Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-32076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior ...

5.5CVSS6AI score0.00241EPSS
Exploits0References3
Circl
Circl
added 2023/05/10 10:19 p.m.5 views

CVE-2023-32076

creationtimestamp| type| source ---|---|--- 2023-05-10 22:19:31+00:00| seen| https://t.me/cibsecurity/63827...

5.5CVSS5.4AI score0.00241EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2023/05/10 5:58 p.m.17 views

CVE-2023-32076

in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...

5.5CVSS5.7AI score0.00241EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/05/10 5:58 p.m.7 views

CVE-2023-32076 in-toto vulnerable to Configuration Read From Local Directory

in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...

5.5CVSS5.7AI score0.00241EPSS
Exploits0References4
CVE
CVE
added 2023/05/10 5:58 p.m.71 views

CVE-2023-32076

Summary of CVE-2023-32076 (in-toto) : The vulnerability affects in-toto up to version 1.4.0, where the framework reads configuration from XDG directories and includes the hidden file .in_totorc. If an attacker controls inputs to a supply chain step, they can inject a crafted .in_totorc with exclu...

5.5CVSS5.6AI score0.00241EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/05/10 5:58 p.m.23 views

CVE-2023-32076 in-toto vulnerable to Configuration Read From Local Directory

in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...

5.5CVSS5.8AI score0.00241EPSS
Exploits0References6
Rows per page
Query Builder