CVE-2023-6309

Source
https://cve.org/CVERecord?id=CVE-2023-6309
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6309.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-6309
Published
2023-11-27T01:31:05.012Z
Modified
2026-07-11T04:41:39.404869Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
moses-smt mosesdecoder trans_result.php os command injection
Details

A vulnerability, which was classified as critical, was found in moses-smt mosesdecoder up to 4.0. This affects an unknown part of the file contrib/iSenWeb/trans_result.php. The manipulation of the argument input1 leads to os command injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246135.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/6xxx/CVE-2023-6309.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-78"
    ]
}
References

Affected packages

Git / github.com/moses-smt/mosesdecoder

Affected ranges

Type
GIT
Repo
https://github.com/moses-smt/mosesdecoder
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:moses-smt:mosesdecoder:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "4.0"
        },
        {
            "last_affected": "4.0"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "4.0"
        }
    ]
}

Affected versions

4.*
4.0

Database specific

vanir_signatures_modified
"2026-07-11T04:41:39Z"
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6309.json"
vanir_signatures
[
    {
        "id": "CVE-2023-6309-0ae1002e",
        "digest": {
            "line_hashes": [
                "287799047509587991674869595905362083999",
                "194014147465151276086725446532518972482",
                "54556868642469713685637384158847552438",
                "305293933092946706212455641990429689917",
                "164938762843142924974016788741402971396",
                "327145125206464237521372156096953221977",
                "234773954176797209531456115597982703158"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/PhraseBased/Manager.cpp"
        }
    },
    {
        "id": "CVE-2023-6309-21d2daea",
        "digest": {
            "line_hashes": [
                "207172663435752969340917940283201476354",
                "197241871430959707446725766341289685438"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/legacy/Bitmaps.h"
        }
    },
    {
        "id": "CVE-2023-6309-29023eb6",
        "digest": {
            "line_hashes": [
                "77015291220887071739383473423043162250",
                "4791519720846525949517920688764110876",
                "8110439303748515608239307500976140318",
                "116055660889892962530777476981821538082"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/Main.cpp"
        }
    },
    {
        "id": "CVE-2023-6309-2938d389",
        "digest": {
            "line_hashes": [
                "6106077494158834408191727108293064896",
                "37367592069878887743139942173560473656"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/FF/StatelessFeatureFunction.h"
        }
    },
    {
        "id": "CVE-2023-6309-34166ffb",
        "digest": {
            "line_hashes": [
                "163154644638348233158395153374325907810",
                "107191173141483463899007190751372325432",
                "77534081765974908153959284095222812456",
                "69340196871160383827602960232189243965",
                "283826973313577643352788803864976472879",
                "7757581711386589369271224138387330704",
                "104941240749221153233647790800432302117"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/defer/CubePruningCardinalStack/Stack.h"
        }
    },
    {
        "id": "CVE-2023-6309-4b4ed93c",
        "digest": {
            "line_hashes": [
                "235911648813310825851127682912219700901",
                "241805756202622770009768560353220183352",
                "190857528106358254107234541323657527413",
                "185196893019859075809214484981778396367",
                "300861718470050016832035136251634166699",
                "139548751621167405315622285218600146942",
                "126894741173841347561463312460864546154",
                "63697558579940042639977239828372600886"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/defer/CubePruningBitmapStack/Misc.h"
        }
    },
    {
        "id": "CVE-2023-6309-5b55d017",
        "digest": {
            "line_hashes": [
                "66339231305232658671109981124880252781",
                "320412668135699447618793268470709233076",
                "189800262004595559869319819038430072588"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/HypothesisColl.h"
        }
    },
    {
        "id": "CVE-2023-6309-5cae96b8",
        "digest": {
            "line_hashes": [
                "163154644638348233158395153374325907810",
                "107191173141483463899007190751372325432",
                "77534081765974908153959284095222812456",
                "291478699453865245521091780254996202313",
                "277326330914393770064616620249550461600",
                "304767212978406107484137588123765534101",
                "104941240749221153233647790800432302117"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/defer/CubePruningBitmapStack/Stack.h"
        }
    },
    {
        "id": "CVE-2023-6309-646a3103",
        "digest": {
            "line_hashes": [
                "235911648813310825851127682912219700901",
                "241805756202622770009768560353220183352",
                "190857528106358254107234541323657527413",
                "185196893019859075809214484981778396367",
                "300861718470050016832035136251634166699",
                "139548751621167405315622285218600146942",
