{"api_version":"1","generated_at":"2026-04-15T17:19:56+00:00","cve":"CVE-2023-22809","urls":{"html":"https://cve.report/CVE-2023-22809","api":"https://cve.report/api/cve/CVE-2023-22809.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-22809","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-22809"},"summary":{"title":"CVE-2023-22809","description":"In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a \"--\" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-01-18 17:15:00","updated_at":"2023-11-17 19:32:00"},"problem_types":["CWE-269"],"metrics":[],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00012.html","name":"[debian-lts-announce] 20230118 [SECURITY] [DLA 3272-1] sudo security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3272-1] sudo security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QDGFCGAV5QRJCE6IXRXIS4XJHS57DDH/","name":"FEDORA-2023-9078f609e6","refsource":"","tags":[],"title":"[SECURITY] Fedora 37 Update: sudo-1.9.12-1.p2.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20230127-0015/","name":"https://security.netapp.com/advisory/ntap-20230127-0015/","refsource":"CONFIRM","tags":[],"title":"CVE-2023-22809 Sudo Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.sudo.ws/security/advisories/sudoedit_any/","name":"https://www.sudo.ws/security/advisories/sudoedit_any/","refsource":"CONFIRM","tags":[],"title":"Sudoedit can edit arbitrary files | Sudo","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html","name":"http://packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html","refsource":"MISC","tags":[],"title":"sudo 1.9.12p1 Privilege Escalation ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2023/01/19/1","name":"[oss-security] 20230119 CVE-2023-22809: Sudoedit can edit arbitrary files","refsource":"MLIST","tags":[],"title":"oss-security - CVE-2023-22809: Sudoedit can edit arbitrary files","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4YNBTTKTRT2ME3NTSXAPTOKYUE47XHZ/","name":"FEDORA-2023-298c136eee","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: sudo-1.9.12-2.p2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2QDGFCGAV5QRJCE6IXRXIS4XJHS57DDH/","name":"FEDORA-2023-9078f609e6","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: sudo-1.9.12-1.p2.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202305-12","name":"GLSA-202305-12","refsource":"GENTOO","tags":[],"title":"sudo: Root Privilege Escalation (GLSA 202305-12) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/172509/Sudoedit-Extra-Arguments-Privilege-Escalation.html","name":"http://packetstormsecurity.com/files/172509/Sudoedit-Extra-Arguments-Privilege-Escalation.html","refsource":"MISC","tags":[],"title":"Sudoedit Extra Arguments Privilege Escalation ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4YNBTTKTRT2ME3NTSXAPTOKYUE47XHZ/","name":"FEDORA-2023-298c136eee","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: sudo-1.9.12-2.p2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.com/files/174234/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Arbitrary-File-Modification.html","name":"http://packetstormsecurity.com/files/174234/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Arbitrary-File-Modification.html","refsource":"MISC","tags":[],"title":"Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf","name":"https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf","refsource":"MISC","tags":[],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213758","name":"https://support.apple.com/kb/HT213758","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Ventura 13.4 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Aug/21","name":"20230817 KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2023/dsa-5321","name":"DSA-5321","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5321-1 sudo","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-22809","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22809","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"22809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"22809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"22809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"22809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"22809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"22809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sudo_project","cpe5":"sudo","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"22809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sudo_project","cpe5":"sudo","cpe6":"1.9.12","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"22809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sudo_project","cpe5":"sudo","cpe6":"1.9.12","cpe7":"p1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-22809","qid":"160406","title":"Oracle