WID-SEC-W-2023-2305
Vulnerability from csaf_certbund - Published: 2023-09-11 22:00 - Updated: 2025-01-14 23:00Summary
Google Chrome / Microsoft Edge: Schwachstelle ermöglicht Codeausführung
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Chrome ist ein Internet-Browser von Google.
Edge ist ein Internet-Browser von Microsoft.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Google Chrome / Microsoft Edge ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Windows
Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Dieser Fehler besteht in der WebP-Komponente aufgrund eines Heap-Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuführen, indem er einen Benutzer zum Besuch einer bösartigen Website verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
WatchGuard Firebox
WatchGuard
|
cpe:/a:watchguard:firebox:-
|
— | |
|
Fortinet FortiClient Mac <7.2.5
Fortinet / FortiClient
|
Mac <7.2.5 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Fortinet FortiClient Mac <7.4.0
Fortinet / FortiClient
|
Mac <7.4.0 | ||
|
Fortinet FortiClient Linux <7.2.5
Fortinet / FortiClient
|
Linux <7.2.5 | ||
|
Fortinet FortiClient Linux <7.4.0
Fortinet / FortiClient
|
Linux <7.4.0 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Fortinet FortiClient EMS <7.0.10
Fortinet / FortiClient
|
EMS <7.0.10 | ||
|
Google Chrome <116.0.5845.188
Google / Chrome
|
<116.0.5845.188 | ||
|
Fortinet FortiClient EMS <7.2.2
Fortinet / FortiClient
|
EMS <7.2.2 | ||
|
Google Chrome <116.0.5845.187
Google / Chrome
|
<116.0.5845.187 | ||
|
HP LaserJet
HP
|
cpe:/h:hp:laserjet:-
|
— | |
|
Open Source LibreOffice <7.5.7
Open Source / LibreOffice
|
<7.5.7 | ||
|
Open Source LibreOffice <7.6.2
Open Source / LibreOffice
|
<7.6.2 | ||
|
Open Source Kibana <7.17.14
Open Source / Kibana
|
<7.17.14 | ||
|
Open Source Kibana <8.10.3
Open Source / Kibana
|
<8.10.3 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Fortinet FortiClient Windows <7.0.10
Fortinet / FortiClient
|
Windows <7.0.10 | ||
|
Fortinet FortiClient Windows <7.2.3
Fortinet / FortiClient
|
Windows <7.2.3 | ||
|
Microsoft Edge <116.0.1938.81
Microsoft / Edge
|
<116.0.1938.81 | ||
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere
|
— |
Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Dieser Fehler besteht in der WebP-Komponente aufgrund eines Heap-Pufferüberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuführen, indem er einen Benutzer zum Besuch einer bösartigen Website verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
WatchGuard Firebox
WatchGuard
|
cpe:/a:watchguard:firebox:-
|
— | |
|
Fortinet FortiClient Mac <7.2.5
Fortinet / FortiClient
|
Mac <7.2.5 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Fortinet FortiClient Mac <7.4.0
Fortinet / FortiClient
|
Mac <7.4.0 | ||
|
Fortinet FortiClient Linux <7.2.5
Fortinet / FortiClient
|
Linux <7.2.5 | ||
|
Fortinet FortiClient Linux <7.4.0
Fortinet / FortiClient
|
Linux <7.4.0 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Fortinet FortiClient EMS <7.0.10
Fortinet / FortiClient
|
EMS <7.0.10 | ||
|
Google Chrome <116.0.5845.188
Google / Chrome
|
<116.0.5845.188 | ||
|
Fortinet FortiClient EMS <7.2.2
Fortinet / FortiClient
|
EMS <7.2.2 | ||
|
Google Chrome <116.0.5845.187
Google / Chrome
|
<116.0.5845.187 | ||
|
HP LaserJet
HP
|
cpe:/h:hp:laserjet:-
|
— | |
|
Open Source LibreOffice <7.5.7
Open Source / LibreOffice
|
<7.5.7 | ||
|
Open Source LibreOffice <7.6.2
Open Source / LibreOffice
|
<7.6.2 | ||
|
Open Source Kibana <7.17.14
Open Source / Kibana
|
<7.17.14 | ||
|
Open Source Kibana <8.10.3
Open Source / Kibana
|
<8.10.3 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Fortinet FortiClient Windows <7.0.10
Fortinet / FortiClient
|
Windows <7.0.10 | ||
|
Fortinet FortiClient Windows <7.2.3
Fortinet / FortiClient
|
Windows <7.2.3 | ||
|
Microsoft Edge <116.0.1938.81
Microsoft / Edge
|
<116.0.1938.81 | ||
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere
|
— |
References
52 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Chrome ist ein Internet-Browser von Google.\r\nEdge ist ein Internet-Browser von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Google Chrome / Microsoft Edge ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2305 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2305.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2305 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2305"
},
{
"category": "external",
"summary": "Google Chrome Stable Channel Update for Desktop vom 2023-09-11",