                "139659351680358969733224333488732988854",
                "63363215336700645376042090824945750025"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/defer/CubePruningPerBitmap/Misc.h"
        }
    },
    {
        "id": "CVE-2023-6309-6d28581f",
        "digest": {
            "line_hashes": [
                "163154644638348233158395153374325907810",
                "107191173141483463899007190751372325432",
                "77534081765974908153959284095222812456"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/PhraseBased/CubePruningMiniStack/Stack.h"
        }
    },
    {
        "id": "CVE-2023-6309-8476ec83",
        "digest": {
            "function_hash": "182353790773938809587114032224525926475",
            "length": 540.0
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "function": "Temp",
            "file": "moses2/Main.cpp"
        }
    },
    {
        "id": "CVE-2023-6309-9a030828",
        "digest": {
            "line_hashes": [
                "182266515569901985806693369413740811617",
                "77534081765974908153959284095222812456"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/PhraseBased/Normal/Stack.h"
        }
    },
    {
        "id": "CVE-2023-6309-a8037bdd",
        "digest": {
            "line_hashes": [
                "334633140571608706651991760190116077768",
                "172618108275161822371952686497418417879",
                "286601356145049915873519652833739356738",
                "79475622298012707981381407042257845715",
                "319075604201523007646459466599977162279",
                "243605047432511047232395539695014523064"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/SCFG/nbest/NBests.h"
        }
    },
    {
        "id": "CVE-2023-6309-ab9b934a",
        "digest": {
            "line_hashes": [
                "317347614599550526183274876323754920649",
                "265241503700140694676230279881342347895",
                "336899072829365001445922648494577655375",
                "82771307390077287839818496465811443348",
                "32769400282768707602339163747587012272",
                "197733840876450594093183512195221703502",
                "29466725951482136827394878048949787616",
                "208595512770669292990126850629065182828"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/legacy/FactorCollection.h"
        }
    },
    {
        "id": "CVE-2023-6309-b1b2f9c3",
        "digest": {
            "line_hashes": [
                "302930751195726194749262172417285968727",
                "294810810201566152430893661985602021351",
                "316900431191805631482398076372878741818",
                "315455630917953417723530621105578741463",
                "263702779483625592042552064634311638876",
                "249695478392695360639588472260144041887",
                "212546069056548199902373813758761046341",
                "130208245571562311497916336758327426760"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/SCFG/Misc.h"
        }
    },
    {
        "id": "CVE-2023-6309-c2704bde",
        "digest": {
            "line_hashes": [
                "56942818565358178888652249451036578736",
                "52225132572542106361403908754465133770"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/FF/StatefulFeatureFunction.h"
        }
    },
    {
        "id": "CVE-2023-6309-c5595698",
        "digest": {
            "line_hashes": [
                "235911648813310825851127682912219700901",
                "241805756202622770009768560353220183352",
                "190857528106358254107234541323657527413",
                "185196893019859075809214484981778396367",
                "300861718470050016832035136251634166699",
                "139548751621167405315622285218600146942",
                "139659351680358969733224333488732988854",
                "63363215336700645376042090824945750025"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/defer/CubePruningPerMiniStack/Misc.h"
        }
    },
    {
        "id": "CVE-2023-6309-c850b032",
        "digest": {
            "line_hashes": [
                "235911648813310825851127682912219700901",
                "241805756202622770009768560353220183352",
                "190857528106358254107234541323657527413",
                "185196893019859075809214484981778396367",
                "300861718470050016832035136251634166699",
                "139548751621167405315622285218600146942",
                "139659351680358969733224333488732988854",
                "63363215336700645376042090824945750025"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/defer/CubePruningCardinalStack/Misc.h"
        }
    },
    {
        "id": "CVE-2023-6309-e0d2decf",
        "digest": {
            "line_hashes": [
                "235911648813310825851127682912219700901",
                "241805756202622770009768560353220183352",
                "190857528106358254107234541323657527413",
                "185196893019859075809214484981778396367",
                "261570824187461698520361629733246730916",
                "255161395853958434367429642675049210421",
                "337325582187597172420921535553295808433",
                "207207774955736515860094285894789123721"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/PhraseBased/CubePruningMiniStack/Misc.h"
        }
    },
    {
        "id": "CVE-2023-6309-e96a0420",
        "digest": {
            "line_hashes": [
                "155182889077358448335846357036652658686"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/moses-smt/mosesdecoder/commit/65c75ff0739ee2f88fc423ec1ad074e1b9b4a9b8",
        "deprecated": false,
        "target": {
            "file": "moses2/Phrase.h"
        }
    }
]