[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-22644":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":148,"aliases":149,"duplicate_of":9,"upstream":153,"downstream":154,"duplicates":171,"related":172,"reserved_at":9,"published_at":183,"modified_at":184,"state":185,"summary":186,"references_raw":195,"kevs":230,"epss":231,"epss_history":234,"metrics":503,"affected":512},"CVE-2023-22644","A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-1270","Generation of Incorrect Security Tokens","The product implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens generated in the system are incorrect.","weakness","Incomplete","Base",[19,23,144],{"id":20,"name":21,"techniques":22},"CAPEC-121","Exploit Non-Production Interfaces",[],{"id":24,"name":25,"techniques":26},"CAPEC-633","Token Impersonation",[27],{"id":28,"name":29,"tactics":30,"countermeasures":40},"T1134","Access Token Manipulation",[31,34,37],{"id":32,"name":33},"TA0030","Defense Evasion",{"id":35,"name":36},"TA0005","Stealth",{"id":38,"name":39},"TA0111","Privilege Escalation",[41,46,50,54,59,63,67,71,75,80,84,88,93,98,102,106,110,114,119,123,128,132,136,140],{"id":42,"name":43,"tactic":44},"D3-CI","Configuration Inventory",{"name":45},"Model",{"id":47,"name":48,"tactic":49},"D3-NTPM","Network Traffic Policy Mapping",{"name":45},{"id":51,"name":52,"tactic":53},"D3-AM","Access Modeling",{"name":45},{"id":55,"name":56,"tactic":57},"D3-AEM","Application Exception Monitoring",{"name":58},"Detect",{"id":60,"name":61,"tactic":62},"D3-SCA","System Call Analysis",{"name":58},{"id":64,"name":65,"tactic":66},"D3-CCSA","Credential Compromise Scope Analysis",{"name":58},{"id":68,"name":69,"tactic":70},"D3-OPM","Operational Process Monitoring",{"name":58},{"id":72,"name":73,"tactic":74},"D3-PSA","Process Spawn Analysis",{"name":58},{"id":76,"name":77,"tactic":78},"D3-ST","Session Termination",{"name":79},"Evict",{"id":81,"name":82,"tactic":83},"D3-CR","Credential Revocation",{"name":79},{"id":85,"name":86,"tactic":87},"D3-ANCI","Authentication Cache Invalidation",{"name":79},{"id":89,"name":90,"tactic":91},"D3-DUC","Decoy User Credential",{"name":92},"Deceive",{"id":94,"name":95,"tactic":96},"D3-CH","Credential Hardening",{"name":97},"Harden",{"id":99,"name":100,"tactic":101},"D3-MFA","Multi-factor Authentication",{"name":97},{"id":103,"name":104,"tactic":105},"D3-CRO","Credential Rotation",{"name":97},{"id":107,"name":108,"tactic":109},"D3-TB","Token Binding",{"name":97},{"id":111,"name":112,"tactic":113},"D3-TBA","Token-based Authentication",{"name":97},{"id":115,"name":116,"tactic":117},"D3-RC","Restore Configuration",{"name":118},"Restore",{"id":120,"name":121,"tactic":122},"D3-RIC","Reissue Credential",{"name":118},{"id":124,"name":125,"tactic":126},"D3-SCF","System Call Filtering",{"name":127},"Isolate",{"id":129,"name":130,"tactic":131},"D3-CTS","Credential Transmission Scoping",{"name":127},{"id":133,"name":134,"tactic":135},"D3-EAL","Executable Allowlisting",{"name":127},{"id":137,"name":138,"tactic":139},"D3-EDL","Executable Denylisting",{"name":127},{"id":141,"name":142,"tactic":143},"D3-HBPI","Hardware-based Process Isolation",{"name":127},{"id":145,"name":146,"techniques":147},"CAPEC-681","Exploitation of Improperly Controlled