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheiztsupdates vom 2023-09-12",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D5FAEDE1D6 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d5faede1d6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-F8319BD876 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-f8319bd876"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C4FA8A204D vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c4fa8a204d"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3388038193 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3388038193"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-509640A8A6 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-509640a8a6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-788F9BBB3F vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-788f9bbb3f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-32FA4259F4 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-32fa4259f4"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-9A6FD7A504 vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-9a6fd7a504"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3D1935DC6A vom 2023-09-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3d1935dc6a"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-EA08732E6A vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-ea08732e6a"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D58A84DDA8 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d58a84dda8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-0DE0929147 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0de0929147"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-C66924CB92 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-c66924cb92"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-54433BC31F vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-54433bc31f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-3BFB63F6D2 vom 2023-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-3bfb63f6d2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5185 vom 2023-09-18",
"url": "https://access.redhat.com/errata/RHSA-2023:5185"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-0DF1F37A48 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0df1f37a48"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-A33B8C01E7 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-a33b8c01e7"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-05DC047BF8 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-05dc047bf8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-79B0154754 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-79b0154754"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-B427F54E68 vom 2023-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-b427f54e68"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5222 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5222"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5214 vom 2023-09-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5214"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5309 vom 2023-09-20",
"url": "https://access.redhat.com/errata/RHSA-2023:5309"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5309 vom 2023-09-20",
"url": "https://linux.oracle.com/errata/ELSA-2023-5309.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-5214 vom 2023-09-20",
"url": "http://linux.oracle.com/errata/ELSA-2023-5214.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-DA064561FA vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-da064561fa"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-9ABC3565B5 vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-9abc3565b5"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-09CC239FE3 vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-09cc239fe3"
},
{
"category": "external",
"summary": "Important release of LibreOffice",
"url": "https://blog.documentfoundation.org/blog/2023/09/26/lo-762-and-lo-757/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6369-2 vom 2023-09-28",
"url": "https://ubuntu.com/security/notices/USN-6369-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3829-1 vom 2023-09-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016363.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-E692A72898 vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-e692a72898"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-9108CDA47C vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-9108cda47c"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-2A0668FE43 vom 2023-09-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-2a0668fe43"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-CCA1F87440 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-cca1f87440"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-0CD03C3746 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0cd03c3746"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C890266D3F vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c890266d3f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-D66A01AD4F vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d66a01ad4f"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-8F3E1B6F78 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8f3e1b6f78"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-EDC9C74369 vom 2023-09-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-edc9c74369"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20230929-0011 vom 2023-09-29",
"url": "https://security.netapp.com/advisory/ntap-20230929-0011/"
},
{
"category": "external",
"summary": "Elastic Security Announcement ESA-2023-19 vom 2023-10-10",
