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-023 advisory.\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\n - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings\n in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-023.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-39537.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-29458.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update ncurses --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-c++-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-c++-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-compat-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-compat-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ncurses-term\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'ncurses-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-base-6.2-4.20200222.amzn2023.0.3', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-c++-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-compat-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debugsource-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debugsource-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-debugsource-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-devel-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-libs-debuginfo-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.2-4.20200222.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.2-4.20200222.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-static-6.2-4.20200222.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ncurses-term-6.2-4.20200222.amzn2023.0.3', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ncurses / ncurses-base / ncurses-c++-libs / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-18T12:45:54", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-2042)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942, CVE-2022-2125, CVE-2022-2207)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-2000, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124, CVE-2022-2175)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2286, CVE-2022-2287)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-10-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2423)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1898", "CVE-2022-1942", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2175", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345"], "modified": "2023-03-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2423.NASL", "href": "https://www.tenable.com/plugins/nessus/165795", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165795);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/27\");\n\n script_cve_id(\n \"CVE-2022-1898\",\n \"CVE-2022-1942\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2175\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n script_xref(name:\"IAVB\", value:\"2023-B-0016-S\");\n\n script_name(english:\"EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2423)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-2042)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942, CVE-2022-2125,\n CVE-2022-2207)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-2000, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124, CVE-2022-2175)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183,\n CVE-2022-2206)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2286, CVE-2022-2287)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2423\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?86f670c8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h46.eulerosv2r10\",\n \"vim-enhanced-8.2-1.h46.eulerosv2r10\",\n \"vim-filesystem-8.2-1.h46.eulerosv2r10\",\n \"vim-minimal-8.2-1.h46.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-18T12:45:34", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-2042)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942, CVE-2022-2125, CVE-2022-2207)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-2000, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124, CVE-2022-2175)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2286, CVE-2022-2287)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-10-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2436)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1898", "CVE-2022-1942", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2175", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345"], "modified": "2023-03-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2436.NASL", "href": "https://www.tenable.com/plugins/nessus/165793", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165793);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/27\");\n\n script_cve_id(\n \"CVE-2022-1898\",\n \"CVE-2022-1942\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2175\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n script_xref(name:\"IAVB\", value:\"2023-B-0016-S\");\n\n script_name(english:\"EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2436)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-2042)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942, CVE-2022-2125,\n CVE-2022-2207)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-2000, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124, CVE-2022-2175)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183,\n CVE-2022-2206)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2286, CVE-2022-2287)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2436\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d39c9811\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h46.eulerosv2r10\",\n \"vim-enhanced-8.2-1.h46.eulerosv2r10\",\n \"vim-filesystem-8.2-1.h46.eulerosv2r10\",\n \"vim-minimal-8.2-1.h46.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T18:36:32", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-2125, CVE-2022-2207)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-2210)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2287)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. (CVE-2022-2845)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-10-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-2451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2287", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-2345", "CVE-2022-2845"], "modified": "2023-03-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-x11", "p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2451.NASL", "href": "https://www.tenable.com/plugins/nessus/165806", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165806);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/27\");\n\n script_cve_id(\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2287\",\n \"CVE-2022-2289\",\n \"CVE-2022-2304\",\n \"CVE-2022-2345\",\n \"CVE-2022-2845\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n script_xref(name:\"IAVB\", value:\"2023-B-0016-S\");\n\n script_name(english:\"EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-2451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-2125, CVE-2022-2207)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2126, CVE-2022-2183,\n CVE-2022-2206)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-2210)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2287)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. (CVE-2022-2845)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2451\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e0a0c608\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2845\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-X11-7.4.160-4.h33.eulerosv2r7\",\n \"vim-common-7.4.160-4.h33.eulerosv2r7\",\n \"vim-enhanced-7.4.160-4.h33.eulerosv2r7\",\n \"vim-filesystem-7.4.160-4.h33.eulerosv2r7\",\n \"vim-minimal-7.4.160-4.h33.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-12T19:08:38", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000, CVE-2022-2210)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942, CVE-2022-2125, CVE-2022-2207)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2286, CVE-2022-2287)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-12-27T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-2897)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1720", "CVE-2022-1725", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2175", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345"], "modified": "2023-09-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-2897.NASL", "href": "https://www.tenable.com/plugins/nessus/169323", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169323);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/12\");\n\n script_cve_id(\n \"CVE-2022-1720\",\n \"CVE-2022-1725\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2175\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-2897)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This\n vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126,\n CVE-2022-2183, CVE-2022-2206)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000,\n CVE-2022-2210)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942, CVE-2022-2125,\n CVE-2022-2207)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2286, CVE-2022-2287)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2897\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3fa987be\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h46.eulerosv2r10\",\n \"vim-enhanced-8.2-1.h46.eulerosv2r10\",\n \"vim-filesystem-8.2-1.h46.eulerosv2r10\",\n \"vim-minimal-8.2-1.h46.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-12T19:06:51", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000, CVE-2022-2210)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942, CVE-2022-2125, CVE-2022-2207)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2286, CVE-2022-2287)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-12-27T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-2879)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1720", "CVE-2022-1725", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2175", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345"], "modified": "2023-09-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-2879.NASL", "href": "https://www.tenable.com/plugins/nessus/169334", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169334);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/12\");\n\n script_cve_id(\n \"CVE-2022-1720\",\n \"CVE-2022-1725\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2175\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-2879)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This\n vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126,\n CVE-2022-2183, CVE-2022-2206)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000,\n CVE-2022-2210)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-1942, CVE-2022-2125,\n CVE-2022-2207)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2286, CVE-2022-2287)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2879\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e10f93a1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h46.eulerosv2r10\",\n \"vim-enhanced-8.2-1.h46.eulerosv2r10\",\n \"vim-filesystem-8.2-1.h46.eulerosv2r10\",\n \"vim-minimal-8.2-1.h46.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T10:41:47", "description": "The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6099-1 advisory.\n\n - There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. (CVE-2019-17594)\n\n - There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. (CVE-2019-17595)\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. (CVE-2021-39537)\n\n - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458)\n\n - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security- relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. (CVE-2023-29491)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-23T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 / 23.04 : ncurses vulnerabilities (USN-6099-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17594", "CVE-2019-17595", "CVE-2021-39537", "CVE-2022-29458", "CVE-2023-29491"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "p-cpe:/a:canonical:ubuntu_linux:lib32ncurses5", "p-cpe:/a:canonical:ubuntu_linux:lib32ncurses5-dev", "p-cpe:/a:canonical:ubuntu_linux:lib32ncursesw5", "p-cpe:/a:canonical:ubuntu_linux:lib32ncursesw5-dev", "p-cpe:/a:canonical:ubuntu_linux:lib32tinfo-dev", "p-cpe:/a:canonical:ubuntu_linux:lib32tinfo5", "p-cpe:/a:canonical:ubuntu_linux:lib64ncurses5", "p-cpe:/a:canonical:ubuntu_linux:lib64ncurses5-dev", "p-cpe:/a:canonical:ubuntu_linux:lib64tinfo5", "p-cpe:/a:canonical:ubuntu_linux:libncurses5", "p-cpe:/a:canonical:ubuntu_linux:libncurses5-dev", "p-cpe:/a:canonical:ubuntu_linux:libncursesw5", "p-cpe:/a:canonical:ubuntu_linux:libncursesw5-dev", "p-cpe:/a:canonical:ubuntu_linux:libtinfo-dev", "p-cpe:/a:canonical:ubuntu_linux:libtinfo5", "p-cpe:/a:canonical:ubuntu_linux:libx32ncurses5", "p-cpe:/a:canonical:ubuntu_linux:libx32ncurses5-dev", "p-cpe:/a:canonical:ubuntu_linux:libx32ncursesw5", "p-cpe:/a:canonical:ubuntu_linux:libx32ncursesw5-dev", "p-cpe:/a:canonical:ubuntu_linux:libx32tinfo-dev", "p-cpe:/a:canonical:ubuntu_linux:libx32tinfo5", "p-cpe:/a:canonical:ubuntu_linux:ncurses-base", "p-cpe:/a:canonical:ubuntu_linux:ncurses-bin", "p-cpe:/a:canonical:ubuntu_linux:ncurses-examples", "p-cpe:/a:canonical:ubuntu_linux:ncurses-term", "cpe:/o:canonical:ubuntu_linux:22.10", "cpe:/o:canonical:ubuntu_linux:23.04", "p-cpe:/a:canonical:ubuntu_linux:lib32ncurses-dev", "p-cpe:/a:canonical:ubuntu_linux:lib32ncurses6", "p-cpe:/a:canonical:ubuntu_linux:lib32ncursesw6", "p-cpe:/a:canonical:ubuntu_linux:lib32tinfo6", "p-cpe:/a:canonical:ubuntu_linux:lib64ncurses-dev", "p-cpe:/a:canonical:ubuntu_linux:lib64ncurses6", "p-cpe:/a:canonical:ubuntu_linux:lib64ncursesw6", "p-cpe:/a:canonical:ubuntu_linux:lib64tinfo6", "p-cpe:/a:canonical:ubuntu_linux:libncurses-dev", "p-cpe:/a:canonical:ubuntu_linux:libncurses6", "p-cpe:/a:canonical:ubuntu_linux:libncursesw6", "p-cpe:/a:canonical:ubuntu_linux:libtinfo6"], "id": "UBUNTU_USN-6099-1.NASL", "href": "https://www.tenable.com/plugins/nessus/176244", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-6099-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(176244);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2019-17594\",\n \"CVE-2019-17595\",\n \"CVE-2021-39537\",\n \"CVE-2022-29458\",\n \"CVE-2023-29491\"\n );\n script_xref(name:\"USN\", value:\"6099-1\");\n\n script_name(english:\"Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 / 23.04 : ncurses vulnerabilities (USN-6099-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 / 23.04 host has packages installed that are\naffected by multiple vulnerabilities as referenced in the USN-6099-1 advisory.\n\n - There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo\n library in ncurses before 6.1-20191012. (CVE-2019-17594)\n\n - There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo\n library in ncurses before 6.1-20191012. (CVE-2019-17595)\n\n - An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer\n overflow. (CVE-2021-39537)\n\n - ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings\n in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458)\n\n - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-\n relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo\n or reached via the TERMINFO or TERM environment variable. (CVE-2023-29491)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-6099-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39537\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:23.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32ncurses-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32ncurses5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32ncurses5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32ncurses6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32ncursesw5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32ncursesw5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32ncursesw6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32tinfo-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32tinfo5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib32tinfo6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib64ncurses-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib64ncurses5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib64ncurses5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib64ncurses6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib64ncursesw6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib64tinfo5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:lib64tinfo6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libncurses-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libncurses5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libncurses5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libncurses6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libncursesw5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libncursesw5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libncursesw6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtinfo-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtinfo5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtinfo6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libx32ncurses5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libx32ncurses5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libx32ncursesw5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libx32ncursesw5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libx32tinfo-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libx32tinfo5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ncurses-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ncurses-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ncurses-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ncurses-term\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04|22\\.04|22\\.10|23\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04 / 22.04 / 22.10 / 23.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'lib32ncurses5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'lib32ncurses5-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'lib32ncursesw5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'lib32ncursesw5-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'lib32tinfo-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'lib32tinfo5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'lib64ncurses5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'lib64ncurses5-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'lib64tinfo5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libncurses5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libncurses5-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libncursesw5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libncursesw5-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libtinfo-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libtinfo5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libx32ncurses5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libx32ncurses5-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libx32ncursesw5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libx32ncursesw5-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libx32tinfo-dev', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'libx32tinfo5', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'ncurses-base', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'ncurses-bin', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'ncurses-examples', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '16.04', 'pkgname': 'ncurses-term', 'pkgver': '6.0+20160213-1ubuntu1+esm3'},\n {'osver': '18.04', 'pkgname': 'lib32ncurses5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'lib32ncurses5-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'lib32ncursesw5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'lib32ncursesw5-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'lib32tinfo-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'lib32tinfo5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'lib64ncurses5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'lib64ncurses5-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'lib64tinfo5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libncurses5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libncurses5-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libncursesw5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libncursesw5-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libtinfo-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libtinfo5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libx32ncurses5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libx32ncurses5-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libx32ncursesw5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libx32ncursesw5-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libx32tinfo-dev', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libx32tinfo5', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'ncurses-base', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'ncurses-bin', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'ncurses-examples', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '18.04', 'pkgname': 'ncurses-term', 'pkgver': '6.1-1ubuntu1.18.04.1'},\n {'osver': '20.04', 'pkgname': 'lib32ncurses-dev', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'lib32ncurses6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'lib32ncursesw6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'lib32tinfo6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'lib64ncurses-dev', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'lib64ncurses6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'lib64ncursesw6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'lib64tinfo6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libncurses-dev', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libncurses5', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libncurses5-dev', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libncurses6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libncursesw5', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libncursesw5-dev', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libncursesw6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libtinfo-dev', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libtinfo5', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'libtinfo6', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'ncurses-base', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'ncurses-bin', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'ncurses-examples', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '20.04', 'pkgname': 'ncurses-term', 'pkgver': '6.2-0ubuntu2.1'},\n {'osver': '22.04', 'pkgname': 'lib32ncurses-dev', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'lib32ncurses6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'lib32ncursesw6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'lib32tinfo6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'lib64ncurses-dev', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'lib64ncurses6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'lib64ncursesw6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'lib64tinfo6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libncurses-dev', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libncurses5', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libncurses5-dev', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libncurses6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libncursesw5', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libncursesw5-dev', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libncursesw6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libtinfo-dev', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libtinfo5', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'libtinfo6', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'ncurses-base', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'ncurses-bin', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'ncurses-examples', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.04', 