Hardware Security Identifiers",[],[],[150,151,152],"GO-2024-3201","GHSA-622h-h2p8-743x","CVE-2023-32188",[],[155,157,159,161,163,165,167,169],{"_key":156},"SUSE-RU-2023:2566-1",{"_key":158},"SUSE-RU-2023:2592-1",{"_key":160},"SUSE-RU-2023:2595-1",{"_key":162},"SUSE-SU-2023:2594-1",{"_key":164},"SUSE-SU-2023:4758-1",{"_key":166},"OPENSUSE-SU-2024:0350-1",{"_key":168},"SUSE-SU-2024:3911-1",{"_key":170},"OPENSUSE-SU-2024:14447-1",[],[173,174,175,176,177,178,179,180,181],{"_key":156},{"_key":158},{"_key":160},{"_key":162},{"_key":164},{"_key":166},{"_key":168},{"_key":170},{"_key":182},"CGA-28G2-MRF7-FGX5","2023-09-20T08:12:34.130Z","2025-04-07T17:19:01.804Z","Deferred",{"cisa_kev":187,"cisa_ransomware":187,"cisa_vendor":9,"epss_severity":188,"epss_score":189,"severity":190,"severity_score":191,"severity_version":192,"severity_source":193,"severity_vector":194,"severity_status":185},false,"low",0.00053,"critical",9.4,"v4.0","cve.org","CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",[196,203,207,212,217,221,226],{"url":197,"sources":198,"tags":201},"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32188",[193,199,200],"nvd","osv_go",[202],"WEB",{"url":204,"sources":205,"tags":206},"https://github.com/neuvector/neuvector/security/advisories/GHSA-622h-h2p8-743x",[193,199,200],[202],{"url":208,"sources":209,"tags":210},"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22644",[193,199],[211],"X Transferred",{"url":213,"sources":214,"tags":215},"https://nvd.nist.gov/vuln/detail/CVE-2023-22644",[200],[216],"Advisory",{"url":218,"sources":219,"tags":220},"https://nvd.nist.gov/vuln/detail/CVE-2023-32188",[200],[216],{"url":222,"sources":223,"tags":224},"https://github.com/neuvector/neuvector",[200],[225],"PACKAGE",{"url":227,"sources":228,"tags":229},"https://open-docs.neuvector.com/releasenotes/5x",[200],[202],[],{"date":232,"score":189,"percentile":233},"2026-06-04",0.16957,[235,239,242,245,248,251,254,257,260,262,265,268,270,273,276,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,429,432,435,438,440,443,446,449,452,455,458,461,464,467,470,473,476,479,482,485,488,491,494,497,500],{"date":236,"score":237,"percentile":238},"2025-11-04",0.0004,0.11519,{"date":240,"score":237,"percentile":241},"2025-11-05",0.11545,{"date":243,"score":237,"percentile":244},"2025-11-06",0.11658,{"date":246,"score":237,"percentile":247},"2025-11-07",0.11672,{"date":249,"score":237,"percentile":250},"2025-11-08",0.11683,{"date":252,"score":237,"percentile":253},"2025-11-09",0.11654,{"date":255,"score":237,"percentile":256},"2025-11-10",0.11602,{"date":258,"score":237,"percentile":259},"2025-11-11",0.11626,{"date":261,"score":237,"percentile":253},"2025-11-12",{"date":263,"score":237,"percentile":264},"2025-11-13",0.1168,{"date":266,"score":237,"percentile":267},"2025-11-14",0.11693,{"date":269,"score":237,"percentile":267},"2025-11-15",{"date":271,"score":237,"percentile":272},"2025-11-16",0.1169,{"date":274,"score":237,"percentile":275},"2025-11-17",0.11666,{"date":277,"score":278,"percentile":279},"2025-11-18",0.00133,0.2776,{"date":281,"score":278,"percentile":282},"2025-11-19",0.27786,{"date":284,"score":278,"percentile":285},"2025-11-20",0.27797,{"date":287,"score":237,"percentile":288},"2025-11-21",0.11696,{"date