"url": "https://discuss.elastic.co/t/kibana-8-10-3-7-17-14-security-update/344735"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2290 vom 2023-10-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2290.html"
},
{
"category": "external",
"summary": "WatchGuard Security Advisory WGSA-2023-00008 vom 2023-11-01",
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00008"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-396 vom 2023-12-06",
"url": "https://www.dell.com/support/kbdoc/000218770/dsa-2023-="
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBPI03916 vom 2024-02-13",
"url": "https://support.hp.com/us-en/document/ish_10173649-10204798-16/HPSBPI03916"
},
{
"category": "external",
"summary": "FortiGuard Labs PSIRT Advisory FG-IR-23-381 vom 2025-01-14",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-381"
}
],
"source_lang": "en-US",
"title": "Google Chrome / Microsoft Edge: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-01-14T23:00:00.000+00:00",
"generator": {
"date": "2025-01-15T09:22:46.217+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2023-2305",
"initial_release_date": "2023-09-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-09-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-09-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-09-13T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-17T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-18T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat und Fedora aufgenommen"
},
{
"date": "2023-09-20T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2023-09-24T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-26T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-09-27T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Ubuntu und SUSE aufgenommen"
},
{
"date": "2023-09-28T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-01T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Fedora und NetApp aufgenommen"
},
{
"date": "2023-10-10T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Elastic aufgenommen"
},
{
"date": "2023-10-19T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-11-01T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von WatchGuard aufgenommen"
},
{
"date": "2023-12-05T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-02-20T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Fortinet aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Windows \u003c7.2.3",
"product": {
"name": "Fortinet FortiClient Windows \u003c7.2.3",
"product_id": "T040204"
}
},
{
"category": "product_version",
"name": "Windows 7.2.3",
"product": {
"name": "Fortinet FortiClient Windows 7.2.3",
"product_id": "T040204-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:windows__7.2.3"
}
}
},
{
"category": "product_version_range",
"name": "Windows \u003c7.0.10",
"product": {
"name": "Fortinet FortiClient Windows \u003c7.0.10",
"product_id": "T040205"
}
},
{
"category": "product_version",
"name": "Windows 7.0.10",
"product": {
"name": "Fortinet FortiClient Windows 7.0.10",
"product_id": "T040205-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:windows__7.0.10"
}
}
},
{
"category": "product_version_range",
"name": "Linux \u003c7.4.0",
"product": {
"name": "Fortinet FortiClient Linux \u003c7.4.0",
"product_id": "T040206"
}
},
{
"category": "product_version",
"name": "Linux 7.4.0",
"product": {
"name": "Fortinet FortiClient Linux 7.4.0",
"product_id": "T040206-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:linux__7.4.0"
}
}
},
{
"category": "product_version_range",
"name": "Linux \u003c7.2.5",
"product": {
"name": "Fortinet FortiClient Linux \u003c7.2.5",
"product_id": "T040207"
}
},
{
"category": "product_version",
"name": "Linux 7.2.5",
"product": {
"name": "Fortinet FortiClient Linux 7.2.5",
"product_id": "T040207-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:linux__7.2.5"
}
}
},
{
"category": "product_version_range",
"name": "Mac \u003c7.4.0",
"product": {
"name": "Fortinet FortiClient Mac \u003c7.4.0",
"product_id": "T040208"
}
},
{
"category": "product_version",
"name": "Mac 7.4.0",
"product": {
"name": "Fortinet FortiClient Mac 7.4.0",
"product_id": "T040208-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:mac__7.4.0"
}
}
},
{
"category": "product_version_range",
"name": "Mac \u003c7.2.5",
"product": {
"name": "Fortinet FortiClient Mac \u003c7.2.5",
"product_id": "T040209"
}
},
{
"category": "product_version",
"name": "Mac 7.2.5",
"product": {
"name": "Fortinet FortiClient Mac 7.2.5",
"product_id": "T040209-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:mac__7.2.5"
}
}
},
{
"category": "product_version_range",
"name": "EMS \u003c7.2.2",
"product": {
"name": "Fortinet FortiClient EMS \u003c7.2.2",
"product_id": "T040210"
}
},
{
"category": "product_version",
"name": "EMS 7.2.2",
"product": {
"name": "Fortinet FortiClient EMS 7.2.2",
"product_id": "T040210-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:ems__7.2.2"
}
}
},
{
"category": "product_version_range",
"name": "EMS \u003c7.0.10",
"product": {
"name": "Fortinet FortiClient EMS \u003c7.0.10",
"product_id": "T040211"
}
},
{
