diff --git a/2022/4xxx/CVE-2022-4385.json b/2022/4xxx/CVE-2022-4385.json index be7fcebc524..2f33915af72 100644 --- a/2022/4xxx/CVE-2022-4385.json +++ b/2022/4xxx/CVE-2022-4385.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The Intuitive Custom Post Order WordPress plugin through 3.1.3 does not check for authorization in the update-menu-order ajax action, allowing any logged in user (with roles as low as Subscriber) to update the menu order" + "value": "The Intuitive Custom Post Order WordPress plugin before 3.1.4 does not check for authorization in the update-menu-order ajax action, allowing any logged in user (with roles as low as Subscriber) to update the menu order" } ] }, @@ -39,18 +39,9 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "status": "affected", - "versionType": "custom", - "version": "0", - "lessThanOrEqual": "3.1.3" - } - ], - "defaultStatus": "affected" - } + "version_affected": "<", + "version_name": "0", + "version_value": "3.1.4" } ] } diff --git a/2022/4xxx/CVE-2022-4386.json b/2022/4xxx/CVE-2022-4386.json index 44a5375bc32..f08c2dd91c4 100644 --- a/2022/4xxx/CVE-2022-4386.json +++ b/2022/4xxx/CVE-2022-4386.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The Intuitive Custom Post Order WordPress plugin through 3.1.3 lacks CSRF protection in its update-menu-order ajax action, allowing an attacker to trick any user to change the menu order via a CSRF attack" + "value": "The Intuitive Custom Post Order WordPress plugin before 3.1.4 lacks CSRF protection in its update-menu-order ajax action, allowing an attacker to trick any user to change the menu order via a CSRF attack" } ] }, @@ -39,18 +39,9 @@ "version": { "version_data": [ { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "versions": [ - { - "status": "affected", - "versionType": "custom", - "version": "0", - "lessThanOrEqual": "3.1.3" - } - ], - "defaultStatus": "affected" - } + "version_affected": "<", + "version_name": "0", + "version_value": "3.1.4" } ] } diff --git a/2023/1xxx/CVE-2023-1012.json b/2023/1xxx/CVE-2023-1012.json new file mode 100644 index 00000000000..d0ad6ac9b2a --- /dev/null +++ b/2023/1xxx/CVE-2023-1012.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1012", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/23xxx/CVE-2023-23916.json b/2023/23xxx/CVE-2023-23916.json index 20bb5196155..f7086aef9f8 100644 --- a/2023/23xxx/CVE-2023-23916.json +++ b/2023/23xxx/CVE-2023-23916.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://hackerone.com/reports/1826048", "url": "https://hackerone.com/reports/1826048" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20230224 [SECURITY] [DLA 3341-1] curl security update", + "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html" } ] },