From 25a3df9f21afd19bc72e01c0572f664345228a25 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 6 Nov 2023 19:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/22xxx/CVE-2023-22518.json | 15 +++++ 2023/33xxx/CVE-2023-33186.json | 5 -- 2023/39xxx/CVE-2023-39345.json | 76 +++++++++++++++++++++-- 2023/3xxx/CVE-2023-3817.json | 5 ++ 2023/46xxx/CVE-2023-46254.json | 81 +++++++++++++++++++++++-- 2023/46xxx/CVE-2023-46731.json | 108 +++++++++++++++++++++++++++++++-- 2023/46xxx/CVE-2023-46732.json | 90 +++++++++++++++++++++++++-- 2023/47xxx/CVE-2023-47569.json | 18 ++++++ 2023/47xxx/CVE-2023-47570.json | 18 ++++++ 2023/47xxx/CVE-2023-47571.json | 18 ++++++ 2023/47xxx/CVE-2023-47572.json | 18 ++++++ 2023/47xxx/CVE-2023-47573.json | 18 ++++++ 2023/47xxx/CVE-2023-47574.json | 18 ++++++ 2023/47xxx/CVE-2023-47575.json | 18 ++++++ 2023/47xxx/CVE-2023-47576.json | 18 ++++++ 2023/47xxx/CVE-2023-47577.json | 18 ++++++ 2023/47xxx/CVE-2023-47578.json | 18 ++++++ 2023/47xxx/CVE-2023-47579.json | 18 ++++++ 2023/5xxx/CVE-2023-5678.json | 5 ++ 2023/5xxx/CVE-2023-5971.json | 18 ++++++ 20 files changed, 580 insertions(+), 21 deletions(-) create mode 100644 2023/47xxx/CVE-2023-47569.json create mode 100644 2023/47xxx/CVE-2023-47570.json create mode 100644 2023/47xxx/CVE-2023-47571.json create mode 100644 2023/47xxx/CVE-2023-47572.json create mode 100644 2023/47xxx/CVE-2023-47573.json create mode 100644 2023/47xxx/CVE-2023-47574.json create mode 100644 2023/47xxx/CVE-2023-47575.json create mode 100644 2023/47xxx/CVE-2023-47576.json create mode 100644 2023/47xxx/CVE-2023-47577.json create mode 100644 2023/47xxx/CVE-2023-47578.json create mode 100644 2023/47xxx/CVE-2023-47579.json create mode 100644 2023/5xxx/CVE-2023-5971.json diff --git a/2023/22xxx/CVE-2023-22518.json b/2023/22xxx/CVE-2023-22518.json index 40850e6d106..690701b926e 100644 --- a/2023/22xxx/CVE-2023-22518.json +++ b/2023/22xxx/CVE-2023-22518.json @@ -135,6 +135,21 @@ "url": "https://jira.atlassian.com/browse/CONFSERVER-93142", "refsource": "MISC", "name": "https://jira.atlassian.com/browse/CONFSERVER-93142" + }, + { + "url": "https://www.bleepingcomputer.com/news/security/atlassian-warns-of-exploit-for-confluence-data-wiping-bug-get-patching/", + "refsource": "MISC", + "name": "https://www.bleepingcomputer.com/news/security/atlassian-warns-of-exploit-for-confluence-data-wiping-bug-get-patching/" + }, + { + "url": "https://www.securityweek.com/exploitation-of-critical-confluence-vulnerability-begins/", + "refsource": "MISC", + "name": "https://www.securityweek.com/exploitation-of-critical-confluence-vulnerability-begins/" + }, + { + "url": "https://www.rapid7.com/blog/post/2023/11/06/etr-rapid7-observed-exploitation-of-atlassian-confluence-cve-2023-22518/", + "refsource": "MISC", + "name": "https://www.rapid7.com/blog/post/2023/11/06/etr-rapid7-observed-exploitation-of-atlassian-confluence-cve-2023-22518/" } ] }, diff --git a/2023/33xxx/CVE-2023-33186.json b/2023/33xxx/CVE-2023-33186.json index b24aabb0c11..a6f03b92d97 100644 --- a/2023/33xxx/CVE-2023-33186.json +++ b/2023/33xxx/CVE-2023-33186.json @@ -73,11 +73,6 @@ "url": "https://github.com/zulip/zulip/commit/3ca131743b00f42bad8edbac4ef92656d954c629", "refsource": "MISC", "name": "https://github.com/zulip/zulip/commit/3ca131743b00f42bad8edbac4ef92656d954c629" - }, - { - "url": "https://github.com/zulip/zulip/commit/903dbda79bd176702d3175a7c8a5450a64b6eccb", - "refsource": "MISC", - "name": "https://github.com/zulip/zulip/commit/903dbda79bd176702d3175a7c8a5450a64b6eccb" } ] }, diff --git a/2023/39xxx/CVE-2023-39345.json b/2023/39xxx/CVE-2023-39345.json index cb4d0489fbc..ffeba20e306 100644 --- a/2023/39xxx/CVE-2023-39345.json +++ b/2023/39xxx/CVE-2023-39345.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-39345", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "strapi is an open-source headless CMS. Versions prior to 4.13.1 did not properly restrict write access to fielded marked as private in the user registration endpoint. As such malicious users may be able to errantly modify their user records. This issue has been addressed in version 4.13.1. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-287: Improper Authentication", + "cweId": "CWE-287" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "strapi", + "product": { + "product_data": [ + { + "product_name": "strapi", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 4.0.0, < 4.13.