'pkgname': 'ncurses-term', 'pkgver': '6.3-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'lib32ncurses-dev', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'lib32ncurses6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'lib32ncursesw6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'lib32tinfo6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'lib64ncurses-dev', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'lib64ncurses6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'lib64ncursesw6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'lib64tinfo6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libncurses-dev', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libncurses5', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libncurses5-dev', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libncurses6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libncursesw5', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libncursesw5-dev', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libncursesw6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libtinfo-dev', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libtinfo5', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'libtinfo6', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'ncurses-base', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'ncurses-bin', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'ncurses-examples', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '22.10', 'pkgname': 'ncurses-term', 'pkgver': '6.3+20220423-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'lib32ncurses-dev', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'lib32ncurses6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'lib32ncursesw6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'lib32tinfo6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'lib64ncurses-dev', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'lib64ncurses6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'lib64ncursesw6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'lib64tinfo6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libncurses-dev', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libncurses5', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libncurses5-dev', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libncurses6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libncursesw5', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libncursesw5-dev', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libncursesw6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libtinfo-dev', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libtinfo5', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'libtinfo6', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'ncurses-base', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'ncurses-bin', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'ncurses-examples', 'pkgver': '6.4-2ubuntu0.1'},\n {'osver': '23.04', 'pkgname': 'ncurses-term', 'pkgver': '6.4-2ubuntu0.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lib32ncurses-dev / lib32ncurses5 / lib32ncurses5-dev / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-19T12:59:41", "description": "The remote Ubuntu 20.04 LTS / 22.04 LTS / 22.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5730-1 advisory.\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\n - A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\n - The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. (CVE-2022-42799)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42823)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-42824)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-18T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 22.04 LTS / 22.10 : WebKitGTK vulnerabilities (USN-5730-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32888", "CVE-2022-32923", "CVE-2022-42799", "CVE-2022-42823", "CVE-2022-42824"], "modified": "2023-07-10T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-bin", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-dev", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.1-0", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.1-dev", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-5.0-0", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-5.0-dev", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37-gtk2", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-dev", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.1-0", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.1-dev", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-5.0-0", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-5.0-dev", "p-cpe:/a:canonical:ubuntu_linux:webkit2gtk-driver", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.1", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-5.0", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.0", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.1", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-5.0", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.10", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.0"], "id": "UBUNTU_USN-5730-1.NASL", "href": "https://www.tenable.com/plugins/nessus/167874", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5730-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167874);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\n \"CVE-2022-32888\",\n \"CVE-2022-32923\",\n \"CVE-2022-42799\",\n \"CVE-2022-42823\",\n \"CVE-2022-42824\"\n );\n script_xref(name:\"USN\", value:\"5730-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 22.04 LTS / 22.10 : WebKitGTK vulnerabilities (USN-5730-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 22.04 LTS / 22.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5730-1 advisory.\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big\n Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\n - A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS\n 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing\n maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\n - The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13,\n watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface\n spoofing. (CVE-2022-42799)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1,\n macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2022-42823)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS\n Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content\n may disclose sensitive user information. (CVE-2022-42824)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5730-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42823\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-5.0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-5.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-5.0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-5.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:webkit2gtk-driver\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('20.04' >< os_release || '22.04' >< os_release || '22.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04 / 22.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.0', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'gir1.2-webkit2-4.0', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libjavascriptcoregtk-4.0-18', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libjavascriptcoregtk-4.0-bin', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libjavascriptcoregtk-4.0-dev', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libwebkit2gtk-4.0-37', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libwebkit2gtk-4.0-37-gtk2', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libwebkit2gtk-4.0-dev', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'webkit2gtk-driver', 'pkgver': '2.38.2-0ubuntu0.20.04.1'},\n {'osver': '22.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.0', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.1', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'gir1.2-webkit2-4.0', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'gir1.2-webkit2-4.1', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.0-18', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.0-bin', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.0-dev', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.1-0', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.1-dev', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libwebkit2gtk-4.0-37', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libwebkit2gtk-4.0-dev', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libwebkit2gtk-4.1-0', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'libwebkit2gtk-4.1-dev', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.04', 'pkgname': 'webkit2gtk-driver', 'pkgver': '2.38.2-0ubuntu0.22.04.2'},\n {'osver': '22.10', 'pkgname': 'gir1.2-javascriptcoregtk-4.0', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'gir1.2-javascriptcoregtk-4.1', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'gir1.2-javascriptcoregtk-5.0', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'gir1.2-webkit2-4.0', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'gir1.2-webkit2-4.1', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'gir1.2-webkit2-5.0', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libjavascriptcoregtk-4.0-18', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libjavascriptcoregtk-4.0-bin', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libjavascriptcoregtk-4.0-dev', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libjavascriptcoregtk-4.1-0', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libjavascriptcoregtk-4.1-dev', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libjavascriptcoregtk-5.0-0', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libjavascriptcoregtk-5.0-dev', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libwebkit2gtk-4.0-37', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libwebkit2gtk-4.0-dev', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libwebkit2gtk-4.1-0', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libwebkit2gtk-4.1-dev', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libwebkit2gtk-5.0-0', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'libwebkit2gtk-5.0-dev', 'pkgver': '2.38.2-0ubuntu0.22.10.1'},\n {'osver': '22.10', 'pkgname': 'webkit2gtk-driver', 'pkgver': '2.38.2-0ubuntu0.22.10.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gir1.2-javascriptcoregtk-4.0 / gir1.2-javascriptcoregtk-4.1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-19T13:01:50", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4207-1 advisory.\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\n - A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\n - The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. (CVE-2022-42799)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42823)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-42824)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-24T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:4207-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32888", "CVE-2022-32923", "CVE-2022-42799", "CVE-2022-42823", "CVE-2022-42824"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-5_0-0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-5_0-0", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-5_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-5_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk-5_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk3-soup2-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-4207-1.NASL", "href": "https://www.tenable.com/plugins/nessus/168175", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:4207-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168175);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2022-32888\",\n \"CVE-2022-32923\",\n \"CVE-2022-42799\",\n \"CVE-2022-42823\",\n \"CVE-2022-42824\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:4207-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:4207-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the SUSE-SU-2022:4207-1 advisory.\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big\n Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\n - A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS\n 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing\n maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\n - The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13,\n watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface\n spoofing. (CVE-2022-42799)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1,\n macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2022-42823)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS\n Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content\n may disclose sensitive user information. (CVE-2022-42824)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1205120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1205121\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1205122\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1205123\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1205124\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42824\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-November/013095.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c4f437d1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42823\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-5_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-5_0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-5_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-5_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-5_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-soup2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libjavascriptcoregtk-5_0-0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libjavascriptcoregtk-5_0-0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libwebkit2gtk-4_0-37-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libwebkit2gtk-4_0-37-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libwebkit2gtk-5_0-0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libwebkit2gtk-5_0-0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-JavaScriptCore-5_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-JavaScriptCore-5_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-WebKit2-5_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-WebKit2-5_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'webkit2gtk-5_0-injected-bundles-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'webkit2gtk-5_0-injected-bundles-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'webkit2gtk3-soup2-devel-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'webkit2gtk3-soup2-devel-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libjavascriptcoregtk-5_0-0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libjavascriptcoregtk-5_0-0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libwebkit2gtk-4_0-37-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libwebkit2gtk-4_0-37-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libwebkit2gtk-5_0-0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libwebkit2gtk-5_0-0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-JavaScriptCore-5_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-JavaScriptCore-5_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-WebKit2-5_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-WebKit2-5_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'webkit2gtk-5_0-injected-bundles-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'webkit2gtk-5_0-injected-bundles-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-development-tools-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'webkit2gtk3-soup2-devel-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'webkit2gtk3-soup2-devel-2.38.2-150400.4.22.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-5_0-0 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "apple": [{"lastseen": "2023-08-17T06:10:39", "description": "# About the security content of macOS Monterey 12.6\n\nThis document describes the security content of macOS Monterey 12.6.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Monterey 12.6\n\nReleased September 12, 2022\n\n**AppleMobileFileIntegrity**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc.\n\nEntry added October 27, 2022\n\n**ATS**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32902: Mickey Jin (@patch1t)\n\nEntry added October 27, 2022\n\n**ATS**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2022-32904: Mickey Jin (@patch1t)\n\nEntry added October 27, 2022\n\n**ATS**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32902: Mickey Jin (@patch1t)\n\n**Calendar**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to read sensitive location information\n\nDescription: An access issue was addressed with improved access restrictions.\n\nCVE-2022-42819: an anonymous researcher\n\nEntry added October 27, 2022\n\n**GarageBand**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: A configuration issue was addressed with additional restrictions.\n\nCVE-2022-32877: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added October 27, 2022\n\n**ImageIO**\n\nAvailable for: macOS Monterey\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-1622\n\nEntry added October 27, 2022\n\n**Image Processing**\n\nAvailable for: macOS Monterey\n\nImpact: A sandboxed app may be able to determine which app is currently using the camera\n\nDescription: The issue was addressed with additional restrictions on the observability of app states.\n\nCVE-2022-32913: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\nEntry added October 27, 2022\n\n**iMovie**\n\nAvailable for: macOS Monterey\n\nImpact: A user may be able to view sensitive user information\n\nDescription: This issue was addressed by enabling hardened runtime.\n\nCVE-2022-32896: Wojciech Regu\u0142a (@_r3ggi)\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-46701: Felix Poulin-Belanger\n\nEntry added May 11, 2023\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32914: Zweig of Kunlun Lab\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32911: Zweig of Kunlun Lab\n\nCVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)\n\nCVE-2022-32924: Ian Beer of Google Project Zero\n\nEntry updated October 27, 2022\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32917: an anonymous researcher\n\n**Maps**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32883: Ron Masas of breakpointhq.com\n\nEntry updated October 27, 2022\n\n**MediaLibrary**\n\nAvailable for: macOS Monterey\n\nImpact: A user may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-32908: an anonymous researcher\n\n**ncurses**\n\nAvailable for: macOS Monterey\n\nImpact: A user may be able to cause unexpected app termination or arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2021-39537\n\nEntry added October 27, 2022\n\n**Notes**\n\nAvailable for: macOS Monterey\n\nImpact: A user in a privileged network position may be able to track user activity\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-42818: Gustav Hansen from WithSecure\n\nEntry added December 22, 2022\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32900: Mickey Jin (@patch1t)\n\n**Sandbox**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added October 27, 2022\n\n**Security**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to bypass code signing checks\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)\n\nEntry added October 27, 2022\n\n**Sidecar**\n\nAvailable for: macOS Monterey\n\nImpact: A user may be able to view restricted content from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-42790: Om kothawade of Zaprico Digital\n\nEntry added October 27, 2022\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32934: Felix Poulin-Belanger\n\nEntry added October 27, 2022\n\n**Vim**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-0261\n\nCVE-2022-0318\n\nCVE-2022-0319\n\nCVE-2022-0351\n\nCVE-2022-0359\n\nCVE-2022-0361\n\nCVE-2022-0368\n\nCVE-2022-0392\n\nEntry added October 27, 2022\n\n**Vim**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-1720\n\nCVE-2022-2000\n\nCVE-2022-2042\n\nCVE-2022-2124\n\nCVE-2022-2125\n\nCVE-2022-2126\n\nEntry added October 27, 2022\n\n**Weather**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32875: an anonymous researcher\n\nEntry added October 27, 2022\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242047 \nCVE-2022-32888: P1umer (@p1umer)\n\nEntry added October 27, 2022\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**apache**\n\nWe would like to acknowledge Tricia Lee of Enterprise Service Center for their assistance.\n\nEntry added May 11, 2023\n\n**Identity Services**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: May 11, 2023\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-12T00:00:00", "type": "apple", "title": "About the security content of macOS Monterey 12.6", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39537", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-1622", "CVE-2022-1720", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-32864", "CVE-2022-32866", "CVE-2022-32875", "CVE-2022-32877", "CVE-2022-32881", "CVE-2022-32883", "CVE-2022-32888", "CVE-2022-32896", "CVE-2022-32900", "CVE-2022-32902", "CVE-2022-32904", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32913", "CVE-2022-32914", "CVE-2022-32917", "CVE-2022-32924", "CVE-2022-32934", "CVE-2022-42789", "CVE-2022-42790", "CVE-2022-42793", "CVE-2022-42818", "CVE-2022-42819", "CVE-2022-46701"], "modified": "2022-09-12T00:00:00", "id": "APPLE:00B94E757766A642E6CC57C541A7B04B", "href": "https://support.apple.com/kb/HT213444", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-11T22:08:25", "description": "# About the security content of watchOS 9\n\nThis document describes the security content of watchOS 9.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## watchOS 9\n\nReleased September 12, 2022\n\n**Accelerate Framework**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2022-42795: ryuzaki\n\n**AppleAVD**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee__)\n\n**Apple Neural Engine**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to leak sensitive kernel state\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32858: Mohamed Ghannam (@_simo36)\n\n**Apple Neural Engine**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32898: Mohamed Ghannam (@_simo36)\n\nCVE-2022-32899: Mohamed Ghannam (@_simo36)\n\nCVE-2022-32889: Mohamed Ghannam (@_simo36)\n\n**Contacts**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security\n\n**Exchange**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: A user in a privileged network position may be able to intercept mail credentials\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32928: Ji\u0159\u00ed Vinopal (@vinopaljiri) of Check Point Research\n\nEntry updated June 8, 2023\n\n**GPU Drivers**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32903: an anonymous researcher\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-1622\n\n**Image Processing**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: A sandboxed app may be able to determine which app is currently using the camera\n\nDescription: The issue was addressed with additional restrictions on the observability of app states.