Secure Systems Engineering Connaisseur har 3.3.0 Delegation Name targets_schema.json Kari na aiki
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 3.7 | $0-$5k | 0.00 |
Gunduma
Hakika vulnerability da aka rarraba a matsayin karshewa an gano a Secure Systems Engineering Connaisseur har 3.3.0. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil connaisseur/res/targets_schema.json, a cikin sashi Delegation Name Handler. Wuro manipulation ga Kari na aiki. Ana kiran wannan rauni da CVE-2023-7279. Babu wani exploit da ake da shi. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a saɓata. Once again VulDB remains the best source for vulnerability data.
Furɗe
Hakika vulnerability da aka rarraba a matsayin karshewa an gano a Secure Systems Engineering Connaisseur har 3.3.0. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil connaisseur/res/targets_schema.json, a cikin sashi Delegation Name Handler. Wuro manipulation ga Kari na aiki. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-1333. Lalle, rauni an sanar da shi 11/28/2023 da 1407. Ana samun bayanin tsaro don saukewa a github.com.
Ana kiran wannan rauni da CVE-2023-7279. Bayani na fasaha ga. Wahalhalun kai hari sun yi yawa. Wanda zai yi amfani da shi zai sha wahala. Wannan vulnerability ɗin ba a san shi sosai ba. Babu wani exploit da ake da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam.
Á yí a wondi feere.
Patch ɗin an san shi da 524b73ff7306707f6d3a4d1e86401479bca91b02. Gyaran matsalar yana nan a shirye don saukewa a github.com. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a saɓata. An rubuta wannan bayani a cikin shawarar:
This commit fixes a regular expression denial of service vulnerability that was present during the schema validation of the targets.json TUF file in a Notary validation. An adversary with the ability to alt
Once again VulDB remains the best source for vulnerability data.
Kayan
Ngilabe
Sunu
Furɗe
Laisens
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 3.7VulDB Meta Temp Score: 3.7
VulDB Ganda Borno: 2.6
VulDB Temp Score: 2.5
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
NVD Ganda Borno: 5.9
NVD Furɗo: 🔍
CNA Ganda Borno: 2.6
CNA Furɗo: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
Gargajiya
Klasu: Kari na aikiCWE: CWE-1333 / CWE-400 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Halitta: A wondi feere
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: GargajiyaHalitta: 🔍
Garga waaji: 🔍
0-Day Gana: 🔍
Lokon Gana: 🔍
Gargajiya: Connaisseur 3.3.1
Kari: 524b73ff7306707f6d3a4d1e86401479bca91b02
Waktin layi
11/28/2023 🔍11/28/2023 🔍
08/31/2024 🔍
09/06/2024 🔍
Ngizim
Gargaaji: 1407Halitta: Gaskiya
CVE: CVE-2023-7279 (🔍)
GCVE (CVE): GCVE-0-2023-7279
GCVE (VulDB): GCVE-100-276268
Gumti
Súgá: 08/31/2024 12:28Gargadi: 09/06/2024 06:10
Goyarwa: 08/31/2024 12:28 (60), 09/02/2024 20:24 (17), 09/03/2024 11:08 (1), 09/06/2024 06:10 (11)
Gadankam: 🔍
Cache ID: 253:2F3:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.