Enterprise Linux Security Update for sudo (ELSA-2023-0284)"},{"cve":"CVE-2023-22809","qid":"160407","title":"Oracle Enterprise Linux Security Update for sudo (ELSA-2023-0282)"},{"cve":"CVE-2023-22809","qid":"160409","title":"Oracle Enterprise Linux Security Update for sudo (ELSA-2023-0291)"},{"cve":"CVE-2023-22809","qid":"160480","title":"Oracle Enterprise Linux Security Update for sudo (ELSA-2023-12143)"},{"cve":"CVE-2023-22809","qid":"181480","title":"Debian Security Update for sudo (DLA 3272-1)"},{"cve":"CVE-2023-22809","qid":"181482","title":"Debian Security Update for sudo (DSA 5321-1)"},{"cve":"CVE-2023-22809","qid":"182156","title":"Debian Security Update for sudo (CVE-2023-22809)"},{"cve":"CVE-2023-22809","qid":"199112","title":"Ubuntu Security Notification for Sudo Vulnerabilities (USN-5811-1)"},{"cve":"CVE-2023-22809","qid":"199475","title":"Ubuntu Security Notification for Sudo Vulnerability (USN-5811-3)"},{"cve":"CVE-2023-22809","qid":"199526","title":"Ubuntu Security Notification for Sudo Vulnerability (USN-5811-2)"},{"cve":"CVE-2023-22809","qid":"241081","title":"Red Hat Update for sudo (RHSA-2023:0284)"},{"cve":"CVE-2023-22809","qid":"241082","title":"Red Hat Update for sudo (RHSA-2023:0291)"},{"cve":"CVE-2023-22809","qid":"241083","title":"Red Hat Update for sudo (RHSA-2023:0282)"},{"cve":"CVE-2023-22809","qid":"241086","title":"Red Hat Update for sudo (RHSA-2023:0283)"},{"cve":"CVE-2023-22809","qid":"241088","title":"Red Hat Update for sudo (RHSA-2023:0281)"},{"cve":"CVE-2023-22809","qid":"241102","title":"Red Hat Update for sudo (RHSA-2023:0293)"},{"cve":"CVE-2023-22809","qid":"241599","title":"Red Hat Update for sudo (RHSA-2023:0292)"},{"cve":"CVE-2023-22809","qid":"241626","title":"Red Hat Update for sudo (RHSA-2023:3276)"},{"cve":"CVE-2023-22809","qid":"241669","title":"Red Hat Update for sudo (RHSA-2023:0280)"},{"cve":"CVE-2023-22809","qid":"257216","title":"CentOS Security Update for sudo (CESA-2023:0291)"},{"cve":"CVE-2023-22809","qid":"283623","title":"Fedora Security Update for sudo (FEDORA-2023-9078f609e6)"},{"cve":"CVE-2023-22809","qid":"283684","title":"Fedora Security Update for sudo (FEDORA-2023-298c136eee)"},{"cve":"CVE-2023-22809","qid":"354717","title":"Amazon Linux Security Advisory for sudo : ALAS-2023-1682"},{"cve":"CVE-2023-22809","qid":"354795","title":"Amazon Linux Security Advisory for sudo : ALAS2-2023-1985"},{"cve":"CVE-2023-22809","qid":"355060","title":"Amazon Linux Security Advisory for sudo : AL2012-2023-384"},{"cve":"CVE-2023-22809","qid":"355189","title":"Amazon Linux Security Advisory for sudo : ALAS2023-2023-106"},{"cve":"CVE-2023-22809","qid":"377949","title":"Alibaba Cloud Linux Security Update for sudo (ALINUX2-SA-2023:0004)"},{"cve":"CVE-2023-22809","qid":"377956","title":"Alibaba Cloud Linux Security Update for sudo (ALINUX3-SA-2023:0010)"},{"cve":"CVE-2023-22809","qid":"390274","title":"Oracle VM Server for x86 Security Update for sudo (OVMSA-2023-0003)"},{"cve":"CVE-2023-22809","qid":"502641","title":"Alpine Linux Security Update for sudo"},{"cve":"CVE-2023-22809","qid":"672748","title":"EulerOS Security Update for sudo (EulerOS-SA-2023-1484)"},{"cve":"CVE-2023-22809","qid":"672782","title":"EulerOS Security Update for sudo (EulerOS-SA-2023-1459)"},{"cve":"CVE-2023-22809","qid":"672812","title":"EulerOS Security Update for sudo (EulerOS-SA-2023-1541)"},{"cve":"CVE-2023-22809","qid":"672824","title":"EulerOS Security Update for sudo (EulerOS-SA-2023-1566)"},{"cve":"CVE-2023-22809","qid":"672873","title":"EulerOS Security Update for sudo (EulerOS-SA-2023-1611)"},{"cve":"CVE-2023-22809","qid":"672909","title":"EulerOS Security Update for sudo (EulerOS-SA-2023-1770)"},{"cve":"CVE-2023-22809","qid":"672957","title":"EulerOS Security Update for sudo (EulerOS-SA-2023-1792)"},{"cve":"CVE-2023-22809","qid":"673067","title":"EulerOS Security Update for sudo (EulerOS-SA-2023-2173)"},{"cve":"CVE-2023-22809","qid":"710720","title":"Gentoo Linux sudo Root Privilege Escalation Vulnerability (GLSA 202305-12)"},{"cve":"CVE-2023-22809","qid":"753539","title":"SUSE