\n\nCVE-2022-32913: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\n**Kernel**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)\n\nCVE-2022-32911: Zweig of Kunlun Lab\n\n**Kernel**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32914: Zweig of Kunlun Lab\n\n**Kernel**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32894: an anonymous researcher\n\n**Maps**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32883: Ron Masas of breakpointhq.com\n\n**MediaLibrary**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: A user may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-32908: an anonymous researcher\n\n**Notifications**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: A user with physical access to a device may be able to access contacts from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32879: Ubeydullah S\u00fcmer\n\n**Sandbox**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**Siri**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: A user with physical access to a device may be able to use Siri to obtain some call history information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/in/andrew-goldberg-/)\n\n**SQLite**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: A remote user may be able to cause a denial-of-service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-36690\n\n**Watch app**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to read a persistent device identifier\n\nDescription: This issue was addressed with improved entitlements.\n\nCVE-2022-32835: Guilherme Rambo of Best Buddy Apps (rambo.codes)\n\n**Weather**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32875: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 241969 \nCVE-2022-32886: P1umer(@p1umer), afang(@afang5472), xmzyshypnc(@xmzyshypnc1)\n\n**WebKit**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242047 \nCVE-2022-32888: P1umer (@p1umer)\n\n**WebKit**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242762 \nCVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: Visiting a website that frames malicious content may lead to UI spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 243236 \nCVE-2022-32891: @real_as3617, an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 243557 \nCVE-2022-32893: an anonymous researcher\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-46709: Wang Yu of Cyberserval\n\nEntry added June 8, 2023\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 4 and later\n\nImpact: An app may be able to cause unexpected system termination or write kernel memory\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32925: Wang Yu of Cyberserval\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AppleCredentialManager**\n\nWe would like to acknowledge @jonathandata1 for their assistance.\n\n**FaceTime**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Mail**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Safari**\n\nWe would like to acknowledge Scott Hatfield of Sub-Zero Group for their assistance.\n\nEntry added June 8, 2023\n\n**Sandbox**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.\n\n**UIKit**\n\nWe would like to acknowledge Aleczander Ewing for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**WebRTC**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: June 08, 2023\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-12T00:00:00", "type": "apple", "title": "About the security content of watchOS 9", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36690", "CVE-2022-1622", "CVE-2022-32835", "CVE-2022-32854", "CVE-2022-32858", "CVE-2022-32864", "CVE-2022-32866", "CVE-2022-32870", "CVE-2022-32875", "CVE-2022-32879", "CVE-2022-32881", "CVE-2022-32883", "CVE-2022-32886", "CVE-2022-32888", "CVE-2022-32889", "CVE-2022-32891", "CVE-2022-32893", "CVE-2022-32894", "CVE-2022-32898", "CVE-2022-32899", "CVE-2022-32903", "CVE-2022-32907", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32912", "CVE-2022-32913", "CVE-2022-32914", "CVE-2022-32925", "CVE-2022-32928", "CVE-2022-42795", "CVE-2022-46709"], "modified": "2022-09-12T00:00:00", "id": "APPLE:97987E2E9AC46D65F7E0A95C1BDF9921", "href": "https://support.apple.com/kb/HT213486", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-11T22:08:53", "description": "# About the security content of iOS 15.7 and iPadOS 15.7\n\nThis document describes the security content of iOS 15.7 and iPadOS 15.7.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 15.7 and iPadOS 15.7\n\nReleased September 12, 2022\n\n**Apple Neural Engine**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32898: Mohamed Ghannam (@_simo36)\n\nCVE-2022-32899: Mohamed Ghannam (@_simo36)\n\nEntry added October 27, 2022\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: This issue was addressed by removing the vulnerable code.\n\nCVE-2022-42796: Mickey Jin (@patch1t)\n\nEntry added October 27, 2022, updated May 1, 2023 \n\n**Backup**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to access iOS backups\n\nDescription: A permissions issue was addressed with additional restrictions.\n\nCVE-2022-32929: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added October 27, 2022\n\n**Contacts**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32911: Zweig of Kunlun Lab\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32917: an anonymous researcher\n\n**Maps**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32883: Ron Masas, breakpointhq.com\n\n**MediaLibrary**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-32908: an anonymous researcher\n\n**Notifications**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user with physical access to a device may be able to access contacts from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32879: Ubeydullah S\u00fcmer\n\nEntry added October 27, 2022\n\n**Safari**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32795: Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati\n\n**Safari Extensions**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A website may be able to track users through Safari web extensions\n\nDescription: A logic issue was addressed with improved state management.\n\nWebKit Bugzilla: 242278 \nCVE-2022-32868: Michael\n\n**Security**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to bypass code signing checks\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)\n\nEntry added October 27, 2022\n\n**Shortcuts**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A person with physical access to an iOS device may be able to access photos from the lock screen\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32872: Elite Tech Guru\n\n**Sidecar**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user may be able to view restricted content from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-42790: Om kothawade of Zaprico Digital\n\nEntry added October 27, 2022\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242047 \nCVE-2022-32888: P1umer (@p1umer)\n\nEntry added October 27, 2022\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 241969 \nCVE-2022-32886: P1umer, afang5472, xmzyshypnc\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242762 \nCVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit Sandboxing**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with improvements to the sandbox.\n\nWebKit Bugzilla: 243181 \nCVE-2022-32892: @18\u697c\u68a6\u60f3\u6539\u9020\u5bb6 and @jq0904 of DBAppSecurity's WeBin lab\n\nEntry added October 27, 2022\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AppleCredentialManager**\n\nWe would like to acknowledge @jonathandata1 for their assistance.\n\nEntry added October 27, 2022\n\n**FaceTime**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**Game Center**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\n**Identity Services**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**WebKit**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**WebRTC**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: May 01, 2023\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-12T00:00:00", "type": "apple", "title": "About the security content of iOS 15.7 and iPadOS 15.7", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32795", "CVE-2022-32854", "CVE-2022-32864", "CVE-2022-32868", "CVE-2022-32872", "CVE-2022-32879", "CVE-2022-32883", "CVE-2022-32886", "CVE-2022-32888", "CVE-2022-32892", "CVE-2022-32898", "CVE-2022-32899", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32912", "CVE-2022-32917", "CVE-2022-32929", "CVE-2022-42790", "CVE-2022-42793", "CVE-2022-42796"], "modified": "2022-09-12T00:00:00", "id": "APPLE:8DB8A023F085402CC89932664B1481DC", "href": "https://support.apple.com/kb/HT213445", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T14:33:47", "description": "# About the security content of tvOS 16\n\nThis document describes the security content of tvOS 16.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## tvOS 16\n\nReleased September 12, 2022\n\n**Accelerate Framework**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2022-42795: ryuzaki\n\n**AppleAVD**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee__)\n\n**GPU Drivers**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32903: an anonymous researcher\n\n**ImageIO**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-1622\n\n**Image Processing**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: A sandboxed app may be able to determine which app is currently using the camera\n\nDescription: The issue was addressed with additional restrictions on the observability of app states.\n\nCVE-2022-32913: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\n**Image Processing**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD \n\nImpact: An app may be able to execute arbitrary code with kernel privileges \n\nDescription: This issue was addressed with improved checks. \n\nCVE-2022-32949: Tingting Yin of Tsinghua University\n\n**Kernel**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)\n\nCVE-2022-32911: Zweig of Kunlun Lab\n\n**Kernel**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32914: Zweig of Kunlun Lab\n\n**MediaLibrary**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: A user may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-32908: an anonymous researcher\n\n**Notifications**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: A user with physical access to a device may be able to access contacts from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32879: Ubeydullah S\u00fcmer\n\n**Sandbox**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**SQLite**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: A remote user may be able to cause a denial-of-service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-36690\n\n**WebKit**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 241969 \nCVE-2022-32886: P1umer(@p1umer), afang(@afang5472), xmzyshypnc(@xmzyshypnc1)\n\n**WebKit**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242047 \nCVE-2022-32888: P1umer (@p1umer)\n\n**WebKit**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242762 \nCVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Visiting a website that frames malicious content may lead to UI spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 242762 \nCVE-2022-32891: @real_as3617, an anonymous researcher\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-46709: Wang Yu of Cyberserval\n\nEntry added June 7, 2023\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to cause unexpected system termination or write kernel memory\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32925: Wang Yu of Cyberserval\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AppleCredentialManager**\n\nWe would like to acknowledge @jonathandata1 for their assistance.\n\n**Identity Services**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Sandbox**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.\n\n**UIKit**\n\nWe would like to acknowledge Aleczander Ewing for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: June 07, 2023\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-12T00:00:00", "type": "apple", "title": "About the security content of tvOS 16", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36690", "CVE-2022-1622", "CVE-2022-32864", "CVE-2022-32866", "CVE-2022-32879", "CVE-2022-32881", "CVE-2022-32886", "CVE-2022-32888", "CVE-2022-32891", "CVE-2022-32903", "CVE-2022-32907", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32912", "CVE-2022-32913", "CVE-2022-32914", "CVE-2022-32925", "CVE-2022-32949", "CVE-2022-42795", "CVE-2022-46709"], "modified": "2022-09-12T00:00:00", "id": "APPLE:6F3B71CFB020FAD994EF3CE1B54E774D", "href": "https://support.apple.com/kb/HT213487", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-17T06:09:26", "description": "# About the security content of iOS 16\n\nThis document describes the security content of iOS 16.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 16\n\nReleased September 12, 2022\n\n**Accelerate Framework**\n\nAvailable for: iPhone 8 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2022-42795: ryuzaki\n\nEntry added October 27, 2022\n\n**AppleAVD**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to cause a denial-of-service\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-32827: Antonio Zekic (@antoniozekic), Natalie Silvanovich of Google Project Zero, and an anonymous researcher\n\nEntry added October 27, 2022\n\n**AppleAVD**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee__)\n\nEntry added October 27, 2022\n\n**AppleMobileFileIntegrity**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: A configuration issue was addressed with additional restrictions.\n\nCVE-2022-32877: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added March 16, 2023\n\n**Apple Neural Engine**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to leak sensitive kernel state\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32858: Mohamed Ghannam (@_simo36)\n\nEntry added October 27, 2022\n\n**Apple Neural Engine**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32898: Mohamed Ghannam (@_simo36)\n\nCVE-2022-32899: Mohamed Ghannam (@_simo36)\n\nCVE-2022-32889: Mohamed Ghannam (@_simo36)\n\nEntry added October 27, 2022\n\n**Apple TV**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: The issue was addressed with improved handling of caches.\n\nCVE-2022-32909: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added October 27, 2022\n\n**Contacts**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security\n\n**Crash Reporter**\n\nAvailable for: iPhone 8 and later\n\nImpact: A user with physical access to an iOS device may be able to read past diagnostic logs\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-32867: Kshitij Kumar and Jai Musunuri of Crowdstrike\n\nEntry added October 27, 2022\n\n**DriverKit**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32865: Linus Henze of Pinauten GmbH (pinauten.de)\n\nEntry added October 27, 2022\n\n**Exchange**\n\nAvailable for: iPhone 8 and later\n\nImpact: A user in a privileged network position may be able to intercept mail credentials\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32928: Ji\u0159\u00ed Vinopal (@vinopaljiri) of Check Point Research\n\nEntry added October 27, 2022, updated March 16, 2023 \n\n**FaceTime**\n\nAvailable for: iPhone 8 and later\n\nImpact: A user may send audio and video in a FaceTime call without knowing that they have done so\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22643: Sonali Luthar of the University of Virginia, Michael Liao of the University of Illinois at Urbana-Champaign, Rohan Pahwa of Rutgers University, and Bao Nguyen of University of Florida\n\nEntry added March 16, 2023\n\n**GPU Drivers**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: Multiple out-of-bounds write issues were addressed with improved bounds checking.\n\nCVE-2022-32793: an anonymous researcher\n\nEntry added March 16, 2023\n\n**GPU Drivers**\n\nAvailable for: iPhone 8 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-26744: an anonymous researcher\n\nEntry added October 27, 2022\n\n**GPU Drivers**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32903: an anonymous researcher\n\nEntry added October 27, 2022\n\n**ImageIO**\n\nAvailable for: iPhone 8 and later\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-1622\n\nEntry added October 27, 2022\n\n**Image Processing**\n\nAvailable for: iPhone 8 and later\n\nImpact: A sandboxed app may be able to determine which app is currently using the camera\n\nDescription: The issue was addressed with additional restrictions on the observability of app states.\n\nCVE-2022-32913: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\nEntry added October 27, 2022\n\n**IOGPUFamily**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32887: an anonymous researcher\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2022-32916: Pan ZhenPeng of STAR Labs SG Pte. Ltd.\n\nEntry added November 9, 2022\n\n**Kernel**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32914: Zweig of Kunlun Lab\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)\n\nCVE-2022-32911: Zweig of Kunlun Lab\n\nEntry updated October 27, 2022 \n\n**Kernel**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: iPhone 8 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges.\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32917: an anonymous researcher \n\n**Maps**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32883: Ron Masas, breakpointhq.com\n\n**MediaLibrary**\n\nAvailable for: iPhone 8 and later\n\nImpact: A user may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-32908: an anonymous researcher\n\n**Notifications**\n\nAvailable for: iPhone 8 and later\n\nImpact: A user with physical access to a device may be able to access contacts from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32879: Ubeydullah S\u00fcmer\n\nEntry added October 27, 2022\n\n**Photos**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-32918: Ashwani Rajput of Nagarro Software Pvt. Ltd, Srijan Shivam Mishra of The Hack Report, Jugal Goradia of Aastha Technologies, Evan Ricafort (evanricafort.com) of Invalid Web Security, Shesha Sai C (linkedin.com/in/shesha-sai-c-18585b125), Amod Raghunath Patwardhan of Pune, India\n\nEntry added October 27, 2022, updated March 16, 2023 \n\n**Safari**\n\nAvailable for: iPhone 8 and later\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32795: Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati\n\n**Safari Extensions**\n\nAvailable for: iPhone 8 and later\n\nImpact: A website may be able to track users through Safari web extensions\n\nDescription: A logic issue was addressed with improved state management.\n\nWebKit Bugzilla: 242278 \nCVE-2022-32868: Michael\n\n**Sandbox**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added October 27, 2022\n\n**Security**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to bypass code signing checks\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)\n\nEntry added October 27, 2022\n\n**Shortcuts**\n\nAvailable for: iPhone 8 and later\n\nImpact: A person with physical access to an iOS device may be able to access photos from the lock screen\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32872: Elite Tech Guru\n\n**Sidecar**\n\nAvailable for: iPhone 8 and later\n\nImpact: A user may be able to view restricted content from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-42790: Om kothawade of Zaprico Digital\n\nEntry added October 27, 2022\n\n**Siri**\n\nAvailable for: iPhone 8 and later\n\nImpact: A person with physical access to a device may be able to use Siri to access private calendar information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32871: Amit Prajapat of Payatu Security Consulting Private Limited\n\nEntry added March 16, 2023\n\n**Siri**\n\nAvailable for: iPhone 8 and later\n\nImpact: A user with physical access to a device may be able to use Siri to obtain some call history information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/andrew-goldberg-/)\n\nEntry added October 27, 2022\n\n**Software Update**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2022-42791: Mickey Jin (@patch1t) of Trend Micro\n\nEntry added November 9, 2022\n\n**SQLite**\n\nAvailable for: iPhone 8 and later\n\nImpact: A remote user may be able to cause a denial-of-service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-36690\n\nEntry added October 27, 2022\n\n**Time Zone**\n\nAvailable for: iPhone 8 and later\n\nImpact: Deleted contacts may still appear in spotlight search results\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32859\n\nEntry added October 27, 2022\n\n**Watch app**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to read a persistent device identifier\n\nDescription: This issue was addressed with improved entitlements.\n\nCVE-2022-32835: Guilherme Rambo of Best Buddy Apps (rambo.codes)\n\nEntry added October 27, 2022\n\n**Weather**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32875: an anonymous researcher\n\nEntry added October 27, 2022\n\n**WebKit**\n\nAvailable for: iPhone 8 and later\n\nImpact: An unauthorized user may be able to access browsing history\n\nDescription: An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored.\n\nCVE-2022-32833: Csaba Fitzl (@theevilbit) of Offensive Security, Jeff Johnson\n\nEntry added November 9, 2022\n\n**WebKit**\n\nAvailable for: iPhone 8 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242047 \nCVE-2022-32888: P1umer (@p1umer)\n\nEntry added October 27, 2022\n\n**WebKit**\n\nAvailable for: iPhone 8 and later\n\nImpact: Visiting a website that frames malicious content may lead to UI spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 243236 \nCVE-2022-32891: @real_as3617, and an anonymous researcher\n\nEntry added October 27, 2022\n\n**WebKit**\n\nAvailable for: iPhone 8 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 241969 \nCVE-2022-32886: P1umer, afang5472, xmzyshypnc\n\n**WebKit**\n\nAvailable for: iPhone 8 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242762 \nCVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit Sandboxing**\n\nAvailable for: iPhone 8 and later\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with improvements to the sandbox.\n\nWebKit Bugzilla: 243181 \nCVE-2022-32892: @18\u697c\u68a6\u60f3\u6539\u9020\u5bb6 and @jq0904 of DBAppSecurity's WeBin lab\n\nEntry added October 27, 2022\n\n**Wi-Fi**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-46709: Wang Yu of Cyberserval\n\nEntry added March 16, 2023\n\n**Wi-Fi**\n\nAvailable for: iPhone 8 and later\n\nImpact: An app may be able to cause unexpected system termination or write kernel memory\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32925: Wang Yu of Cyberserval\n\nEntry added October 27, 2022\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AirDrop**\n\nWe would like to acknowledge Alexander Heinrich, Milan Stute, and Christian Weinert of Technical University of Darmstadt for their assistance.\n\nEntry added October 27, 2022\n\n**AppleCredentialManager**\n\nWe would like to acknowledge @jonathandata1 for their assistance.\n\nEntry added October 27, 2022\n\n**Calendar UI**\n\nWe would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal for their assistance.\n\nEntry added October 27, 2022\n\n**CoreGraphics**\n\nWe would like to acknowledge Simon de Vegt for their assistance.\n\nEntry added November 9, 2022\n\n**FaceTime**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**Find My**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**Game Center**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\n**iCloud**\n\nWe would like to acknowledge B\u00fclent Aytulun, and an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**Identity Services**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Pan ZhenPeng(@Peterpan0927), Tingting Yin of Tsinghua University, and Min Zheng of Ant Group, and an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**Mail**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**Notes**\n\nWe would like to acknowledge Edward Riley of Iron Cloud Limited (ironclouduk.com) for their assistance.