Published: 15/05/2023 Updated: 24/05/2023

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

DescriptionA flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an malicious user to edit options for console.log. This issue impacts the integrity by changing the log subsystem.A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an malicious user to edit options for console.log. This issue impacts the integrity by changing the log subsystem.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vm2 project vm2

Synopsis Critical: Multicluster Engine for Kubernetes 209 security fixes and container updates Type/Severity Security Advisory: Critical Topic Multicluster Engine for Kubernetes 209 General Availability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as having a security ...

Synopsis Critical: Multicluster Engine for Kubernetes 217 security fixes and container updates Type/Severity Security Advisory: Critical Topic Multicluster Engine for Kubernetes 217 General Availability release images, which address security issues and update container imagesRed Hat Product Security has rated this update as having a secu ...

Synopsis Critical: Red Hat Advanced Cluster Management 274 security fixes and container updates Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 274 GeneralAvailability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as h ...

Synopsis Critical: Multicluster Engine for Kubernetes 224 security fixes and container updates Type/Severity Security Advisory: Critical Topic Multicluster Engine for Kubernetes 224 General Availability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as having a security ...

Synopsis Critical: Red Hat Advanced Cluster Management 266 security fixes and container updates Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 266 GeneralAvailability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as h ...

Synopsis Critical: Red Hat Advanced Cluster Management 259 security fixes and container updates Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 259 GeneralAvailability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as h ...

DescriptionA flaw was found in the vm2 After making a vm, the inspect method is read-write for consolelog, which allows an attacker to edit options for consolelog This issue impacts the integrity by changing the log subsystemA flaw was found in the vm2 After making a vm, the inspect method is read-write for consolelog, which allows an ...

NVD-CWE-noinfo https://github.com/patriksimek/vm2/commit/5206ba25afd86ef547a2c9d48d46ca7a9e6ec238 https://gist.github.com/arkark/c1c57eaf3e0a649af1a70c2b93b17550 https://github.com/patriksimek/vm2/releases/tag/3.9.18 https://github.com/patriksimek/vm2/security/advisories/GHSA-p5gc-c584-jj6v https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2023:3353 https://access.redhat.com/security/cve/cve-2023-32313

CVE-2023-32313

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect