CVE-2023-28322 – curl: more POST-after-PUT confusion
https://notcve.org/view.php?id=CVE-2023-28322
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. A use-after-free flaw was found in the Curl package. This issue may lead to unintended information disclosure by the application. • http://seclists.org/fulldisclosure/2023/Jul/47 http://seclists.org/fulldisclosure/2023/Jul/48 http://seclists.org/fulldisclosure/2023/Jul/52 https://hackerone.com/reports/1954658 https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK https://security.gentoo • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-440: Expected Behavior Violation •
CVE-2023-1763
https://notcve.org/view.php?id=CVE-2023-1763
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the software. • https://psirt.canon/advisory-information/cp2023-002 https://psirt.canon/hardening • CWE-522: Insufficiently Protected Credentials CWE-549: Missing Password Field Masking •
CVE-2023-1764
https://notcve.org/view.php?id=CVE-2023-1764
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the communication of the software. • https://psirt.canon/advisory-information/cp2023-002 https://psirt.canon/hardening • CWE-326: Inadequate Encryption Strength •
CVE-2023-30774 – libtiff: heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value
https://notcve.org/view.php?id=CVE-2023-30774
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. • http://seclists.org/fulldisclosure/2023/Oct/24 https://access.redhat.com/security/cve/CVE-2023-30774 https://bugzilla.redhat.com/show_bug.cgi?id=2187139 https://gitlab.com/libtiff/libtiff/-/issues/463 https://security.netapp.com/advisory/ntap-20230703-0002 https://support.apple.com/kb/HT213984 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2023-27934
https://notcve.org/view.php?id=CVE-2023-27934
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. • https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213677 • CWE-665: Improper Initialization •