\n\nEntry added October 27, 2022\n\n**Photo Booth**\n\nWe would like to acknowledge Prashanth Kannan of Dremio for their assistance.\n\nEntry added October 27, 2022\n\n**Safari**\n\nWe would like to acknowledge Scott Hatfield of Sub-Zero Group for their assistance.\n\nEntry added March 16, 2023\n\n**Sandbox**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.\n\nEntry added October 27, 2022\n\n**Shortcuts**\n\nWe would like to acknowledge Shay Dror for their assistance.\n\nEntry added October 27, 2022\n\n**SOS**\n\nWe would like to acknowledge Xianfeng Lu and Lei Ai of OPPO Amber Security Lab for their assistance.\n\nEntry added October 27, 2022\n\n**UIKit**\n\nWe would like to acknowledge Aleczander Ewing, Simon de Vegt, and an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**WebKit**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\n**WebRTC**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added October 27, 2022\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 16, 2023\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-12T00:00:00", "type": "apple", "title": "About the security content of iOS 16", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36690", "CVE-2022-1622", "CVE-2022-22643", "CVE-2022-26744", "CVE-2022-32793", "CVE-2022-32795", "CVE-2022-32827", "CVE-2022-32833", "CVE-2022-32835", "CVE-2022-32854", "CVE-2022-32858", "CVE-2022-32859", "CVE-2022-32864", "CVE-2022-32865", "CVE-2022-32866", "CVE-2022-32867", "CVE-2022-32868", "CVE-2022-32870", "CVE-2022-32871", "CVE-2022-32872", "CVE-2022-32875", "CVE-2022-32877", "CVE-2022-32879", "CVE-2022-32881", "CVE-2022-32883", "CVE-2022-32886", "CVE-2022-32887", "CVE-2022-32888", "CVE-2022-32889", "CVE-2022-32891", "CVE-2022-32892", "CVE-2022-32898", "CVE-2022-32899", "CVE-2022-32903", "CVE-2022-32907", "CVE-2022-32908", "CVE-2022-32909", "CVE-2022-32911", "CVE-2022-32912", "CVE-2022-32913", "CVE-2022-32914", "CVE-2022-32916", "CVE-2022-32917", "CVE-2022-32918", "CVE-2022-32925", "CVE-2022-32928", "CVE-2022-42790", "CVE-2022-42791", "CVE-2022-42793", "CVE-2022-42795", "CVE-2022-46709"], "modified": "2022-09-12T00:00:00", "id": "APPLE:E351282C4281387D6A17586B33AF689C", "href": "https://support.apple.com/kb/HT213446", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-03T22:02:46", "description": "# About the security content of iOS 12.5.6\n\nThis document describes the security content of iOS 12.5.6.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 12.5.6\n\niOS 12 is not impacted by CVE-2022-32894.\n\nReleased August 31, 2022\n\n**WebKit**\n\nAvailable for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 243557 \nCVE-2022-32893: an anonymous researcher\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: August 31, 2022\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-31T00:00:00", "type": "apple", "title": "About the security content of iOS 12.5.6", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32893", "CVE-2022-32894"], "modified": "2022-08-31T00:00:00", "id": "APPLE:F99F855A2C143ACC1F38687F55E85474", "href": "https://support.apple.com/kb/HT213428", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T22:02:46", "description": "# About the security content of macOS Monterey 12.5.1\n\nThis document describes the security content of macOS Monterey 12.5.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Monterey 12.5.1\n\nReleased August 17, 2022\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32894: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 243557 \nCVE-2022-32893: an anonymous researcher\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: August 17, 2022\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-17T00:00:00", "type": "apple", "title": "About the security content of macOS Monterey 12.5.1", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32893", "CVE-2022-32894"], "modified": "2022-08-17T00:00:00", "id": "APPLE:94E98E15A096BFEBBCA4E7BF7D3D6C7D", "href": "https://support.apple.com/kb/HT213413", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T22:02:47", "description": "# About the security content of iOS 15.6.1 and iPadOS 15.6.1\n\nThis document describes the security content of iOS 15.6.1 and iPadOS 15.6.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 15.6.1 and iPadOS 15.6.1\n\nReleased August 17, 2022\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32894: an anonymous researcher\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 243557 \nCVE-2022-32893: an anonymous researcher\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: August 17, 2022\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-17T00:00:00", "type": "apple", "title": "About the security content of iOS 15.6.1 and iPadOS 15.6.1", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32893", "CVE-2022-32894"], "modified": "2022-08-17T00:00:00", "id": "APPLE:5D20BFFCE6B79E6E7DF122C3E4FF65AC", "href": "https://support.apple.com/kb/HT213412", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-23T22:46:01", "description": "# About the security content of macOS Ventura 13\n\nThis document describes the security content of macOS Ventura 13.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Ventura 13\n\nReleased October 24, 2022\n\n**Accelerate Framework**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2022-42795: ryuzaki\n\n**Apple Neural Engine**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to leak sensitive kernel state\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32858: Mohamed Ghannam (@_simo36)\n\n**Apple Neural Engine**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32898: Mohamed Ghannam (@_simo36)\n\nCVE-2022-32899: Mohamed Ghannam (@_simo36)\n\n**AppleAVD**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32907: Yinyi Wu, ABC Research s.r.o, Natalie Silvanovich of Google Project Zero, Tommaso Bianco (@cutesmilee__), Antonio Zekic (@antoniozekic), and John Aakerblom (@jaakerblom)\n\nEntry added March 16, 2023\n\n**AppleAVD**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to cause a denial-of-service\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-32827: Antonio Zekic (@antoniozekic), Natalie Silvanovich of Google Project Zero, and an anonymous researcher\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: A configuration issue was addressed with additional restrictions.\n\nCVE-2022-32877: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added March 16, 2023\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc.\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: This issue was addressed by removing additional entitlements.\n\nCVE-2022-42825: Mickey Jin (@patch1t)\n\n**Assets**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-46722: Mickey Jin (@patch1t)\n\nEntry added August 1, 2023\n\n**ATS**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32902: Mickey Jin (@patch1t)\n\n**ATS**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2022-32904: Mickey Jin (@patch1t)\n\n**ATS**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32890: Mickey Jin (@patch1t)\n\n**Audio**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: This issue was addressed by removing the vulnerable code.\n\nCVE-2022-42796: Mickey Jin (@patch1t)\n\nEntry updated March 16, 2023 \n\n**Audio**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Parsing a maliciously crafted audio file may lead to disclosure of user information \n\nDescription: The issue was addressed with improved memory handling. \n\nCVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry added October 27, 2022\n\n**AVEVideoEncoder**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32940: ABC Research s.r.o.\n\n**BOM**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may bypass Gatekeeper checks\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-42821: Jonathan Bar Or of Microsoft\n\nEntry added December 13, 2022\n\n**Boot Camp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: This issue was addressed with improved checks to prevent unauthorized actions.\n\nCVE-2022-42860: Mickey Jin (@patch1t) of Trend Micro\n\nEntry added March 16, 2023\n\n**Calendar**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to read sensitive location information\n\nDescription: An access issue was addressed with improved access restrictions.\n\nCVE-2022-42819: an anonymous researcher\n\n**CFNetwork**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted certificate may lead to arbitrary code execution\n\nDescription: A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation.\n\nCVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu)\n\n**ColorSync**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.\n\nCVE-2022-26730: David Hoyt of Hoyt LLC\n\n**Core Bluetooth**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to record audio with paired AirPods\n\nDescription: An access issue was addressed with additional sandbox restrictions on third-party apps.\n\nCVE-2022-32945: Guilherme Rambo of Best Buddy Apps (rambo.codes)\n\nEntry added November 9, 2022\n\n**CoreMedia**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A camera extension may be able to continue receiving video after the app which activated was closed\n\nDescription: An issue with app access to camera data was addressed with improved logic.\n\nCVE-2022-42838: Halle Winkler (@hallewinkler) of Politepix\n\nEntry added December 22, 2022\n\n**CoreTypes**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A malicious application may bypass Gatekeeper checks\n\nDescription: This issue was addressed with improved checks to prevent unauthorized actions.\n\nCVE-2022-22663: Arsenii Kostromin (0x3c3e)\n\nEntry added March 16, 2023\n\n**Crash Reporter**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user with physical access to an iOS device may be able to read past diagnostic logs\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-32867: Kshitij Kumar and Jai Musunuri of Crowdstrike\n\n**curl**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Multiple issues in curl\n\nDescription: Multiple issues were addressed by updating to curl version 7.84.0.\n\nCVE-2022-32205\n\nCVE-2022-32206\n\nCVE-2022-32207\n\nCVE-2022-32208\n\n**Directory Utility**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-42814: Sergii Kryvoblotskyi of MacPaw Inc.\n\n**DriverKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32865: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**DriverKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved checks.\n\nCVE-2022-32915: Tommy Muir (@Muirey03)\n\n**Exchange**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user in a privileged network position may be able to intercept mail credentials\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32928: Ji\u0159\u00ed Vinopal (@vinopaljiri) of Check Point Research\n\nEntry updated March 16, 2023 \n\n**FaceTime**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may send audio and video in a FaceTime call without knowing that they have done so\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22643: Sonali Luthar of the University of Virginia, Michael Liao of the University of Illinois at Urbana-Champaign, Rohan Pahwa of Rutgers University, and Bao Nguyen of University of Florida\n\nEntry added March 16, 2023\n\n**FaceTime**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to view restricted content from the lock screen \n\nDescription: A lock screen issue was addressed with improved state management. \n\nCVE-2022-32935: Bistrit Dahal\n\nEntry added October 27, 2022\n\n**Find My**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A malicious application may be able to read sensitive location information\n\nDescription: A permissions issue existed. This issue was addressed with improved permission validation.\n\nCVE-2022-42788: Csaba Fitzl (@theevilbit) of Offensive Security, Wojciech Regu\u0142a of SecuRing (wojciechregula.blog)\n\n**Finder**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges\n\nDescription: This issue was addressed with improved validation of symlinks.\n\nCVE-2022-32905: Ron Masas (breakpoint.sh) of BreakPoint Technologies LTD\n\n**GPU Drivers**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2022-42833: Pan ZhenPeng (@Peterpan0927)\n\nEntry added December 22, 2022\n\n**GPU Drivers**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nCVE-2022-42833: Pan ZhenPeng (@Peterpan0927)\n\nEntry added November 9, 2022\n\n**GPU Drivers**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32947: Asahi Lina (@LinaAsahi)\n\n**Grapher**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-42809: Yutao Wang (@Jack) and Yu Zhou (@yuzhou6666)\n\n**Heimdal**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to cause unexpected app termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-3437: Evgeny Legerov of Intevydis\n\nEntry added October 25, 2022\n\n**iCloud Photo Library**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2022-32849: Joshua Jones\n\nEntry added November 9, 2022\n\n**Image Processing**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A sandboxed app may be able to determine which app is currently using the camera\n\nDescription: The issue was addressed with additional restrictions on the observability of app states.\n\nCVE-2022-32913: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\n**ImageIO**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2022-32809: Mickey Jin (@patch1t)\n\nEntry added August 1, 2023\n\n**ImageIO**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-1622\n\n**Intel Graphics Driver**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2022-32936: Antonio Zekic (@antoniozekic)\n\n**IOHIDFamily**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may cause unexpected app termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-42820: Peter Pan ZhenPeng of STAR Labs\n\n**IOKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2022-42806: Tingting Yin of Tsinghua University\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)\n\nCVE-2022-32911: Zweig of Kunlun Lab\n\nCVE-2022-32924: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32914: Zweig of Kunlun Lab\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-42808: Zweig of Kunlun Lab\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management. \n\nCVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges \n\nDescription: A race condition was addressed with improved locking. \n\nCVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges \n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-42801: Ian Beer of Google Project Zero\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to cause unexpected system termination or potentially execute code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-46712: Tommy Muir (@Muirey03)\n\nEntry added February 20, 2023\n\n**Mail**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-42815: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**Mail**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access mail folder attachments through a temporary directory used during compression\n\nDescription: An access issue was addressed with improved access restrictions.\n\nCVE-2022-42834: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added May 1, 2023\n\n**Maps**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to read sensitive location information\n\nDescription: This issue was addressed with improved restrictions around sensitive information.\n\nCVE-2022-46707: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added August 1, 2023\n\n**Maps**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32883: Ron Masas of breakpointhq.com\n\n**MediaLibrary**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-32908: an anonymous researcher\n\n**Model I/O**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents \n\nDescription: The issue was addressed with improved memory handling. \n\nCVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab\n\nEntry added October 27, 2022\n\n**ncurses**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to cause unexpected app termination or arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2021-39537\n\n**ncurses**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-29458\n\n**Notes**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user in a privileged network position may be able to track user activity\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-42818: Gustav Hansen from WithSecure\n\n**Notifications**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user with physical access to a device may be able to access contacts from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32879: Ubeydullah S\u00fcmer\n\n**PackageKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2022-32895: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t)\n\n**PackageKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2022-46713: Mickey Jin (@patch1t) of Trend Micro\n\nEntry added February 20, 2023\n\n**Photos**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may accidentally add a participant to a Shared Album by pressing the Delete key\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-42807: Ezekiel Elin\n\nEntry added May 1, 2023, updated August 1, 2023\n\n**Photos**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-32918: Ashwani Rajput of Nagarro Software Pvt. Ltd, Srijan Shivam Mishra of The Hack Report, Jugal Goradia of Aastha Technologies, Evan Ricafort (evanricafort.com) of Invalid Web Security, Shesha Sai C (linkedin.com/in/shesha-sai-c-18585b125), and Amod Raghunath Patwardhan of Pune, India\n\nEntry updated March 16, 2023 \n\n**ppp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-42829: an anonymous researcher\n\n**ppp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-42830: an anonymous researcher\n\n**ppp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2022-42831: an anonymous researcher\n\nCVE-2022-42832: an anonymous researcher\n\n**ppp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A buffer overflow may result in arbitrary code execution \n\nDescription: The issue was addressed with improved bounds checks. CVE-2022-32941: an anonymous researcher\n\nEntry added October 27, 2022\n\n**Ruby**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A remote user may be able to cause unexpected app termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed by updating Ruby to version 2.6.10.\n\nCVE-2022-28739\n\n**Sandbox**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**Sandbox**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to access private information\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-32862: Rohit Chatterjee of University of Illinois Urbana-Champaign\n\nEntry updated March 16, 2023 \n\n**Sandbox**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2022-42811: Justin Bui (@slyd0g) of Snowflake\n\n**Security**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to bypass code signing checks\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Shortcuts**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A shortcut may be able to view the hidden photos album without authentication\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32876: an anonymous researcher\n\nEntry added August 1, 2023\n\n**Shortcuts**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A shortcut may be able to check the existence of an arbitrary path on the file system\n\nDescription: A parsing issue in the handling of directory paths was addressed with improved path validation.\n\nCVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania\n\n**Sidecar**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to view restricted content from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-42790: Om kothawade of Zaprico Digital\n\n**Siri**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user with physical access to a device may be able to use Siri to obtain some call history information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/in/andrew-goldberg-/)\n\n**SMB**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32934: Felix Poulin-Belanger\n\n**Software Update**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2022-42791: Mickey Jin (@patch1t) of Trend Micro\n\n**SQLite**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A remote user may be able to cause a denial-of-service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-36690\n\n**System Settings**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-48505: Adam Chester from TrustedSec and Thijs Alkemade (@xnyhps) of Computest Sector 7\n\nEntry added June 26, 2023\n\n**TCC**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to cause a denial-of-service to Endpoint Security clients\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-26699: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added August 1, 2023\n\n**Vim**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Multiple issues in Vim\n\nDescription: Multiple issues were addressed by updating Vim.\n\nCVE-2022-0261\n\nCVE-2022-0318\n\nCVE-2022-0319\n\nCVE-2022-0351\n\nCVE-2022-0359\n\nCVE-2022-0361\n\nCVE-2022-0368\n\nCVE-2022-0392\n\nCVE-2022-0554\n\nCVE-2022-0572\n\nCVE-2022-0629\n\nCVE-2022-0685\n\nCVE-2022-0696\n\nCVE-2022-0714\n\nCVE-2022-0729\n\nCVE-2022-0943\n\nCVE-2022-1381\n\nCVE-2022-1420\n\nCVE-2022-1725\n\nCVE-2022-1616\n\nCVE-2022-1619\n\nCVE-2022-1620\n\nCVE-2022-1621\n\nCVE-2022-1629\n\nCVE-2022-1674\n\nCVE-2022-1733\n\nCVE-2022-1735\n\nCVE-2022-1769\n\nCVE-2022-1927\n\nCVE-2022-1942\n\nCVE-2022-1968\n\nCVE-2022-1851\n\nCVE-2022-1897\n\nCVE-2022-1898\n\nCVE-2022-1720\n\nCVE-2022-2000\n\nCVE-2022-2042\n\nCVE-2022-2124\n\nCVE-2022-2125\n\nCVE-2022-2126\n\n**VPN**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-42828: an anonymous researcher\n\nEntry added August 1, 2023\n\n**Weather**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32875: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 246669 \nCVE-2022-42826: Francisco Alonso (@revskills)\n\nEntry added December 22, 2022\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 241969 \nCVE-2022-32886: P1umer (@p1umer), afang (@afang5472), xmzyshypnc (@xmzyshypnc1)\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242047 \nCVE-2022-32888: P1umer (@p1umer)\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242762 \nCVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Visiting a malicious website may lead to user interface spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 243693 \nCVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun)\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 244622 \nCVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nWebKit Bugzilla: 245058 \nCVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may disclose internal states of the app\n\nDescription: A correctness issue in the JIT was addressed with improved checks.\n\nWebKit Bugzilla: 242964 \nCVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab\n\nEntry added October 27, 2022\n\n**WebKit PDF**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 242781 \nCVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit Sandboxing**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with improvements to the sandbox.\n\nWebKit Bugzilla: 243181 \nCVE-2022-32892: @18\u697c\u68a6\u60f3\u6539\u9020\u5bb6 and @jq0904 of DBAppSecurity's WeBin lab\n\n**WebKit Storage**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: The issue was addressed with improved handling of caches.