CVE-2023-0793
published 2023-02-12CVE-2023-0793: Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
PriorityP342high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.71%
48.7th percentile
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpmyfaq | phpmyfaq | < 3.1.11 | 3.1.11 |
| thorsten | phpmyfaq | >= 0 < 3.1.11 | 3.1.11 |
| thorsten | thorsten_phpmyfaq | >= unspecified < 3.1.11 | 3.1.11 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Weak Password Requirements in thorsten/phpmyfaq
osv·2023-02-12
CVE-2023-0793 [HIGH] Weak Password Requirements in thorsten/phpmyfaq
Weak Password Requirements in thorsten/phpmyfaq
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
GHSA
Weak Password Requirements in thorsten/phpmyfaq
ghsa·2023-02-12
CVE-2023-0793 [HIGH] CWE-521 Weak Password Requirements in thorsten/phpmyfaq
Weak Password Requirements in thorsten/phpmyfaq
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2023-6481 logback: A serialization vulnerability in logback receiver
bugzilla·2023-12-05·CVSS 7.5
CVE-2023-6481 [HIGH] CVE-2023-6481 logback: A serialization vulnerability in logback receiver
CVE-2023-6481 logback: A serialization vulnerability in logback receiver
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
https://logback.qos.ch/news.html#1.3.12
https://logback.qos.ch/news.html#1.3.14
Discussion:
Created picocli tracking bugs for this issue:
Affects: fedora-all [bug 2252957]
---
This issue has been addressed in the following products:
RHINT Camel-Springboot 4.0.3
Via RHSA-2024:0793 https://access.redhat.com/errata/RHSA-2024:0793
---
This issue has been addressed in the following products:
RHOSS-1.31-RHEL-8
Via RHSA-2024:0843 https://access.redhat.com/errata/RHSA-2024:0843
---
This issue has been addressed in the follo
Bugzilla
CVE-2023-6378 logback: serialization vulnerability in logback receiver
bugzilla·2023-11-30·CVSS 7.5
CVE-2023-6378 [HIGH] CVE-2023-6378 logback: serialization vulnerability in logback receiver
CVE-2023-6378 logback: serialization vulnerability in logback receiver
A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
https://logback.qos.ch/news.html#1.3.12
Discussion:
Created picocli tracking bugs for this issue:
Affects: fedora-all [bug 2252951]
---
This issue has been addressed in the following products:
RHINT Camel-Springboot 4.0.3
Via RHSA-2024:0793 https://access.redhat.com/errata/RHSA-2024:0793
---
This issue has been addressed in the following products:
Red Hat JBoss AMQ
Via RHSA-2024:2945 https://access.redhat.com/errata/RHSA-2024:2945
---
This issue has been addressed in the following products:
Red Hat Fuse 7.13.0
Via RHSA-2024:3354 https
2023-02-12
Published