{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-08T01:14:20.590","vulnerabilities":[{"cve":{"id":"CVE-2023-4641","sourceIdentifier":"secalert@redhat.com","published":"2023-12-27T16:15:13.363","lastModified":"2025-11-03T20:16:05.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory."},{"lang":"es","value":"Se encontró una falla en Shadow-Utils. Al solicitar una nueva contraseña, Shadow-Utils la solicita dos veces. Si la contraseña falla en el segundo intento, Shadow-Utils no logra limpiar el búfer utilizado para almacenar la primera entrada. Esto puede permitir que un atacante con suficiente acceso recupere la contraseña de la memoria."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-303"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:shadow-maint:shadow-utils:*:*:*:*:*:*:*:*","versionEndExcluding":"4.14.0","matchCriteriaId":"484C918F-130D-4D52-85EF-F7DCD276CC36"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*","matchCriteriaId":"93A089E2-D66E-455C-969A-3140D991BAF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*","matchCriteriaId":"2ABBAA9E-CCBA-480B-ABB5-454448D91262"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"D206176C-6B2B-4BED-A3A2-AE39A41CB3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"910C9542-26FC-4635-9351-128727971830"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"55CF7208-4D36-4C35-92BC-F6EA2C8DEDE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"CA3C5EAE-267F-410F-8AFA-8F5B68A9E617"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"F791F846-7762-40E0-9056-032FD10F2046"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"7B3D7389-35C1-48C4-A9EC-2564842723C4"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*","matchCriteriaId":"3F797F2E-00E6-4D03-A94E-524227529A0A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0:*:*:*:*:*:*:*","matchCriteriaId":"6B528C5D-0F72-4685-8516-257597E94AE4"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"32AF225E-94C0-4D07-900C-DD868C05F554"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"FB056B47-1F45-4CE4-81F6-872F66C24C29"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"23D471AC-7DCA-4425-AD91-E5D928753A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2023:6632","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2023:7112","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0417","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:2577","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2023-4641","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215945","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://access.redhat.com/errata/RHSA-2023:6632","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2023:7112","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0417","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:2577","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/security/cve/CVE-2023-4641","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215945","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}