\n\nCVE-2022-32833: Csaba Fitzl (@theevilbit) of Offensive Security, Jeff Johnson\n\nEntry added December 22, 2022\n\n**Wi-Fi**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-46709: Wang Yu of Cyberserval\n\nEntry added March 16, 2023\n\n**zlib**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to cause unexpected app termination or arbitrary code execution \n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-37434: Evgeny Legerov\n\nCVE-2022-42800: Evgeny Legerov\n\nEntry added October 27, 2022\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AirPort**\n\nWe would like to acknowledge Joseph Salazar Acu\u00f1a and Renato Llamoca of Intrado-Life & Safety/Globant for their assistance.\n\n**apache**\n\nWe would like to acknowledge Tricia Lee of Enterprise Service Center for their assistance.\n\nEntry added March 16, 2023\n\n**AppleCredentialManage**r\n\nWe would like to acknowledge @jonathandata1 for their assistance.\n\n**ATS**\n\nWe would like to acknowledge Mickey Jin (@patch1t) for their assistance.\n\nEntry added August 1, 2023\n\n**FaceTime**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**FileVault**\n\nWe would like to acknowledge Timothy Perfitt of Twocanoes Software for their assistance.\n\n**Find My**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Identity Services**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\n**IOAcceleratorFamily**\n\nWe would like to acknowledge Antonio Zekic (@antoniozekic) for their assistance.\n\n**IOGPUFamily**\n\nWe would like to acknowledge Wang Yu of cyberserval for their assistance.\n\nEntry added November 9, 2022\n\n**Kernel**\n\nWe would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tingting Yin of Tsinghua University, and Min Zheng of Ant Group, Tommy Muir (@Muirey03), and an anonymous researcher for their assistance.\n\n**Login Window**\n\nWe would like to acknowledge Simon Tang (simontang.dev) for their assistance.\n\nEntry added November 9, 2022\n\n**Mail**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Mail Drafts**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Networking**\n\nWe would like to acknowledge Tim Michaud (@TimGMichaud) of Zoom Video Communications for their assistance.\n\n**Photo Booth**\n\nWe would like to acknowledge Prashanth Kannan of Dremio for their assistance.\n\n**Quick Look**\n\nWe would like to acknowledge Hilary \u201cIt\u2019s off by a Pixel\u201d Street for their assistance.\n\n**Safari**\n\nWe would like to acknowledge Scott Hatfield of Sub-Zero Group for their assistance.\n\nEntry added March 16, 2023\n\n**Sandbox**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.\n\n**smbx**\n\nWe would like to acknowledge HD Moore of runZero Asset Inventory for their assistance.\n\n**System**\n\nWe would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for their assistance.\n\n**System Settings**\n\nWe would like to acknowledge Bjorn Hellenbrand for their assistance.\n\n**UIKit**\n\nWe would like to acknowledge Aleczander Ewing for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., and an anonymous researcher for their assistance.\n\n**WebRTC**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: August 02, 2023\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-24T00:00:00", "type": "apple", "title": "About the security content of macOS Ventura 13", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36690", "CVE-2021-39537", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-0554", "CVE-2022-0572", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0696", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1622", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1720", "CVE-2022-1725", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1851", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-22643", "CVE-2022-22663", "CVE-2022-26699", "CVE-2022-26730", "CVE-2022-28739", "CVE-2022-29458", "CVE-2022-32205", "CVE-2022-32206", "CVE-2022-32207", "CVE-2022-32208", "CVE-2022-32809", "CVE-2022-32827", "CVE-2022-32833", "CVE-2022-32849", "CVE-2022-32858", "CVE-2022-32862", "CVE-2022-32864", "CVE-2022-32865", "CVE-2022-32866", "CVE-2022-32867", "CVE-2022-32870", "CVE-2022-32875", "CVE-2022-32876", "CVE-2022-32877", "CVE-2022-32879", "CVE-2022-32881", "CVE-2022-32883", "CVE-2022-32886", "CVE-2022-32888", "CVE-2022-32890", "CVE-2022-32892", "CVE-2022-32895", "CVE-2022-32898", "CVE-2022-32899", "CVE-2022-32902", "CVE-2022-32904", "CVE-2022-32905", "CVE-2022-32907", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32912", "CVE-2022-32913", "CVE-2022-32914", "CVE-2022-32915", "CVE-2022-32918", "CVE-2022-32922", "CVE-2022-32923", "CVE-2022-32924", "CVE-2022-32926", "CVE-2022-32928", "CVE-2022-32934", "CVE-2022-32935", "CVE-2022-32936", "CVE-2022-32938", "CVE-2022-32940", "CVE-2022-32941", "CVE-2022-32944", "CVE-2022-32945", "CVE-2022-32947", "CVE-2022-3437", "CVE-2022-37434", "CVE-2022-42788", "CVE-2022-42789", "CVE-2022-42790", "CVE-2022-42791", "CVE-2022-42793", "CVE-2022-42795", "CVE-2022-42796", "CVE-2022-42798", "CVE-2022-42799", "CVE-2022-42800", "CVE-2022-42801", "CVE-2022-42803", "CVE-2022-42806", "CVE-2022-42807", "CVE-2022-42808", "CVE-2022-42809", "CVE-2022-42810", "CVE-2022-42811", "CVE-2022-42813", "CVE-2022-42814", "CVE-2022-42815", "CVE-2022-42818", "CVE-2022-42819", "CVE-2022-42820", "CVE-2022-42821", "CVE-2022-42823", "CVE-2022-42824", "CVE-2022-42825", "CVE-2022-42826", "CVE-2022-42828", "CVE-2022-42829", "CVE-2022-42830", "CVE-2022-42831", "CVE-2022-42832", "CVE-2022-42833", "CVE-2022-42834", "CVE-2022-42838", "CVE-2022-42860", "CVE-2022-46707", "CVE-2022-46709", "CVE-2022-46712", "CVE-2022-46713", "CVE-2022-46722", "CVE-2022-48505"], "modified": "2022-10-24T00:00:00", "id": "APPLE:138DC64ECE1F07104C6EF7D22CA29AAF", "href": "https://support.apple.com/kb/HT213488", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cloudlinux": [{"lastseen": "2023-06-17T15:06:57", "description": "- CVE-2022-2125: add checking for NUL to avoid running over the end of line\n- CVE-2022-1720: do not include the NUL in the length to avoid reading past end\n of line with \"gf\" in Visual block mode\n- CVE-2022-2124: add checking for NUL to avoid running over the end of line\n- CVE-2022-2129: disallow switching buffers in a substitute expression to avoid\n overruning destination buffer\n- CVE-2022-2126: do not decrement the index when it is zero", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-07-07T08:29:32", "type": "cloudlinux", "title": "Fixed CVEs in vim: CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1720", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129"], "modified": "2022-07-07T08:29:32", "id": "CLSA-2022:1657182572", "href": "https://repo.cloudlinux.com/centos6-els/updateinfo.xml", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T15:06:57", "description": "- CVE-2022-2042: fix using uninitialized value and freed memory in spell command", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-22T12:41:38", "type": "cloudlinux", "title": "Fixed CVE-2022-2042 in vim", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2042"], "modified": "2022-06-22T12:41:38", "id": "CLSA-2022:1655901698", "href": "https://repo.cloudlinux.com/centos6-els/updateinfo.xml", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "hivepro": [{"lastseen": "2022-09-14T16:42:29", "description": "Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addresses ten vulnerabilities, two of which are actively exploited. The vulnerabilities have been assigned CVE-2022-32917 and CVE-2022-32894 and could allow an attacker to execute arbitrary code", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-14T13:58:43", "type": "hivepro", "title": "Two Zero-day vulnerabilities in macOS BigSur", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-32894", "CVE-2022-32917"], "modified": "2022-09-14T13:58:43", "id": "HIVEPRO:191275C5ECED2A57E4265562184B48DA", "href": "https://www.hivepro.com/two-zero-day-vulnerabilities-in-macos-bigsur/", "cvss": {"score": 0.0, "vector": "NONE"}}], "ibm": [{"lastseen": "2023-06-24T05:53:36", "description": "## Summary\n\nVim is not used directly by IBM App Connect Enterprise Certified Container but is present in the operand images as part of the base operating system. Use of vim within IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported vulnerability CVE-2022-2124, CVE-2022-2125, CVE-2022-2126 and CVE-2022-2129 in vim.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-2125](<https://vulners.com/cve/CVE-2022-2125>) \n** DESCRIPTION: **Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the get_lisp_indent function in indent.c:1994. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229306](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229306>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-2124](<https://vulners.com/cve/CVE-2022-2124>) \n** DESCRIPTION: **Vim could allow a remote attacker to execute arbitrary code on the system, caused by a buffer over-read in the current_quote function in textobject.c:1801. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229307>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-2126](<https://vulners.com/cve/CVE-2022-2126>) \n** DESCRIPTION: **Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the suggest_trie_walk function in spellsuggest.c:1437. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229305](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229305>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-2129](<https://vulners.com/cve/CVE-2022-2129>) \n** DESCRIPTION: **Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in the vim_regsub_both function in regexp.c:1973. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229303](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229303>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 4.1 \nApp Connect Enterprise Certified Container| 4.2 \nApp Connect Enterprise Certified Container| 5.0-lts \nApp Connect Enterprise Certified Container| 5.1 \nApp Connect Enterprise Certified Container| 5.2 \nApp Connect Enterprise Certified Container| 6.0 \n \n\n\n## Remediation/Fixes\n\n**App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2 and 6.0 (Continuous Delivery)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 6.1.0 or higher, and ensure that all components are at 12.0.6.0-r1 or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect/containers_cd?topic=releases-upgrading-operator>\n\n**App Connect Enterprise Certified Container 5.0 LTS (Long Term Support)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 5.0.1 or higher, and ensure that all components are at 12.0.6.0-r1-lts or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect-contlts?topic=releases-upgrading-operator>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-03T18:27:10", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-2124, CVE-2022-2125, CVE-2022-2126 and CVE-2022-2129", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129"], "modified": "2022-11-03T18:27:10", "id": "3B5A41AF3FFC24CF7D283C71B87D4654ECF7479BA687E47D5AD965C6BAB8EA65", "href": "https://www.ibm.com/support/pages/node/6836955", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "talosblog": [{"lastseen": "2022-11-03T15:20:29", "description": "![Threat Source newsletter \$Oct. 27, 2022\$: I thought we were already aware of supply chain attacks?](https://blog.talosintelligence.com/content/images/2022/10/threat-source-newsletter-9.jpg)\n\nWelcome to this week's edition of the Threat Source newsletter.\n\nThere are plenty of jokes about whether we're "aware" of cybersecurity during National Cybersecurity Awareness Month. But now I'm wondering if people are aware of supply chain attacks.\n\nI thought we hit the pinnacle of supply chain attacks in 2020 with the [SolarWinds attack](<https://blog.talosintelligence.com/solarwinds-supplychain-coverage/>), when these types of attacks dominated headlines and defenders started shouting from the mountaintops about how important it is to be ready for supply chain attacks.\n\nAnd then [Kaseya came along a few months](<https://blog.talosintelligence.com/revil-ransomware-actors-attack-kaseya/>) later when attackers found a different way to deploy malicious updates that were disguised as legitimate patches.\n\nAnd still today, we're [warning about the dangers](<https://www.forbes.com/sites/forbestechcouncil/2022/09/27/mitigating-the-risk-of-supply-chain-attacks-in-the-age-of-cloud-computing/?sh=74f6838bd313>) of how prevalent supply chain attacks are and how everyone needs to be ready for this attacker technique. This leaves me wondering if Kaseya and SolarWinds weren't the breaking point -- what is?\n\nIt seems like no matter how many times we see major ransomware attacks, even coming to the point of making it impossible for people to get gas, attackers are back again with another ransomware attack a few weeks later.\n\nWe still have several hurdles to overcome to fix the supply chain attack problem, as Jaeson Schultz from our Outreach team [outlined in this recent post](<https://blog.talosintelligence.com/developer-account-body-snatchers-pose/>). But it's clear that these attacks aren't going anywhere, and neither are [defenders' warnings](<https://www.infosecurity-magazine.com/news/supply-chain-attacks/>).\n\nAs I wrote at the start of October, it can be easy to poke fun at Cybersecurity Awareness Month because it's impossible to define what it even means to be "aware" of cybersecurity. Clearly, there's still awareness to spread, though, and we keep needing to spread it in regard to supply chain attacks, ransomware and pretty much every other type of cyber attack.\n\n## The one big thing\n\nFor the first time since collecting such data, Cisco Talos Incident Response [saw an equal number of ransomware and pre-ransomware engagements](<https://blog.talosintelligence.com/quarterly-report-incident-response-trends-in-q3-2022/>), making up nearly 40 percent of threats in the third quarter of 2022. It can be difficult to determine what constitutes a pre-ransomware attack if ransomware never executes and encryption does not take place. However, Talos IR assesses that the combination of Cobalt Strike and credential-harvesting tools like Mimikatz, paired with enumeration and discovery techniques, indicates a high likelihood that ransomware is the final objective.\n\n### Why do I care?\n\nThis data represents what Talos IR is actively seeing in the wild over the past few months and is likely representative of the broader threat landscape.\n\n### So now what?\n\nA lack of MFA remains one of the biggest impediments to enterprise security. Nearly 18 percent of engagements either had no MFA or only had it enabled on a handful of accounts and critical services. Talos IR frequently observes ransomware and phishing incidents that could have been prevented if MFA had been properly enabled on critical services, such as endpoint detection and response (EDR) solutions. Talos IR recommends disabling VPN access for all accounts that are not using two-factor authentication.\n\n## Top security headlines of the week\n\nThe Biden administration is preparing to release updated guidelines and warnings around election security with a few days left before the midterm elections. A bulletin reportedly being drafted includes information on threats from Russia, China and other state-sponsored actors. Election workers and local officials are also having to deal with physical threats to polling workers and locations, all while the number of volunteers is dwindling. Earlier this month, the U.S. Cybersecurity and Infrastructure Security Agency released a PSA stating that malicious cyber activity is "unlikely to disrupt or prevent voting." ([Politico](<https://www.politico.com/news/2022/10/24/biden-election-infrastructure-national-security-warnings-00063134>), [Axios](<https://www.axios.com/2022/10/25/election-cybersecurity-midterm-threats>), [Voice of America](<https://www.voanews.com/a/us-election-security-heightened-/6798070.html>))\n\nApple released security updates for its iOS and iPadOS operating systems this week, including fixes for a vulnerability that "may have been actively exploited." There are 20 vulnerabilities fixed in these updates in all. CVE-2022-42827 is the most notable vulnerability, which could allow an attacker to execute code with Kernel privileges via an attacker-controlled app. This is the third Kernel-related out-of-bounds memory vulnerability that Apple has patched in each of its previous security updates: CVE-2022-32894 and CVE-2022-32917. CVE-2022-32917 was known to be used in attacks in the wild. ([Forbes](<https://www.forbes.com/sites/kateoflahertyuk/2022/10/25/ios-161-update-now-warning-issued-to-all-iphone-users/?sh=7f1998d22cd3>), [The Hacker News](<https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html>))\n\nTwo vulnerabilities in Microsoft's Mark of the Web (MoTW) security feature could allow an attacker to send JavaScript files that could bypass security blocks in place. Attackers are reportedly actively exploiting both issues, though Microsoft has yet to issue any formal fixes for the vulnerabilities, and there are no workarounds available. Mark of the Web protects users against files from untrusted sources, but the two vulnerabilities could allow the attackers to construct the files in a way that they are not appropriately marked by Windows. Attackers commonly use .js files as attachments or downloads that can run outside a web browser. ([Dark Reading](<https://www.darkreading.com/attacks-breaches/windows-mark-of-the-web-zero-days-patchless-exploit>), [Bleeping Computer](<https://www.bleepingcomputer.com/news/security/exploited-windows-zero-day-lets-javascript-files-bypass-security-warnings/>))\n\n## Can't get enough Talos?\n\n * [Talos Takes Ep. #118: Threat Hunting 101](<https://www.buzzsprout.com/2018149/11542593>)\n * [Beers with Talos Ep. #127: I'm a skiddie, and you can too!](<https://www.buzzsprout.com/2033817/11574269>)\n * [A bug in Abode's home security system could let hackers remotely switch off cameras](<https://techcrunch.com/2022/10/20/abode-security-flaws/>)\n * [Talos Incident Response Q3 2022 Quarterly Report](<https://talosintelligence.com/resources/543>)\n\n## Upcoming events where you can find Talos\n\n[**Click or Treat? How not to fall for a phishing attack this Halloween**](<https://event.on24.com/wcc/r/3914851/E2A43FEDFCBA27E80F264C1B326F7D66>) (Oct. 31) \nVirtual\n\n[**BSides Lisbon**](<https://www.bsideslisbon.org/>) (Nov. 10 - 11) \nCidade Universitaria, Lisboa, Portugal\n\n## Most prevalent malware files from Talos telemetry over the past week\n\n**SHA 256:** [e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c](<https://www.virustotal.com/gui/file/e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c/details>) \n**MD5: **a087b2e6ec57b08c0d0750c60f96a74c \n**Typical Filename:** AAct.exe \n**Claimed Product:** N/A \n**Detection Name:** PUA.Win.Tool.Kmsauto::1201\n\n**SHA 256:** [e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934](<https://www.virustotal.com/gui/file/e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934/details>) \n**MD5:** 93fefc3e88ffb78abb36365fa5cf857c \n**Typical Filename:** Wextract \n**Claimed Product:** Internet Explorer \n**Detection Name:** PUA.Win.Trojan.Generic::85.lp.ret.sbx.tg\n\n**SHA 256:** [c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0](<https://www.virustotal.com/gui/file/c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0/details>) \n**MD5:** 8c69830a50fb85d8a794fa46643493b2 \n**Typical Filename:** AAct.exe \n**Claimed Product:** N/A \n**Detection Name:** PUA.Win.Dropper.Generic::1201\n\n**SHA 256:** [58d6fec4ba24c32d38c9a0c7c39df3cb0e91f500b323e841121d703c7b718681](<https://www.virustotal.com/gui/file/58d6fec4ba24c32d38c9a0c7c39df3cb0e91f500b323e841121d703c7b718681/details>) \n**MD5:** f1fe671bcefd4630e5ed8b87c9283534 \n**Typical Filename:** KMSAuto Net.exe \n**Claimed Product:** KMSAuto Net \n**Detection Name:** PUA.Win.Tool.Hackkms::1201\n\n**SHA 256:** [125e12c8045689bb2a5dcad6fa2644847156dec8b533ee8a3653b432f8fd5645](<https://www.virustotal.com/gui/file/125e12c8045689bb2a5dcad6fa2644847156dec8b533ee8a3653b432f8fd5645/details>) \n**MD5:** 2c8ea737a232fd03ab80db672d50a17a \n**Typical Filename:** LwssPlayer.scr \n**Claimed Product: **\u68a6\u60f3\u4e4b\u5dc5\u5e7b\u706f\u64ad\u653e\u5668 \n**Detection Name:** Auto.125E12.241442.in02", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-27T18:00:06", "type": "talosblog", "title": "Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-32894", "CVE-2022-32917", "CVE-2022-42827"], "modified": "2022-10-27T18:00:06", "id": "TALOSBLOG:340C6278FFC694179634A24F686CBFDF", "href": "https://blog.talosintelligence.com/threat-source-newsletter-oct-27-2022/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-16T15:24:54", "description": "[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLGV0qm1JxU91RjdxVIuHS5qpDp6eR5oqC3GXE4GKh74vcE6eErdX-odGGmldK4seEV08PmWVUMwC9eHiY-MNvEWPJqq7kEe3k9gjAfn0ai-JRQnZ3GdRiAki_wed_Ctz2-MbeTD591fAVRErXhYumK3_GFcUGqEBUmnA_aeVfgK2rZKQ7AW0eYUiY/s16000/threat-source-newsletter.jpg)](<https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLGV0qm1JxU91RjdxVIuHS5qpDp6eR5oqC3GXE4GKh74vcE6eErdX-odGGmldK4seEV08PmWVUMwC9eHiY-MNvEWPJqq7kEe3k9gjAfn0ai-JRQnZ3GdRiAki_wed_Ctz2-MbeTD591fAVRErXhYumK3_GFcUGqEBUmnA_aeVfgK2rZKQ7AW0eYUiY/s2000/threat-source-newsletter.jpg>)\n\n \n\n\n_By Jon Munshaw. _\n\n[![](https://blogger.googleusercontent.com/img/a/AVvXsEj-mJ-nkfcUqAs6gZvX8xS2acg2Gomq1k9sbhaev8z9XCZnVEc3hnBv_CAEBr5YFPKbzeHm615Hm1J6VmtXbPW-VDGf1Y6GkVCjPTnH973CDJSSnSoxB93Nru0Ohx-w8atdDxbRuYdx1wk5h-eUvHihWfJ9aTwOLINT1HzhDqTPflICljFmGplz6bX9=w114-h42)](<https://engage2demand.cisco.com/SubscribeTalosThreatSource>)\n\nWelcome to this week\u2019s edition of the Threat Source newsletter. \n\n \n\n\nPublic schools in the United States already rely on our teachers for so much \u2014 they have to be educators, occasional parental figures, nurses, [safety officers, law enforcement](<https://www.voanews.com/a/as-us-schools-increase-security-some-arm-teachers/6707930.html>) and much more. Slowly, they\u2019re having to add \u201cIT admin\u201d to their list of roles. \n\n \n\n\nEducational institutions have increasingly become a target for ransomware attacks, an issue already highlighted this year by a [major cyber attack on the combined Los Angeles school district](<https://www.npr.org/2022/09/07/1121422336/a-cyberattack-hits-the-los-angeles-school-district-raising-alarm-across-the-coun>) in California that schools are still recovering from. \n\n \n\n\n[Teachers there reported](<https://laist.com/news/education/los-angeles-unified-caught-in-cyber-attack-heres-what-happens-next>) that during the week of the attack, they couldn\u2019t enter attendance, lost lesson plans and presentations, and had to scrap homework plans. Technology has become ever-present in classrooms, so any minimal disruption in a school\u2019s network or software can throw pretty much everything off. \n\n \n\n\nThe last thing teachers need to worry about now is defending against a well-funded threat actor who may live thousands of miles away \u2014 but we\u2019re not making it easy on them. \n\n \n\n\nI asked my mom about this, who is a paraeducator for kindergarten students, and she told me each of her students (keep in mind these are mostly 5- and 6-year-olds) has their own Chromebooks that they bring to and from home and use for homework assignments. The elementary school she works at has more than 500 students enrolled across six grades, and yet there\u2019s only one person for the whole school who acts as their overall IT and network administrator. That\u2019s one person to manage 500-plus laptops and even more devices like iPads and smartboards as you get into the older grades. Many working adults still need to be educated about the dangers of cyber attacks or how to spot a spam text, how can we have the same expectations from kindergarteners? \n\n \n\n\nI\u2019m not saying this is a simple issue to fix \u2014 it would cost millions of dollars to invest in security infrastructure at schools across the U.S. and hire the necessary staff to manage these devices. But I do wonder if it\u2019s a bridge too far for the [burden we\u2019re already placing on teachers](<https://apnews.com/article/health-covid-education-birmingham-0785042a3da15bcbcc58922c747fd961>). \n\n \n\n\nMany of my friends who are educators are great teachers but would be far from computer experts, and I\u2019m confident they\u2019ve never thought about how secure the passwords that their students need to log into their laptops are. \n\n \n\n\nThe FBI released a warning last week that the [Vice Society ransomware group](<https://duo.com/decipher/cisa-fbi-warn-of-vice-society-ransomware-attacks-on-schools>) has increasingly been targeting schools across the U.S. and expects those attacks to continue as the school year ramps up. In the advisory, they said, \u201cSchool districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable.\u201d If that\u2019s the case, what happens if one of these underfunded districts is hit by a cyber attack? Rather than spending the year trying to beef up their security or implement new policies, they\u2019ll instead just have to use up all their time and resources recovering from the attack and returning to square one. \n\n \n\n\nThe teachers, IT admins and school leaders who are already stretched too thin will only be stretched further in the event of a cyber attack. So, before we start investing more money into getting technology into students\u2019 hands in the classroom, it may be worth considering how those devices are meant to be protected and who will oversee protecting them. \n\n \n\n## The one big thing \n\n> \n\n\n> Continuing our research into the well-known Lazarus Group, we have [new details on a malware campaign](<https://blog.talosintelligence.com/2022/09/lazarus-three-rats.html>) with three different trojans targeting energy providers in the U.S., Canada and Japan. The newest malware is MagicRAT, which is deployed alongside two other RATs the Lazarus Group is known for. All three malware tools are being delivered via a targeted campaign that starts with the exploitation of the [Log4j vulnerability](<https://blog.talosintelligence.com/2021/12/apache-log4j-rce-vulnerability.html>) in VMware Horizon. \n\n\n> ### Why do I care? \n> \n> As we [outlined in the newsletter last week](<https://blog.talosintelligence.com/2022/09/threat-source-newsletter-sept-8-2022.html>), anything the Lazarus Group does is not to be taken lightly. And it\u2019s particularly notable since they are targeting energy suppliers, highlighting the dangers that critical infrastructure faces from state-sponsored threat actors. Our research also shows the Lazarus Group is continually updating its malware and finding new ways to avoid detection. \n> \n> ### So now what? \n> \n> We\u2019ve said this a thousand times already, but patch for Log4j in all software if you haven\u2019t already since this is the primary infection method used in this campaign. Talos also released several new solutions for Cisco Secure to detect and prevent the malware used in these attacks. \n> \n> \n\n## Top security headlines from the week\n\n \n\n\nTwitter\u2019s former head of security warned Congress about several potentially dangerous security practices at the social media giant. Peiter \u201cMudge\u201d Zatko, one of the first \u201chackers\u201d to enter mainstream culture, said in testimony that about 50 percent of Twitter\u2019s employees could have access to sensitive user information, something he says he tried to prevent during his time at the company but was stopped. Zatko went as far to directly tell U.S. Senators that their personal data could be at risk because of these practices, adding that the company is \u201cmisleading the public, lawmakers, regulators, and even its own board of directors.\u201d The testimony came under additional scrutiny because of its potential influence on the ongoing battle regarding Elon Musk\u2019s failed offer to buy Twitter. ([Vox](<https://www.vox.com/recode/2022/9/13/23351523/twitter-whistleblower-peiter-mudge-zatko-senate-hearing-klobuchar-grassley-durbin-musk-parag-agrawal>), [Politico](<https://www.politico.com/news/2022/09/13/whistleblower-zatko-testimony-agrawal-twitter-00056291>)) \n\nMontenegro\u2019s government continues to grapple with a massive cyber attack, forcing many services offline at government offices and putting the country\u2019s essential infrastructure, including banking, water and electrical power systems at risk. Government officials stated that the attack resembles others from well-known Russian state-sponsored actors. The FBI even deployed a special cybersecurity team to the country to help with the recovery and remediation process. The Cuba ransomware group claimed responsibility for the attack, going as far as to say they created a special malware just for this campaign. Recent cyber attacks against NATO nations like Montenegro and Albania have raised questions around NATO\u2019s Article 5 could be triggered over offensive cyber attacks. ([Associated Press](<https://apnews.com/article/russia-ukraine-nato-technology-hacking-religion-5c2bd851027b56a77eaf9385b7d5d741>), [NPR](<https://www.npr.org/2022/09/13/1122621461/examining-2-recent-cyberattacks-against-nato-members>)) \n\nApple released security updates for its mobile and desktop operating systems this week to patch zero-day vulnerabilities that attackers have actively exploited in the wild. CVE-2022-32917, according to Apple, could allow an attacker to execute arbitrary code with kernel privileges. This is the eighth zero-day vulnerability Apple disclosed this year. When updating iOS, users can upgrade to iOS 16, which also comes with several new security features. The new operating system includes a centralized privacy dashboard, safety checks for users who could be at risk of having their devices infected with spyware, and password-free logins on some sites. ([9to5Mac](<https://9to5mac.com/2022/09/13/update-your-iphone/>), [New York Times Wirecutter](<https://www.nytimes.com/wirecutter/blog/apple-ios-16-privacy-and-security-features/>)) \n\n \n\n\n## Can\u2019t get enough Talos? \n\n * _[Energy providers hit by North Korea-linked Lazarus exploiting Log4j VMware vulnerabilities](<https://www.cybersecuritydive.com/news/energy-providers-log4j-vmware/631673/>)_\n * _[Talos Takes Ep. #112: Back to school advice for teachers, students, parents, admins and everyone in between](<https://www.buzzsprout.com/2018149/episodes/11283506>)_\n * _[North Korea\u2019s Lazarus hackers are exploiting Log4j flaw to hack US energy companies](<https://techcrunch.com/2022/09/08/north-korea-lazarus-united-states-energy/>)_\n * _[Cisco Talos traps new Lazarus Group RAT](<https://www.techtarget.com/searchsecurity/news/252524728/Cisco-Talos-traps-new-Lazarus-Group-RAT>)_\n * _[Microsoft Patch Tuesday for September 2022 \u2014 Snort rules and prominent vulnerabilities](<https://blog.talosintelligence.com/2022/09/microsoft-patch-tuesday-for-september.html>)_\n * _[Talos EMEA Monthly Threat Update: How do you know if cyber insurance is right for you?](<https://youtu.be/ZjdBRjJ7yx4>)_\n\n## Upcoming events where you can find Talos \n\n \n\n\n**_[Cisco Security Solution Expert Sessions](<https://web.cvent.com/event/f150cd18-061b-4c25-b617-044c50cac855/summary>)_ (Oct. 11 & 13)**\n\nVirtual \n\n \n\n\n## Most prevalent malware files from Talos telemetry over the past week \n\n** \n**\n\n**SHA 256: **[e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c](<https://www.virustotal.com/gui/file/e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c/details>)\n\n**MD5: **a087b2e6ec57b08c0d0750c60f96a74c \n\n**Typical Filename: **AAct.exe \n\n**Claimed Product: **N/A** **\n\n**Detection Name: **PUA.Win.Tool.Kmsauto::1201 \n\n** \n**\n\n**SHA 256: **[e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934](<https://www.virustotal.com/gui/file/e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934/details>)** \n****MD5: **93fefc3e88ffb78abb36365fa5cf857c ** \n****Typical Filename: **Wextract \n**Claimed Product: **Internet Explorer \n**Detection Name: **PUA.Win.Trojan.Generic::85.lp.ret.sbx.tg \n\n \n\n\n**SHA 256: **[c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0](<https://www.virustotal.com/gui/file/c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0/details>) \n\n**MD5:** 8c69830a50fb85d8a794fa46643493b2 \n\n**Typical Filename: **AAct.exe** **\n\n**Claimed Product: **N/A \n\n**Detection Name: **PUA.Win.Dropper.Generic::1201** **\n\n** \n**\n\n**SHA 256: **[58d6fec4ba24c32d38c9a0c7c39df3cb0e91f500b323e841121d703c7b718681](<https://www.virustotal.com/gui/file/58d6fec4ba24c32d38c9a0c7c39df3cb0e91f500b323e841121d703c7b718681/details>)** **\n\n**MD5: **f1fe671bcefd4630e5ed8b87c9283534 \n\n**Typical Filename: **KMSAuto Net.exe** **\n\n**Claimed Product: **KMSAuto Net \n\n**Detection Name: **PUA.Win.Tool.Hackkms::1201 \n\n** \n**\n\n**SHA 256: **[8664e2f59077c58ac12e747da09d2810fd5ca611f56c0c900578bf750cab56b7](<https://www.virustotal.com/gui/file/8664e2f59077c58ac12e747da09d2810fd5ca611f56c0c900578bf750cab56b7/details>) \n\n**MD5: **0e4c49327e3be816022a233f844a5731** **\n\n**Typical Filename: **aact.exe** **\n\n**Claimed Product: **AAct x86 \n\n**Detection Name: **PUA.Win.Tool.Kmsauto::in03.talos** **", "cvss3": {}, "published": "2022-09-15T18:00:00", "type": "talosblog", "title": "Threat Source newsletter (Sept. 15, 2022) \u2014 Teachers have to be IT admins now, too", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-32917"], "modified": "2022-09-16T13:38:00", "id": "TALOSBLOG:8702885301AC5E41DC818B2EF245CC29", "href": "http://blog.talosintelligence.com/2022/09/threat-source-newsletter-sept-15-2022.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-01T14:32:09", "description": "[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLGV0qm1JxU91RjdxVIuHS5qpDp6eR5oqC3GXE4GKh74vcE6eErdX-odGGmldK4seEV08PmWVUMwC9eHiY-MNvEWPJqq7kEe3k9gjAfn0ai-JRQnZ3GdRiAki_wed_Ctz2-MbeTD591fAVRErXhYumK3_GFcUGqEBUmnA_aeVfgK2rZKQ7AW0eYUiY/s16000/threat-source-newsletter.jpg)](<https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLGV0qm1JxU91RjdxVIuHS5qpDp6eR5oqC3GXE4GKh74vcE6eErdX-odGGmldK4seEV08PmWVUMwC9eHiY-MNvEWPJqq7kEe3k9gjAfn0ai-JRQnZ3GdRiAki_wed_Ctz2-MbeTD591fAVRErXhYumK3_GFcUGqEBUmnA_aeVfgK2rZKQ7AW0eYUiY/s2000/threat-source-newsletter.jpg>) \n\n\n_By Jon Munshaw. _\n\n[![](https://blogger.googleusercontent.com/img/a/AVvXsEj-mJ-nkfcUqAs6gZvX8xS2acg2Gomq1k9sbhaev8z9XCZnVEc3hnBv_CAEBr5YFPKbzeHm615Hm1J6VmtXbPW-VDGf1Y6GkVCjPTnH973CDJSSnSoxB93Nru0Ohx-w8atdDxbRuYdx1wk5h-eUvHihWfJ9aTwOLINT1HzhDqTPflICljFmGplz6bX9=w114-h42)](<https://engage2demand.cisco.com/SubscribeTalosThreatSource>)\n\nWelcome to this week\u2019s edition of the Threat Source newsletter. \n\n \n\n\nRussia\u2019s invasion of Ukraine was once the most talked about story in the world. Six months into the conflict, modern attention spans have moved on to other news stories. But Ukraine Independence Day yesterday should serve as a reminder to everyone that the threats to Ukraine have not gone anywhere. \n\n \n\n\nThe country still faces a physical conflict with Russia every day that seemingly has no easy end, and the barrage of cyber attacks is suspected to continue. \n\n \n\n\nAs discussed in [our livestream yesterday](<https://youtu.be/sIsrNI6Hhwc>), Talos continues to see evolving cybersecurity threats in the region, including the most recent [GoMet backdoor](<https://blog.talosintelligence.com/2022/07/attackers-target-ukraine-using-gomet.html>). And as Joe Marshall highlighted in [his blog post last week](<https://blog.talosintelligence.com/2022/08/ukraine-and-fragility-of-agriculture.html>), Ukraine\u2019s agriculture industry \u2014 which is vital to the global food supply chain \u2014 remains vulnerable to kinetic and virtual attacks. Because there\u2019s been no one major cyber attack against Ukraine since Russia\u2019s invasion began, the larger public perception is that things haven\u2019t been \u201cthat bad.\u201d But state-sponsored actors have continually barraged Ukrainian government entities and critical infrastructure with a range of attacks, including the [infamous Fancy Bear and Sandworm groups](<https://www.darkreading.com/attacks-breaches/five-russia-linked-groups-target-ukraine-in-cyberwar>). \n\n \n\n\nUkraine\u2019s state nuclear power company also said last week that state-sponsored actors [launched a three-hour attack](<https://www.aljazeera.com/news/2022/8/16/ukraine-nuclear-power-company-says-russia-attacked-website>) on its websites. \n\n \n\n\nA three-hour distributed denial-of-service attack isn\u2019t going to headline the nightly news, but that doesn\u2019t mean they aren\u2019t happening and making it harder for the Ukrainian government and critical infrastructure to operate. There are people who, six months into this, are still having to fend off cyber threats daily, sometimes just to keep the internet on or to make sure that week\u2019s grain shipment goes out on time. \n\n \n\n\nWhile headlines come and go, it\u2019s important to remember that there are some things always going on in the background that are bigger than newer headlines that distract us to talk about the newest trojan someone found on the Android store. \n\n \n\n## The one big thing \n\n> > All Apple users should update their devices if they haven\u2019t already. The company [released updates](<https://www.pcmag.com/news/time-to-patch-hackers-are-exploiting-2-flaws-in-ios-macos>) for iOS, iPadOS and macOS last week, warning of two vulnerabilities that [could have been exploited in the wild](<https://www.techtimes.com/articles/279393/20220819/apple-fixes-two-major-vulnerabilities-targeting-webkit-kernel-iphone-owners.htm>). CVE-2022-32894 is an out-of-bounds write issue in the operating systems\u2019 kernel that an adversary could exploit to execute arbitrary code with kernel privileges and [take control over the system](<https://www.cbc.ca/news/business/apple-security-flaw-full-control-1.6556039>). CVE-2022-32893 is an out-of-bounds write issue in WebKit that can also lead to arbitrary code execution. \n\n\n> ### Why do I care? \n> \n> While Apple did not disclose any details of attacks potential exploiting these issues, it did say it was aware of a report that the issues \u201cmay have been actively exploited.\u201d Apple says the vulnerabilities exist in iPhone 6s and later, all models of the iPad Pro, the iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later and iPod touch 7th generation. Any users of these devices should patch as soon as possible. \n> \n> ### So now what? \n> \n> Patch, patch and patch again if you\u2019re using any Apple devices. \n\n> \n> \n\n## Top security headlines from the week\n\n \n\n\nThe LockBit ransomware\u2019s website was hit with a large distributed denial-of-service attack after threatening to leak documents belonging to a cybersecurity firm. At one point, the site displayed a warning that the ransomware gang plans to upload the targeted company\u2019s stolen data to peer-to-peer networks. Talos\u2019 own Azim Shukuhi first tweeted that a LockBit member told him the site's servers were receiving \u201c400 requests a second from over 1,000 servers\u201d in a possible \u201chack back\u201d attack. DDoS attacks aim to disrupt a site\u2019s operations by flooding it with traffic and messages, forcing it to essentially shut down for a period of time. ([The Register](<https://www.theregister.com/2022/08/22/entrust_lockbit_ddos_ransomware/>), [TechCrunch](<https://techcrunch.com/2022/08/22/entrust-lockbit-ddos-ransomware/>)) \n\nFormer Twitter Head of Security Peiter \"Mudge\" Zatko filed a complaint to the U.S. Securities and Exchange Commission alleging that Twitter is not doing enough to crack down on bot and spam accounts. Mudge is known for being involved with the \u201cCult of the Dead Cow\u201d hacking group, one of the first groups of its kind in history. The testimony to the SEC also stated that too many Twitter employees have access to critical user data and the company was not actually deleting user data when it was asked to. The number of bot accounts on the social media site is central to a failed bid for Elon Musk to buy the company. ([CNN](<https://www.cnn.com/videos/business/2022/08/23/elon-musk-bots-twitter-whistleblower-peiter-mudge-zatko-zw-jg-orig.cnn-business>), [The Verge](<https://www.theverge.com/2022/8/23/23317857/twitter-whistleblower-zatko-security-spam-safety>)) \n\nThe FBI is warning that threat actors are increasingly hijacking home IP addresses to disguise credential-stuffing attacks. An investigation from the FBI and their Australian counterparts uncovered two sites that contained more than 300,000 unique credentials that were for sale, warning they could be used in attacks against private companies. The actors are setting up proxies to disguise the flood of login attempts, and by using residential IP addresses, they can avoid usual detection techniques. ([Cybersecurity Dive](<https://www.cybersecuritydive.com/news/credential-stuffing-FBI/630294/>), [FBI](<https://www.ic3.gov/Media/News/2022/220818.pdf>)) \n\n \n\n\n## Can\u2019t get enough Talos? \n\n * _[Talos Takes Ep. #109: Why cybercrime is going small-time](<https://www.buzzsprout.com/2018149/episodes/11165673>)_\n * _[Livestream: Talos update on Ukraine Independence Day](<https://www.youtube.com/watch?v=sIsrNI6Hhwc&ab_channel=CiscoTalosIntelligenceGroup>)_\n * _[Threat Roundup for Aug. 12 - 19](<https://blog.talosintelligence.com/2022/08/threat-roundup-0812-0819.html>)_\n * _[The war in Ukraine has threatened its vital agriculture. Now it could be crippled by a cyberattack](<https://www.euronews.com/next/2022/08/24/the-war-in-ukraine-has-threatened-its-vital-agriculture-now-it-could-be-crippled-by-a-cybe>)_\n * _[Cisco: All Intelligence is Not Created Equal](<https://www.darkreading.com/threat-intelligence/cisco-all-intelligence-is-not-created-equal>)_\n\n \n\n\n## Upcoming events where you can find Talos \n\n \n\n\n**_[Cisco Security Solution Expert Sessions](<https://web.cvent.com/event/f150cd18-061b-4c25-b617-044c50cac855/summary>)_ (Oct. 11 & 13)**\n\nVirtual \n\n \n\n\n## Most prevalent malware files from Talos telemetry over the past week \n\n** \n**\n\n**SHA 256: **[e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934](<https://www.virustotal.com/gui/file/e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934/details>)** \n****MD5: **93fefc3e88ffb78abb36365fa5cf857c ** \n****Typical Filename: **Wextract \n**Claimed Product: **Internet Explorer \n**Detection Name: **PUA.Win.Trojan.Generic::85.lp.ret.sbx.tg \n\n \n\n\n**SHA 256: **[125e12c8045689bb2a5dcad6fa2644847156dec8b533ee8a3653b432f8fd5645](<https://www.virustotal.com/gui/file/125e12c8045689bb2a5dcad6fa2644847156dec8b533ee8a3653b432f8fd5645/details>) \n\n**MD5: **2c8ea737a232fd03ab80db672d50a17a \n\n**Typical Filename:** LwssPlayer.scr \n\n**Claimed Product: **\u68a6\u60f3\u4e4b\u5dc5\u5e7b\u706f\u64ad\u653e\u5668 \n\n**Detection Name: **Auto.125E12.241442.in02 \n\n \n\n\n**SHA 256: **[a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91](<https://www.virustotal.com/gui/file/a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91/details>)** **\n\n**MD5: **7bdbd180c081fa63ca94f9c22c457376 \n\n**Typical Filename: **c0dwjdi6a.dll \n\n**Claimed Product: **N/A \n\n**Detection Name: **Trojan.GenericKD.33515991 \n\n \n\n\n**SHA 256: **[e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c](<https://www.virustotal.com/gui/file/e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c/details>)** **\n\n**MD5: **a087b2e6ec57b08c0d0750c60f96a74c \n\n**Typical Filename: **AAct.exe \n\n**Claimed Product: **N/A ** **\n\n**Detection Name: **PUA.Win.Tool.Kmsauto::1201 \n\n** \n**\n\n**SHA 256: **[c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0](<https://www.virustotal.com/gui/file/c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0/details>) \n\n**MD5: **8c69830a50fb85d8a794fa46643493b2 \n\n**Typical Filename:** AAct.exe** **\n\n**Claimed Product: **N/A \n\n**Detection Name: **PUA.Win.Dropper.Generic::1201", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-25T18:00:00", "type": "talosblog", "title": "Threat Source newsletter (Aug. 25, 2022) \u2014 We're still not talking about Ukraine enough", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-32893", "CVE-2022-32894"], "modified": "2022-09-01T12:58:19", "id": "TALOSBLOG:53D093A8C1C443878386CF6F108BED03", "href": "http://blog.talosintelligence.com/2022/08/threat-source-newsletter-aug-25-2022.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "prion": [{"lastseen": "2023-08-15T17:53:56", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6. An app may be able to read sensitive location information.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.0, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32875", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 2.7, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.5, "vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32875"], "modified": "2022-11-02T15:58:00", "id": "PRION:CVE-2022-32875", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32875", "cvss": {"score": 1.5, "vector": "AV:L/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T17:55:47", "description": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32913", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32913"], "modified": "2022-11-03T15:02:00", "id": "PRION:CVE-2022-32913", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32913", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T22:11:33", "description": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to read sensitive location information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-42819", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42819"], "modified": "2022-11-03T12:50:00", "id": "PRION:CVE-2022-42819", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-42819", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T17:55:20", "description": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-20T21:15:00", "type": "prion", "title": "CVE-2022-32883", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32883"], "modified": "2023-08-08T14:22:00", "id": "PRION:CVE-2022-32883", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32883", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T17:53:59", "description": "A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Monterey 12.6. An app may be able to access user-sensitive data.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32877", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32877"], "modified": "2023-03-17T02:15:00", "id": "PRION:CVE-2022-32877", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32877", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T22:09:24", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. A user may be able to view restricted content from the lock screen.