"category": "product_version",
"name": "EMS 7.0.10",
"product": {
"name": "Fortinet FortiClient EMS 7.0.10",
"product_id": "T040211-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:fortinet:forticlient:ems__7.0.10"
}
}
}
],
"category": "product_name",
"name": "FortiClient"
}
],
"category": "vendor",
"name": "Fortinet"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c116.0.5845.187",
"product": {
"name": "Google Chrome \u003c116.0.5845.187",
"product_id": "T029774"
}
},
{
"category": "product_version",
"name": "116.0.5845.187",
"product": {
"name": "Google Chrome 116.0.5845.187",
"product_id": "T029774-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:google:chrome:116.0.5845.187"
}
}
},
{
"category": "product_version_range",
"name": "\u003c116.0.5845.188",
"product": {
"name": "Google Chrome \u003c116.0.5845.188",
"product_id": "T029775"
}
},
{
"category": "product_version",
"name": "116.0.5845.188",
"product": {
"name": "Google Chrome 116.0.5845.188",
"product_id": "T029775-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:google:chrome:116.0.5845.188"
}
}
}
],
"category": "product_name",
"name": "Chrome"
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"category": "product_name",
"name": "HP LaserJet",
"product": {
"name": "HP LaserJet",
"product_id": "T029061",
"product_identification_helper": {
"cpe": "cpe:/h:hp:laserjet:-"
}
}
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c116.0.1938.81",
"product": {
"name": "Microsoft Edge \u003c116.0.1938.81",
"product_id": "T029787"
}
},
{
"category": "product_version",
"name": "116.0.1938.81",
"product": {
"name": "Microsoft Edge 116.0.1938.81",
"product_id": "T029787-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:edge:116.0.1938.81"
}
}
}
],
"category": "product_name",
"name": "Edge"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T026333",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:vmware_vsphere"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.10.3",
"product": {
"name": "Open Source Kibana \u003c8.10.3",
"product_id": "T030371"
}
},
{
"category": "product_version",
"name": "8.10.3",
"product": {
"name": "Open Source Kibana 8.10.3",
"product_id": "T030371-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:kibana:8.10.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.17.14",
"product": {
"name": "Open Source Kibana \u003c7.17.14",
"product_id": "T030372"
}
},
{
"category": "product_version",
"name": "7.17.14",
"product": {
"name": "Open Source Kibana 7.17.14",
"product_id": "T030372-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:kibana:7.17.14"
}
}
}
],
"category": "product_name",
"name": "Kibana"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.6.2",
"product": {
"name": "Open Source LibreOffice \u003c7.6.2",
"product_id": "T030072"
}
},
{
"category": "product_version",
"name": "7.6.2",
"product": {
"name": "Open Source LibreOffice 7.6.2",
"product_id": "T030072-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:libreoffice:libreoffice:7.6.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.7",
"product": {
"name": "Open Source LibreOffice \u003c7.5.7",
"product_id": "T030073"
}
},
{
"category": "product_version",
"name": "7.5.7",
"product": {
"name": "Open Source LibreOffice 7.5.7",
"product_id": "T030073-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:libreoffice:libreoffice:7.5.7"
}
}
}
],
"category": "product_name",
"name": "LibreOffice"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "WatchGuard Firebox",
"product": {
"name": "WatchGuard Firebox",
"product_id": "T030882",
"product_identification_helper": {
"cpe": "cpe:/a:watchguard:firebox:-"
}
}
}
],
"category": "vendor",
"name": "WatchGuard"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4863",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Dieser Fehler besteht in der WebP-Komponente aufgrund eines Heap-Puffer\u00fcberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuf\u00fchren, indem er einen Benutzer zum Besuch einer b\u00f6sartigen Website verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T006498",
"T030882",
"T040209",
"67646",
"T040208",
"T040207",
"T040206",
"T004914",
"398363",
"T040211",
"T029775",
"T040210",
"T029774",
"T029061",
"T030073",
"T030072",
"T030372",
"T030371",
"74185",
"T002207",
"T000126",
"T040205",
"T040204",
"T029787",
"T026333"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-5129",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Dieser Fehler besteht in der WebP-Komponente aufgrund eines Heap-Puffer\u00fcberlaufs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuf\u00fchren, indem er einen Benutzer zum Besuch einer b\u00f6sartigen Website verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T006498",
"T030882",
"T040209",
"67646",
"T040208",
"T040207",
"T040206",
"T004914",
"398363",
"T040211",
"T029775",
"T040210",
"T029774",
"T029061",
"T030073",
"T030072",
"T030372",
"T030371",
"74185",
"T002207",
"T000126",
"T040205",
"T040204",
"T029787",
"T026333"
]
},
"release_date": "2023-09-11T22:00:00.000+00:00",
"title": "CVE-2023-5129"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…