6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-32076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior ...
CVE-2023-32076
creationtimestamp| type| source ---|---|--- 2023-05-10 22:19:31+00:00| seen| https://t.me/cibsecurity/63827...
CVE-2023-32076
in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...
CVE-2023-32076 in-toto vulnerable to Configuration Read From Local Directory
in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...
CVE-2023-32076
Summary of CVE-2023-32076 (in-toto) : The vulnerability affects in-toto up to version 1.4.0, where the framework reads configuration from XDG directories and includes the hidden file .in_totorc. If an attacker controls inputs to a supply chain step, they can inject a crafted .in_totorc with exclu...
CVE-2023-32076 in-toto vulnerable to Configuration Read From Local Directory
in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...