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-42790", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42790"], "modified": "2022-11-02T19:31:00", "id": "PRION:CVE-2022-42790", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-42790", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-28T09:23:26", "description": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-12-15T19:15:00", "type": "prion", "title": "CVE-2022-46701", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-46701"], "modified": "2023-08-08T14:22:00", "id": "PRION:CVE-2022-46701", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-46701", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T17:52:16", "description": "This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-20T21:15:00", "type": "prion", "title": "CVE-2022-32854", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32854"], "modified": "2023-08-08T14:22:00", "id": "PRION:CVE-2022-32854", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32854", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T17:55:43", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-02-27T20:15:00", "type": "prion", "title": "CVE-2022-32900", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32900"], "modified": "2023-03-08T13:57:00", "id": "PRION:CVE-2022-32900", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32900", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T17:55:44", "description": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32904", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32904"], "modified": "2022-11-02T19:08:00", "id": "PRION:CVE-2022-32904", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32904", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T17:55:19", "description": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32881", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32881"], "modified": "2022-11-03T12:30:00", "id": "PRION:CVE-2022-32881", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32881", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-08-15T17:55:46", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-20T21:15:00", "type": "prion", "title": "CVE-2022-32911", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32911"], "modified": "2022-11-04T01:53:00", "id": "PRION:CVE-2022-32911", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32911", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-28T02:23:13", "description": "This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-02-27T20:15:00", "type": "prion", "title": "CVE-2022-32896", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32896"], "modified": "2023-08-08T14:22:00", "id": "PRION:CVE-2022-32896", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32896", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T17:57:36", "description": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32924", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32924"], "modified": "2023-01-09T16:41:00", "id": "PRION:CVE-2022-32924", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32924", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T17:58:07", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to cause kernel code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32934", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32934"], "modified": "2022-11-02T17:22:00", "id": "PRION:CVE-2022-32934", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32934", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T17:55:47", "description": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32914", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32914"], "modified": "2022-11-02T16:11:00", "id": "PRION:CVE-2022-32914", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32914", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T22:09:23", "description": "An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-42789", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42789"], "modified": "2022-11-02T19:12:00", "id": "PRION:CVE-2022-42789", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-42789", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T17:52:35", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32866", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32866"], "modified": "2022-11-02T15:45:00", "id": "PRION:CVE-2022-32866", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32866", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T17:52:32", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to disclose kernel memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-20T21:15:00", "type": "prion", "title": "CVE-2022-32864", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32864"], "modified": "2022-11-04T12:46:00", "id": "PRION:CVE-2022-32864", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32864", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T17:55:43", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-02-27T20:15:00", "type": "prion", "title": "CVE-2022-32902", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32902"], "modified": "2023-03-07T21:21:00", "id": "PRION:CVE-2022-32902", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32902", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-08-15T17:55:45", "description": "A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-20T21:15:00", "type": "prion", "title": "CVE-2022-32908", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32908"], "modified": "2022-11-04T01:50:00", "id": "PRION:CVE-2022-32908", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32908", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T17:55:30", "description": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-32888", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32888"], "modified": "2023-05-30T06:15:00", "id": "PRION:CVE-2022-32888", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32888", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T07:05:07", "description": "An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-20T16:15:00", "type": "prion", "title": "CVE-2021-39537", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39537"], "modified": "2023-04-27T15:15:00", "id": "PRION:CVE-2021-39537", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-39537", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T17:55:39", "description": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-24T20:15:00", "type": "prion", "title": "CVE-2022-32894", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32894"], "modified": "2022-12-07T03:02:00", "id": "PRION:CVE-2022-32894", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32894", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T17:55:49", "description": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-20T21:15:00", "type": "prion", "title": "CVE-2022-32917", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32917"], "modified": "2022-12-07T03:12:00", "id": "PRION:CVE-2022-32917", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-32917", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T22:09:25", "description": "An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "prion", "title": "CVE-2022-42793", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42793"], "modified": "2023-08-08T14:22:00", "id": "PRION:CVE-2022-42793", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-42793", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-08-15T15:27:29", "description": "LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-11T15:15:00", "type": "prion", "title": "CVE-2022-1622", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1622"], "modified": "2022-11-07T20:52:00", "id": "PRION:CVE-2022-1622", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-1622", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-15T15:41:35", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T12:15:00", "type": "prion", "title": "Heap-based Buffer Overflow in vim/vim", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2125"], "modified": "2023-05-03T12:15:00", "id": "PRION:CVE-2022-2125", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-2125", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T15:35:11", "description": "Use After Free in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-10T19:15:00", "type": "prion", "title": "Use After Free in vim/vim", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2042"], "modified": "2023-05-03T12:15:00", "id": "PRION:CVE-2022-2042", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-2042", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T15:28:25", "description": "Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-20T15:15:00", "type": "prion", "title": "Buffer Over-read in function grab_file_name in vim/vim", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1720"], "modified": "2023-06-27T15:57:00", "id": "PRION:CVE-2022-1720", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-1720", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T15:41:33", "description": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T10:15:00", "type": "prion", "title": "Buffer Over-read in vim/vim", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2124"], "modified": "2023-06-27T18:59:00", "id": "PRION:CVE-2022-2124", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-2124", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T15:41:39", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T13:15:00", "type": "prion", "title": "Out-of-bounds Read in vim/vim", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2126"], "modified": "2023-05-03T12:15:00", "id": "PRION:CVE-2022-2126", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-2126", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-15T15:30:51", "description": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-09T16:15:00", "type": "prion", "title": "Out-of-bounds Write in vim/vim", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2000"], "modified": "2023-05-03T12:15:00", "id": "PRION:CVE-2022-2000", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-2000", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-06-03T14:43:24", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6. An app may be able to read sensitive location information.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.0, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32875", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 2.7, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.5, "vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32875"], "modified": "2022-11-02T15:58:00", "cpe": [], "id": "CVE-2022-32875", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32875", "cvss": {"score": 1.5, "vector": "AV:L/AC:M/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:29", "description": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32904", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32904"], "modified": "2022-11-02T19:08:00", "cpe": [], "id": "CVE-2022-32904", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32904", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:25", "description": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32881", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32881"], "modified": "2022-11-03T12:30:00", "cpe": [], "id": "CVE-2022-32881", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32881", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:28", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-02-27T20:15:00", "type": "cve", "title": "CVE-2022-32902", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32902"], "modified": "2023-03-07T21:21:00", "cpe": [], "id": "CVE-2022-32902", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32902", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T15:06:46", "description": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to read sensitive location information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-42819", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42819"], "modified": "2022-11-03T12:50:00", "cpe": [], "id": "CVE-2022-42819", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42819", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:31", "description": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32924", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32924"], "modified": "2023-01-09T16:41:00", "cpe": [], "id": "CVE-2022-32924", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32924", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:24", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32866", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32866"], "modified": "2022-11-02T15:45:00", "cpe": [], "id": "CVE-2022-32866", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32866", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-08-17T01:09:40", "description": "This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-02-27T20:15:00", "type": "cve", "title": "CVE-2022-32896", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32896"], "modified": "2023-08-08T14:22:00", "cpe": [], "id": "CVE-2022-32896", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32896", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:24", "description": "A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Monterey 12.6. An app may be able to access user-sensitive data.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32877", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32877"], "modified": "2023-03-17T02:15:00", "cpe": [], "id": "CVE-2022-32877", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32877", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-08-17T02:36:33", "description": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-12-15T19:15:00", "type": "cve", "title": "CVE-2022-46701", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-46701"], "modified": "2023-08-08T14:22:00", "cpe": [], "id": "CVE-2022-46701", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46701", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:28", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-02-27T20:15:00", "type": "cve", "title": "CVE-2022-32900", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32900"], "modified": "2023-03-08T13:57:00", "cpe": [], "id": "CVE-2022-32900", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32900", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:32", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to cause kernel code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32934", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32934"], "modified": "2022-11-02T17:22:00", "cpe": [], "id": "CVE-2022-32934", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32934", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-03T15:06:40", "description": "An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-42789", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42789"], "modified": "2022-11-02T19:12:00", "cpe": [], "id": "CVE-2022-42789", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42789", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:30", "description": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32913", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32913"], "modified": "2022-11-03T15:02:00", "cpe": [], "id": "CVE-2022-32913", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32913", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:30", "description": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32914", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32914"], "modified": "2022-11-02T16:11:00", "cpe": [], "id": "CVE-2022-32914", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32914", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-03T15:06:40", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. A user may be able to view restricted content from the lock screen.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-42790", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42790"], "modified": "2022-11-02T19:31:00", "cpe": [], "id": "CVE-2022-42790", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42790", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:30", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-20T21:15:00", "type": "cve", "title": "CVE-2022-32911", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32911"], "modified": "2022-11-04T01:53:00", "cpe": [], "id": "CVE-2022-32911", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32911", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:23", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to disclose kernel memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-20T21:15:00", "type": "cve", "title": "CVE-2022-32864", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32864"], "modified": "2022-11-04T12:46:00", "cpe": [], "id": "CVE-2022-32864", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32864", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-08-11T21:20:39", "description": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-20T21:15:00", "type": "cve", "title": "CVE-2022-32883", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32883"], "modified": "2023-08-08T14:22:00", "cpe": [], "id": "CVE-2022-32883", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32883", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:29", "description": "A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-20T21:15:00", "type": "cve", "title": "CVE-2022-32908", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32908"], "modified": "2022-11-04T01:50:00", "cpe": [], "id": "CVE-2022-32908", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32908", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-08-11T21:10:04", "description": "This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-20T21:15:00", "type": "cve", "title": "CVE-2022-32854", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32854"], "modified": "2023-08-08T14:22:00", "cpe": [], "id": "CVE-2022-32854", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32854", "cvss": {"score": 1.7, "vector": "AV:L/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:27", "description": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-24T20:15:00", "type": "cve", "title": "CVE-2022-32894", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32894"], "modified": "2022-12-07T03:02:00", "cpe": [], "id": "CVE-2022-32894", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32894", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-05-23T15:40:56", "description": "An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-20T16:15:00", "type": "cve", "title": "CVE-2021-39537", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39537"], "modified": "2023-04-27T15:15:00", "cpe": ["cpe:/o:apple:mac_os_x:10.12.6", "cpe:/o:apple:macos:11.7", "cpe:/o:apple:macos:13.0", "cpe:/a:gnu:ncurses:6.2.1"], "id": "CVE-2021-39537", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-39537", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gnu:ncurses:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:13.0:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:11.7:*:*:*:*:*:*:*"]}, {"lastseen": "2023-08-11T20:36:40", "description": "An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-42793", "cwe": ["CWE-347"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42793"], "modified": "2023-08-08T14:22:00", "cpe": [], "id": "CVE-2022-42793", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42793", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2023-06-07T14:48:23", "description": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32888", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32888"], "modified": "2023-05-30T06:15:00", "cpe": [], "id": "CVE-2022-32888", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32888", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-03T14:43:31", "description": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-20T21:15:00", "type": "cve", "title": "CVE-2022-32917", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32917"], "modified": "2022-12-07T03:12:00", "cpe": [], "id": "CVE-2022-32917", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32917", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-17T14:31:12", "description": "LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-11T15:15:00", "type": "cve", "title": "CVE-2022-1622", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1622"], "modified": "2022-11-07T20:52:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "cpe:/o:fedoraproject:fedora:35", "cpe:/a:netapp:ontap_select_deploy_administration_utility:-", "cpe:/a:libtiff:libtiff:4.3.0"], "id": "CVE-2022-1622", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1622", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "cpe:2.3:a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-14T14:15:33", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T12:15:00", "type": "cve", "title": "CVE-2022-2125", "cwe": ["CWE-122"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2125"], "modified": "2023-05-03T12:15:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2022-2125", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2125", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-17T14:33:59", "description": "Use After Free in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-10T19:15:00", "type": "cve", "title": "CVE-2022-2042", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2042"], "modified": "2023-05-03T12:15:00", "cpe": [], "id": "CVE-2022-2042", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2042", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2023-06-17T14:31:33", "description": "Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-20T15:15:00", "type": "cve", "title": "CVE-2022-1720", "cwe": ["CWE-126"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1720"], "modified": "2023-05-03T12:15:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "cpe:/o:fedoraproject:fedora:35", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:debian:debian_linux:10.0"], "id": "CVE-2022-1720", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1720", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-17T14:36:56", "description": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T10:15:00", "type": "cve", "title": "CVE-2022-2124", "cwe": ["CWE-126"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2124"], "modified": "2023-05-03T12:15:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "cpe:/o:fedoraproject:fedora:35", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2022-2124", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2124", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-14T14:15:39", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T13:15:00", "type": "cve", "title": "CVE-2022-2126", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2126"], "modified": "2023-05-03T12:15:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2022-2126", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2126", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-17T14:32:36", "description": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-09T16:15:00", "type": "cve", "title": "CVE-2022-2000", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2000"], "modified": "2023-05-03T12:15:00", "cpe": ["cpe:/o:fedoraproject:fedora:35", "cpe:/o:debian:debian_linux:10.0"], "id": "CVE-2022-2000", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2000", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-08-09T16:16:21", "description": "An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in\ncaptoinfo.c has a heap-based buffer overflow.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | read of size 1, DoS only\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-20T00:00:00", "type": "ubuntucve", "title": "CVE-2021-39537", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39537"], "modified": "2021-09-20T00:00:00", "id": "UB:CVE-2021-39537", "href": "https://ubuntu.com/security/CVE-2021-39537", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-27T18:02:42", "description": "An out-of-bounds write issue was addressed with improved bounds checking.\nThis issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS\n15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing\nmaliciously crafted web content may lead to arbitrary code execution.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-01T00:00:00", "type": "ubuntucve", "title": "CVE-2022-32888", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32888"], "modified": "2022-11-01T00:00:00", "id": "UB:CVE-2022-32888", "href": "https://ubuntu.com/security/CVE-2022-32888", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-29T13:34:29", "description": "LibTIFF master branch has an out-of-bounds read in LZWDecode in\nlibtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via\na crafted tiff file. For users that compile libtiff from sources, the fix\nis available with commit b4e79bfa.