":290,"score":237,"percentile":291},"2025-11-22",0.11706,{"date":293,"score":237,"percentile":294},"2025-11-23",0.11697,{"date":296,"score":237,"percentile":297},"2025-11-24",0.11648,{"date":299,"score":237,"percentile":300},"2025-11-25",0.11651,{"date":302,"score":237,"percentile":303},"2025-11-26",0.11643,{"date":305,"score":237,"percentile":306},"2025-11-27",0.11649,{"date":308,"score":237,"percentile":309},"2025-11-28",0.11641,{"date":311,"score":237,"percentile":312},"2025-11-29",0.11598,{"date":314,"score":237,"percentile":315},"2025-11-30",0.11599,{"date":317,"score":237,"percentile":318},"2025-12-01",0.11634,{"date":320,"score":237,"percentile":321},"2025-12-02",0.11644,{"date":323,"score":237,"percentile":300},"2025-12-03",{"date":325,"score":237,"percentile":326},"2025-12-04",0.1164,{"date":328,"score":237,"percentile":329},"2025-12-05",0.11675,{"date":331,"score":237,"percentile":332},"2025-12-06",0.11684,{"date":334,"score":237,"percentile":335},"2025-12-07",0.11674,{"date":337,"score":237,"percentile":338},"2025-12-08",0.11688,{"date":340,"score":237,"percentile":341},"2025-12-09",0.11744,{"date":343,"score":237,"percentile":344},"2025-12-10",0.11809,{"date":346,"score":237,"percentile":347},"2025-12-11",0.11841,{"date":349,"score":237,"percentile":350},"2025-12-12",0.11872,{"date":352,"score":237,"percentile":353},"2025-12-13",0.11889,{"date":355,"score":237,"percentile":356},"2025-12-14",0.11876,{"date":358,"score":189,"percentile":359},"2025-12-15",0.1671,{"date":361,"score":189,"percentile":362},"2025-12-16",0.16729,{"date":364,"score":189,"percentile":365},"2025-12-17",0.16819,{"date":367,"score":189,"percentile":368},"2025-12-18",0.16873,{"date":370,"score":189,"percentile":371},"2025-12-19",0.16922,{"date":373,"score":189,"percentile":374},"2025-12-20",0.16901,{"date":376,"score":189,"percentile":377},"2025-12-21",0.16852,{"date":379,"score":189,"percentile":380},"2025-12-22",0.168,{"date":382,"score":189,"percentile":383},"2025-12-23",0.1679,{"date":385,"score":189,"percentile":386},"2025-12-24",0.16809,{"date":388,"score":189,"percentile":389},"2025-12-25",0.16891,{"date":391,"score":189,"percentile":392},"2025-12-26",0.1688,{"date":394,"score":189,"percentile":395},"2025-12-27",0.16885,{"date":397,"score":189,"percentile":398},"2025-12-28",0.16845,{"date":400,"score":189,"percentile":401},"2025-12-29",0.16811,{"date":403,"score":189,"percentile":404},"2025-12-30",0.16822,{"date":406,"score":189,"percentile":407},"2025-12-31",0.16896,{"date":409,"score":189,"percentile":410},"2026-01-01",0.16992,{"date":412,"score":189,"percentile":413},"2026-01-02",0.16981,{"date":415,"score":189,"percentile":416},"2026-01-03",0.16963,{"date":418,"score":189,"percentile":419},"2026-01-04",0.16869,{"date":421,"score":189,"percentile":422},"2026-01-05",0.16828,{"date":424,"score":189,"percentile":425},"2026-01-06",0.16841,{"date":427,"score":189,"percentile":428},"2026-01-07",0.16878,{"date":430,"score":189,"percentile":431},"2026-01-08",0.16936,{"date":433,"score":189,"percentile":434},"2026-01-09",0.16943,{"date":436,"score":189,"percentile":437},"2026-01-10",0.1696,{"date":439,"score":189,"percentile":371},"2026-01-11",{"date":441,"score":189,"percentile":442},"2026-01-12",0.16882,{"date":444,"