Enterprise Linux Security Update for sudo (SUSE-SU-2023:0101-1)"},{"cve":"CVE-2023-22809","qid":"753544","title":"SUSE Enterprise Linux Security Update for sudo (SUSE-SU-2023:0115-1)"},{"cve":"CVE-2023-22809","qid":"753545","title":"SUSE Enterprise Linux Security Update for sudo (SUSE-SU-2023:0114-1)"},{"cve":"CVE-2023-22809","qid":"753548","title":"SUSE Enterprise Linux Security Update for sudo (SUSE-SU-2023:0116-1)"},{"cve":"CVE-2023-22809","qid":"753551","title":"SUSE Enterprise Linux Security Update for sudo (SUSE-SU-2023:0117-1)"},{"cve":"CVE-2023-22809","qid":"905272","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for sudo (13022)"},{"cve":"CVE-2023-22809","qid":"905278","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for sudo (13030)"},{"cve":"CVE-2023-22809","qid":"905610","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for sudo (13030-1)"},{"cve":"CVE-2023-22809","qid":"905669","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for sudo (13022-1)"},{"cve":"CVE-2023-22809","qid":"906607","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for sudo (13022-3)"},{"cve":"CVE-2023-22809","qid":"906679","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for sudo (13030-3)"},{"cve":"CVE-2023-22809","qid":"940889","title":"AlmaLinux Security Update for sudo (ALSA-2023:0284)"},{"cve":"CVE-2023-22809","qid":"940892","title":"AlmaLinux Security Update for sudo (ALSA-2023:0282)"},{"cve":"CVE-2023-22809","qid":"960526","title":"Rocky Linux Security Update for sudo (RLSA-2023:0282)"},{"cve":"CVE-2023-22809","qid":"960581","title":"Rocky Linux Security Update for sudo (RLSA-2023:0284)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2023-22809","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a \"--\" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf","url":"https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf"},{"refsource":"CONFIRM","name":"https://www.sudo.ws/security/advisories/sudoedit_any/","url":"https://www.sudo.ws/security/advisories/sudoedit_any/"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230118 [SECURITY] [DLA 3272-1] sudo security update","url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00012.html"},{"refsource":"DEBIAN","name":"DSA-5321","url":"https://www.debian.org/security/2023/dsa-5321"},{"refsource":"MLIST","name":"[oss-security] 20230119 CVE-2023-22809: Sudoedit can edit arbitrary files","url":"http://www.openwall.com/lists/oss-security/2023/01/19/1"},{"refsource":"FEDORA","name":"FEDORA-2023-9078f609e6","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2QDGFCGAV5QRJCE6IXRXIS4XJHS57DDH/"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230127-0015/","url":"https://security.netapp.com/advisory/ntap-20230127-0015/"},{"refsource":"FEDORA","name":"FEDORA-2023-298c136eee","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4YNBTTKTRT2ME3NTSXAPTOKYUE47XHZ/"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html","url":"http://packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html"},{"refsource":"GENTOO","name":"GLSA-202305-12","url":"https://security.gentoo.org/glsa/202305-12"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213758","url":"https://support.apple.com/kb/HT213758"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/172509/Sudoedit-Extra-Arguments-Privilege-Escalation.html","url":"http://packetstormsecurity.com/files/172509/Sudoedit-Extra-Arguments-Privilege-Escalation.html"},{"refsource":"FULLDISC","name":"20230817 KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit","url":"http://seclists.org/fulldisclosure/2023/Aug/21"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/174234/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Arbitrary-File-Modification.html","url":"http://packetstormsecurity.com/files/174234/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Arbitrary-File-Modification.html"}]}},"nvd":{"publishedDate":"2023-01-18 17:15:00","lastModifiedDate":"2023-11-17 19:32:00","problem_types":["CWE-269"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:sudo_project:sudo:1.9.12:-:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*","versionStartIncluding":"1.8.0","versionEndExcluding":"1.9.12","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:sudo_project:sudo:1.9.12:p1:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionEndExcluding":"13.4","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}