CVE-2023-36811

Risk Scores

Affected Products

Timeline

• Aug 30, 2023 CVE Published
• Aug 31, 2023 EPSS Score
• Oct 3, 2023 EPSS Score
• Nov 5, 2023 EPSS Score
• Dec 7, 2023 EPSS Score
• Jan 9, 2024 EPSS Score
• Feb 11, 2024 EPSS Score
• Mar 15, 2024 EPSS Score
• Apr 17, 2024 EPSS Score
• May 19, 2024 EPSS Score
• Jun 21, 2024 EPSS Score
• Jul 24, 2024 EPSS Score

References

• https://github.com/borgbackup/borg/security/advisories/GHSA-8fjr-hghr-4m99 url
• https://github.com/borgbackup/borg/commit/3eb070191da10c2d3f7bc6484cf3d51c3045f884 url
• https://github.com/borgbackup/borg/blob/1.2.5-cvedocs/docs/changes.rst#pre-125-archives-spoofing-vulnerability-cve-2023-36811 url
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUCQSMAWOJBCRGF6XPKEZ2TPGAPNKIWV/ url
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5Q3OHXERTU547SEQ3YREZXHOCYNLVD63/ url
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOZDFIYEBIOKSIEAXUJJJFUJTAJ7TF3C/ url
• https://nvd.nist.gov/vuln/detail/CVE-2023-36811 advisory
• https://github.com/borgbackup/borg package
• https://github.com/borgbackup/borg/blob/1.2.6/docs/changes.rst#pre-125-archives-spoofing-vulnerability-cve-2023-36811 url
• https://github.com/pypa/advisory-database/tree/main/vulns/borgbackup/PYSEC-2023-164.yaml url
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5Q3OHXERTU547SEQ3YREZXHOCYNLVD63 url
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOZDFIYEBIOKSIEAXUJJJFUJTAJ7TF3C url
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUCQSMAWOJBCRGF6XPKEZ2TPGAPNKIWV url