score":189,"percentile":445},"2026-01-13",0.16864,{"date":447,"score":189,"percentile":448},"2026-01-14",0.16923,{"date":450,"score":189,"percentile":451},"2026-01-15",0.16924,{"date":453,"score":189,"percentile":454},"2026-01-16",0.16968,{"date":456,"score":189,"percentile":457},"2026-01-17",0.16975,{"date":459,"score":189,"percentile":460},"2026-01-18",0.16914,{"date":462,"score":189,"percentile":463},"2026-01-19",0.16866,{"date":465,"score":189,"percentile":466},"2026-01-20",0.16837,{"date":468,"score":189,"percentile":469},"2026-01-21",0.16816,{"date":471,"score":189,"percentile":472},"2026-01-22",0.16751,{"date":474,"score":189,"percentile":475},"2026-01-23",0.16827,{"date":477,"score":189,"percentile":478},"2026-01-24",0.16854,{"date":480,"score":189,"percentile":481},"2026-01-25",0.16786,{"date":483,"score":189,"percentile":484},"2026-01-26",0.16685,{"date":486,"score":189,"percentile":487},"2026-01-27",0.16675,{"date":489,"score":189,"percentile":490},"2026-01-28",0.16686,{"date":492,"score":189,"percentile":493},"2026-01-29",0.16663,{"date":495,"score":189,"percentile":496},"2026-01-30",0.16673,{"date":498,"score":189,"percentile":499},"2026-01-31",0.1669,{"date":501,"score":189,"percentile":502},"2026-02-01",0.16719,[504,507,510],{"source":193,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":505},{"baseScore":191,"baseSeverity":506,"vectorString":194,"impactScore":9,"exploitabilityScore":9},"CRITICAL",{"source":199,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":508},{"baseScore":191,"baseSeverity":506,"vectorString":509,"impactScore":9,"exploitabilityScore":9},"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",{"source":200,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":511},{"baseScore":191,"baseSeverity":9,"vectorString":509,"impactScore":9,"exploitabilityScore":9},[513,526,542],{"ecosystem":514,"name":515,"vendor":516,"product":517,"cpe_part":9,"purl_type":518,"purl_namespace":516,"purl_name":517,"source":9,"versions":519},"Go","github.com/neuvector/neuvector","github.com/neuvector","neuvector","golang",[520],{"version":521,"is_range":522,"range_type":523,"version_start":9,"version_start_type":9,"version_end":524,"version_end_type":525,"fixed_in":9},"lt0_0_0_20231003121714_be746957ee7c",true,"semver","0.0.0-20231003121714-be746957ee7c","excluding",{"ecosystem":9,"name":527,"vendor":528,"product":529,"cpe_part":530,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":531},"manager server","suse","manager_server","a",[532,538],{"version":533,"is_range":522,"range_type":534,"version_start":535,"version_start_type":536,"version_end":537,"version_end_type":525,"fixed_in":9},"gte4.2_lt4.2.50-150300.3.66.5","cpe","4.2","including","4.2.50-150300.3.66.5",{"version":539,"is_range":522,"range_type":534,"version_start":540,"version_start_type":536,"version_end":541,"version_end_type":525,"fixed_in":9},"gte4.3_lt4.3.58-150400.3.46.4","4.3","4.3.58-150400.3.46.4",{"ecosystem":9,"name":517,"vendor":528,"product":517,"cpe_part":530,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},[544],{"version":545,"is_range":522,"range_type":193,"version_start":9,"version_start_type":9,"version_end":524,"version_end_type":525,"fixed_in":9},"\u003C 0.0.0-20231003121714-be746957ee7c"]