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ccdm94](<https://launchpad.net/~ccdm94>) | according to the issue in the libtiff git (410), this only affects version 4.3.0 onwards, more specifically, versions that include commit 3079627e. Further investigation has confirmed that versions below 4.3.0 seem to be not affected, as the reproducer does not work, and there are no SEGV errors. Impish and jammy, which include version 4.3.0, also do not seem to be affected, as results from running the POCs with their versions are different than the ones obtained when the specific commit mentioned in the 410 issue by the issue reporter is used with the same POC files (commit b51bb157). For this reason, and because jammy and earlier do not include code from commit 3079627e, these releases will be marked as not vulnerable.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-11T00:00:00", "type": "ubuntucve", "title": "CVE-2022-1622", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1622"], "modified": "2022-05-11T00:00:00", "id": "UB:CVE-2022-1622", "href": "https://ubuntu.com/security/CVE-2022-1622", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-15T13:27:49", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ccdm94](<https://launchpad.net/~ccdm94>) | in bionic and earlier vulnerable function can be found in src/misc1.c instead of src/indent.c.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T00:00:00", "type": "ubuntucve", "title": "CVE-2022-2125", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2125"], "modified": "2022-06-19T00:00:00", "id": "UB:CVE-2022-2125", "href": "https://ubuntu.com/security/CVE-2022-2125", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-27T20:13:20", "description": "Use After Free in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-10T00:00:00", "type": "ubuntucve", "title": "CVE-2022-2042", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2042"], "modified": "2022-06-10T00:00:00", "id": "UB:CVE-2022-2042", "href": "https://ubuntu.com/security/CVE-2022-2042", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-29T13:32:26", "description": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ccdm94](<https://launchpad.net/~ccdm94>) | in focal and earlier file to be patched is src/search.c instead of src/textobject.c. In focal and earlier, POC causes vim process to hang, and valgrind output does not include the out-of-bounds access.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T00:00:00", "type": "ubuntucve", "title": "CVE-2022-2124", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2124"], "modified": "2022-06-19T00:00:00", "id": "UB:CVE-2022-2124", "href": "https://ubuntu.com/security/CVE-2022-2124", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-29T13:32:25", "description": "Buffer Over-read in function grab_file_name in GitHub repository vim/vim\nprior to 8.2.4956. This vulnerability is capable of crashing the software,\nmemory modification, and possible remote execution.\n\n#### Bugs\n\n * <https://huntr.dev/bounties/5ccfb386-7eb9-46e5-98e5-243ea4b358a8>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[eslerm](<https://launchpad.net/~eslerm>) | patch breaks tilde test on xenial\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-20T00:00:00", "type": "ubuntucve", "title": "CVE-2022-1720", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1720"], "modified": "2022-06-20T00:00:00", "id": "UB:CVE-2022-1720", "href": "https://ubuntu.com/security/CVE-2022-1720", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-29T13:32:26", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ccdm94](<https://launchpad.net/~ccdm94>) | in bionic and earlier the vulnerable code is in src/spell.c instead of src/spellsuggest.c.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-19T00:00:00", "type": "ubuntucve", "title": "CVE-2022-2126", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2126"], "modified": "2022-06-19T00:00:00", "id": "UB:CVE-2022-2126", "href": "https://ubuntu.com/security/CVE-2022-2126", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-18T13:21:28", "description": "LibTIFF master branch has an out-of-bounds read in LZWDecode in\nlibtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via\na crafted tiff file. For users that compile libtiff from sources, the fix\nis available with commit b4e79bfa.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ccdm94](<https://launchpad.net/~ccdm94>) | This CVE has the same fix as the one for CVE-2022-1622. according to the issue in the libtiff git (410), this only affects version 4.3.0 onwards, more specifically, versions that include commit 3079627e. Further investigation has confirmed that versions below 4.3.0 seem to be not affected, as the reproducer does not work, and there are no SEGV errors. Impish and jammy, which include version 4.3.0, also do not seem to be affected, as results from running the POCs with their versions are different than the ones obtained when the specific commit mentioned in the 410 issue by the issue reporter is used with the same POC files (commit b51bb157). For this reason, and because jammy and earlier do not include code from commit 3079627e, these releases will be marked as not vulnerable.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-11T00:00:00", "type": "ubuntucve", "title": "CVE-2022-1623", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1622", "CVE-2022-1623"], "modified": "2022-05-11T00:00:00", "id": "UB:CVE-2022-1623", "href": "https://ubuntu.com/security/CVE-2022-1623", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-07-27T20:02:27", "description": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-09T00:00:00", "type": "ubuntucve", "title": "CVE-2022-2000", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2000"], "modified": "2022-06-09T00:00:00", "id": "UB:CVE-2022-2000", "href": "https://ubuntu.com/security/CVE-2022-2000", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cnvd": [{"lastseen": "2022-08-21T09:51:45", "description": "iOS is a mobile operating system developed by Apple Inc. iPadOS (full name: iPad Operating System) is a family of mobile operating systems developed by Apple Inc. based on iOS. Mac OS is a set of operating systems developed by Apple that runs on the Macintosh family of computers. apple iOS, iPadOS and Mac OS has an out-of-bounds write vulnerability, which can be exploited by attackers to execute arbitrary code.", "cvss3": {}, "published": "2022-08-18T00:00:00", "type": "cnvd", "title": "Apple OS out-of-bounds write vulnerability", "bulletinFamily": "cnvd", "cvss2": {}, "cvelist": ["CVE-2022-32894"], "modified": "2022-08-21T00:00:00", "id": "CNVD-2022-58457", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-58457", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-11T23:54:57", "description": "Vim is a cross-platform text editor. buffer overflow vulnerability exists in versions of Vim prior to 8.2.4956, which stems from a boundary error in the grab_file_name function when handling untrusted input. A remote attacker could exploit this vulnerability in causing out-of-bounds reads.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-22T00:00:00", "type": "cnvd", "title": "Vim Buffer Overflow Vulnerability (CNVD-2022-68098)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1720"], "modified": "2022-10-11T00:00:00", "id": "CNVD-2022-68098", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-68098", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redos": [{"lastseen": "2023-09-09T12:25:38", "description": "Vim text editor vulnerability is related to boundary conditions in textobject.c. Exploitation\r\n The vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause a read error outside the boundaries, and read the memory contents.\r\n victim to open it, cause an out-of-bounds read error, and read the contents of memory in the\r\n system\n\nVim text editor vulnerability is related to boundary conditions in normal.c. Exploitation of the vulnerability\r\n could allow an attacker acting remotely to create a special file, trick the victim into opening it, cause a read error outside the bounds, and read the contents of memory.\r\n to open it, cause a read error outside of the boundary conditions, and read the contents of memory on the system\n\nVim text editor vulnerability is related to boundary conditions in indent.c. Exploitation of the vulnerability\r\n could allow an attacker acting remotely to create a special file, trick the victim into\r\n open it, cause a read error outside the boundary conditions, and read the memory contents on the system\n\nThe Vim text editor vulnerability is related to a boundary error in edit.c. Exploitation of the vulnerability could\r\n allow an attacker acting remotely to create a special file, trick the victim into opening it, cause a buffer overflow.\r\n it, cause a heap buffer overflow, and execute arbitrary code on the target system\n\nVim text editor vulnerability is related to a boundary error in register.c. Exploitation of the vulnerability\r\n could allow a remote attacker to create a special file, trick the victim into opening it, cause a heap buffer overflow, and execute arbitrary code.\r\n open it, cause a heap buffer overflow, and execute arbitrary code on the target system\n\nVim text editor vulnerability is related to boundary conditions in term.c. Exploiting the vulnerability\r\n could allow an attacker acting remotely to create a special file, trick the victim into opening it, and cause a read error outside the boundary.\r\n open it, cause a read error outside of the boundary conditions, and read the memory contents on the system\n\nA vulnerability in the Vim text editor is related to a NULL pointer dereference error in diff.c.\r\n Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial-of-service (DoS) attack.\r\n denial of service (DoS) attack\n\nVim text editor vulnerability is related to boundary conditions in spellsuggest.c. Exploitation\r\n the vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause the bug to be exploited.\r\n victim to open it, cause a read error outside of the boundary conditions, and read the memory contents into the\r\n system\n\nThe Vim text editor vulnerability is related to a boundary error in indent.c. Exploitation of the vulnerability\r\n could allow an attacker acting remotely to create a special file, trick the victim into opening it, cause a buffer overflow.\r\n open it, cause a heap buffer overflow, and execute arbitrary code on the target system\n\nVim text editor vulnerability is related to boundary conditions in ex_getln.c. Exploitation of the vulnerability\r\n could allow an attacker acting remotely to create a special file, trick the victim into opening it, and cause a read error outside the boundary.\r\n to open it, cause a read error outside of the boundary conditions, and read the contents of memory on the system\n\nVim text editor vulnerability is related to a boundary error in ex_docmd.c. Exploitation of the vulnerability\r\n could allow an attacker acting remotely to create a special file, trick the victim into opening it, cause a buffer overflow.\r\n open it, cause a heap buffer overflow, and execute arbitrary code on the target system\n\nThe Vim text editor vulnerability involves a boundary error when processing unreliable input data\r\n in diff.c. Exploitation of the vulnerability could allow an attacker acting remotely to create a special\r\n file, trick the victim into opening it, and initiate unauthorized writing and execution of arbitrary code on the target system.\r\n arbitrary code on the target system\n\nVim text editor vulnerability is related to a memory usage error in the spell.c file. Exploitation\r\n exploitation of the vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, and cause a bug.\r\n the victim to open it, cause a usage error upon release, and execute arbitrary\r\n code on the system\n\nThe Vim text editor vulnerability involves a boundary error in the processing of untrusted input data\r\n data in ex_docmd.c. Exploitation of the vulnerability could allow an attacker acting remotely to create a\r\n a special file, trick the victim into opening it, and initiate unauthorized writing and\r\n execution of arbitrary code on the target system\n\nVim text editor vulnerability is related to a boundary error in buffer.c. Exploitation of the vulnerability\r\n could allow a remote attacker to create a special file, trick the victim into opening it, and cause a buffer overflow.\r\n open it, cause a heap buffer overflow, and execute arbitrary code on the target system", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-07-01T00:00:00", "type": "redos", "title": "ROS-20220701-01", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1720", "CVE-2022-1886", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210"], "modified": "2022-07-01T00:00:00", "id": "ROS-20220701-01", "href": "https://redos.red-soft.ru/support/secure/uyazvimosti/mnozhestvennye-uyazvimosti-vim/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2022-11-02T00:57:09", "description": "ncurses is vulnerable to denial of service. The vulnerability exists due to a heap-based buffer overflow.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-09T17:11:49", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39537"], "modified": "2022-10-31T05:45:28", "id": "VERACODE:33221", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33221/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-12T20:17:34", "description": "libtiff.so is vulnerable to denial of service attacks. The vulnerability exists in the `LZWDecode` function the `tif_lzw.c` which allows a malicious user to cause denial-of-service conditions via an out-of-bounds read through a crafted `tiff` file.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-12T03:58:27", "type": "veracode", "title": "Denial Of Service (DoS) ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1622"], "modified": "2022-11-08T16:44:33", "id": "VERACODE:35478", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-35478/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-14T20:09:55", "description": "vim is vulnerable to heap-based buffer overflow. The vulnerability exists because the `lisp indenting` does not check for NULL earlier which causes an overflow. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-07-04T01:21:52", "type": "veracode", "title": "Heap-based Buffer Overflow", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2125"], "modified": "2023-05-03T14:33:37", "id": "VERACODE:36243", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-36243/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T20:08:14", "description": "vim/vim is vulnerable to use-after-free. The vulnerability exists in skipwhite which allows an attacker to cause a memory exhaustion leading to an application crash.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-12T06:31:52", "type": "veracode", "title": "Use-After-Free", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2042"], "modified": "2023-05-03T14:38:00", "id": "VERACODE:36689", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-36689/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T20:09:35", "description": "vim is vulnerable to information disclosure. Buffer over-read in the `current_quote()` function allows local attackers to cause information disclosure.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-26T16:59:20", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2124"], "modified": "2023-05-03T14:35:59", "id": "VERACODE:36134", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-36134/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T20:09:33", "description": "vim is vulnerable to information disclosure. A buffer over-read in function `grab_file_name` is capable of crashing the software, memory modification, and possible remote execution.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-26T07:50:47", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1720"], "modified": "2023-05-03T14:38:52", "id": "VERACODE:36119", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-36119/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-14T20:10:09", "description": "vim is vulnerable to denial of service. The vulnerability exists due to the usage of invalid index when looking for spell suggestions which causes out-of-bound reads which then lead to an application crash. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-26T16:59:15", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2126"], "modified": "2023-05-03T14:38:45", "id": "VERACODE:36133", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-36133/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T20:08:14", "description": "vim:sid is vulnerable to denial of service. The vulnerability exists due to an out-of-bounds write in GitHub repository.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-12T07:12:39", "type": "veracode", "title": "Out-of-bounds Write", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2000"], "modified": "2023-05-03T14:38:02", "id": "VERACODE:36690", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-36690/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cisa_kev": [{"lastseen": "2023-07-21T17:22:44", "description": "Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-18T00:00:00", "type": "cisa_kev", "title": "Apple iOS and macOS Out-of-Bounds Write Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32894"], "modified": "2022-08-18T00:00:00", "id": "CISA-KEV-CVE-2022-32894", "href": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-21T17:22:44", "description": "Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application may be able to execute code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T00:00:00", "type": "cisa_kev", "title": "Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32917"], "modified": "2022-09-14T00:00:00", "id": "CISA-KEV-CVE-2022-32917", "href": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "attackerkb": [{"lastseen": "2023-07-31T21:02:40", "description": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-24T00:00:00", "type": "attackerkb", "title": "CVE-2022-32894", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32894"], "modified": "2022-11-03T00:00:00", "id": "AKB:A0C8E5E1-E212-4D46-97F4-2C5A5F8F05F2", "href": "https://attackerkb.com/topics/dGRSfxvIvH/cve-2022-32894", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-08T20:23:01", "description": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..\n\n \n**Recent assessments:** \n \nAssessed Attacker Value: 0 \nAssessed Attacker Value: 0Assessed Attacker Value: 0\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-20T00:00:00", "type": "attackerkb", "title": "CVE-2022-32917", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32917"], "modified": "2022-11-03T00:00:00", "id": "AKB:768DA55B-E20A-49F0-AC15-CC1F4DC65DAC", "href": "https://attackerkb.com/topics/yiE2JRds8E/cve-2022-32917", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2023-09-23T12:33:02", "description": "The ncurses package (tic) is susceptible to a heap overflow on crafted input. When the terminfo entry-description compiler processes input, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is system availability.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-22T19:10:18", "type": "redhatcve", "title": "CVE-2021-39537", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-39537"], "modified": "2023-09-22T23:59:54", "id": "RH:CVE-2021-39537", "href": "https://access.redhat.com/security/cve/cve-2021-39537", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-07T16:10:02", "description": "A vulnerability was found in webkitgtk, where an out-of-bounds read was addressed with improved bounds checking. Processing maliciously crafted web content may lead to arbitrary code execution.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-07T04:25:56", "type": "redhatcve", "title": "CVE-2022-32888", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-32888"], "modified": "2023-05-16T12:32:53", "id": "RH:CVE-2022-32888", "href": "https://access.redhat.com/security/cve/cve-2022-32888", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T15:23:38", "description": "An out-of-bounds read vulnerability was found in Libtiff's LZWDecode() function in libtiff/tif_lzw.c. This flaw allows an attacker to perform a denial-of-service attack via a crafted tiff file, leading to the application crashing.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-11T19:08:20", "type": "redhatcve", "title": "CVE-2022-1622", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1622"], "modified": "2023-04-06T08:20:22", "id": "RH:CVE-2022-1622", "href": "https://access.redhat.com/security/cve/cve-2022-1622", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-07-08T02:20:29", "description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-21T10:03:49", "type": "redhatcve", "title": "CVE-2022-2125", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2125"], "modified": "2023-07-08T02:06:34", "id": "RH:CVE-2022-2125", "href": "https://access.redhat.com/security/cve/cve-2022-2125", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-08T02:20:32", "description": "A heap use-after-free vulnerability was found in Vim's skipwhite() function of the src/charset.c file. This flaw occurs because of an uninitialized attribute value and freed memory in the spell command. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to crash and corrupt memory.\n#### Mitigation\n\nUntrusted vim scripts with -s [scriptin] are not recommended to run. \n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-16T13:59:19", "type": "redhatcve", "title": "CVE-2022-2042", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2042"], "modified": "2023-07-08T02:06:23", "id": "RH:CVE-2022-2042", "href": "https://access.redhat.com/security/cve/cve-2022-2042", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T15:23:35", "description": "A heap buffer over-read vulnerability was found in Vim's grab_file_name() function of the src/findfile.c file. This flaw occurs because the function reads after the NULL terminates the line with \"gf\" in Visual block mode. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer over-read vulnerability that causes an application to crash and corrupt memory.\n#### Mitigation\n\nUntrusted vim scripts with -s [scriptin] are not recommended to run. \n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-22T06:36:12", "type": "redhatcve", "title": "CVE-2022-1720", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-1720"], "modified": "2023-04-06T08:24:23", "id": "RH:CVE-2022-1720", "href": "https://access.redhat.com/security/cve/cve-2022-1720", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-08T02:20:29", "description": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-21T09:00:37", "type": "redhatcve", "title": "CVE-2022-2124", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2124"], "modified": "2023-07-08T02:06:25", "id": "RH:CVE-2022-2124", "href": "https://access.redhat.com/security/cve/cve-2022-2124", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-08T02:20:31", "description": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-06-21T10:29:27", "type": "redhatcve", "title": "CVE-2022-2126", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2126"], "modified": "2023-07-08T02:06:25", "id": "RH:CVE-2022-2126", "href": "https://access.redhat.com/security/cve/cve-2022-2126", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-17T15:23:14", "description": "An out-of-bounds write vulnerability was found in Vim's append_command() function of the src/ex_docmd.c file. This issue occurs when an error for a command goes over the end of IObuff. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer overflow that causes an application to crash and corrupt memory.\n#### Mitigation\n\nUntrusted vim scripts with -s [scriptin] are not recommended to run. \n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CV

About the security content of macOS Big Sur 11.7

Description

Affected Software

Related