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/strapi/strapi/security/advisories/GHSA-gc7p-j5xm-xxh2", + "refsource": "MISC", + "name": "https://github.com/strapi/strapi/security/advisories/GHSA-gc7p-j5xm-xxh2" + } + ] + }, + "source": { + "advisory": "GHSA-gc7p-j5xm-xxh2", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L", + "version": "3.1" } ] } diff --git a/2023/3xxx/CVE-2023-3817.json b/2023/3xxx/CVE-2023-3817.json index 86b77465973..e531e587731 100644 --- a/2023/3xxx/CVE-2023-3817.json +++ b/2023/3xxx/CVE-2023-3817.json @@ -128,6 +128,11 @@ "url": "https://security.netapp.com/advisory/ntap-20231027-0008/", "refsource": "MISC", "name": "https://security.netapp.com/advisory/ntap-20231027-0008/" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/11/06/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2023/11/06/2" } ] }, diff --git a/2023/46xxx/CVE-2023-46254.json b/2023/46xxx/CVE-2023-46254.json index 2d798febe8b..804684bd18f 100644 --- a/2023/46xxx/CVE-2023-46254.json +++ b/2023/46xxx/CVE-2023-46254.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-46254", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by `capsule-proxy` gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants `solar` and `wind`. Tenant `solar`, owned by a ServiceAccount named `tenant-owner` in the Namespace `solar`. Tenant `wind`, owned by a ServiceAccount named `tenant-owner` in the Namespace `wind`. The Tenant owner `solar` would be able to list the namespaces of the Tenant `wind` and vice-versa, although this is not correct. The bug introduces an exfiltration vulnerability since allows the listing of Namespace resources of other Tenants, although just in some specific conditions: 1. `capsule-proxy` runs with the `--disable-caching=false` (default value: `false`) and 2. Tenant owners are ServiceAccount, with the same resource name, but in different Namespaces. This vulnerability doesn't allow any privilege escalation on the outer tenant Namespace-scoped resources, since the Kubernetes RBAC is enforcing this. This issue has been addressed in version 0.4.5. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "projectcapsule", + "product": { + "product_data": [ + { + "product_name": "capsule-proxy", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.4.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/projectcapsule/capsule-proxy/security/advisories/GHSA-6758-979h-249x", + "refsource": "MISC", + "name": "https://github.com/projectcapsule/capsule-proxy/security/advisories/GHSA-6758-979h-249x" + }, + { + "url": "https://github.com/projectcapsule/capsule-proxy/commit/615202f7b02eaec7681336bd63daed1f39ae00c5", + "refsource": "MISC", + "name": "https://github.com/projectcapsule/capsule-proxy/commit/615202f7b02eaec7681336bd63daed1f39ae00c5" + } + ] + }, + "source": { + "advisory": "GHSA-6758-979h-249x", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2023/46xxx/CVE-2023-46731.json b/2023/46xxx/CVE-2023-46731.json index 66e2f7c52de..331f8608959 100644 --- a/2023/46xxx/CVE-2023-46731.json +++ b/2023/46xxx/CVE-2023-46731.json @@ -1,17 +1,117 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-46731", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki doesn't properly escape the section URL parameter that is used in the code for displaying administration sections. This allows any user with read access to the document `XWiki.AdminSheet` (by default, everyone including unauthenticated users) to execute code including Groovy code. This impacts the confidentiality, integrity and availability of the whole XWiki instance. This vulnerability has been patched in XWiki 14.10.14, 15.6 RC1 and 15.5.1. Users are advised to upgrade. Users unablr to upgrade may apply the fix in commit `fec8e0e53f9` manually. Alternatively, to protect against attacks from unauthenticated users, view right for guests can be removed from this document (it is only needed for space and wiki admins)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')", + "cweId": "CWE-95" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "org.xwiki.platform:xwiki-platform-administration : < 14.10.14" + }, + { + "version_affected": "=", + "version_value": "org.xwiki.platform:xwiki-platform-administration-ui: < 14.10.14" + }, + { + "version_affected": "=", + "version_value": "org.xwiki.platform:xwiki-platform-administration-ui: >= 15.0-rc-1, < 15.5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-62pr-qqf7-hh89", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-62pr-qqf7-hh89" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/fec8e0e53f9fa2c3f1e568cc15b0e972727c803a", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/fec8e0e53f9fa2c3f1e568cc15b0e972727c803a" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/fec8e0e53f9fa2c3f1e568cc15b0e972727c803a#diff-6271f9be501f30b2ba55459eb451aee3413d34171ba8198a77c865306d174e23", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/fec8e0e53f9fa2c3f1e568cc15b0e972727c803a#diff-6271f9be501f30b2ba55459eb451aee3413d34171ba8198a77c865306d174e23" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21110", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-21110" + } + ] + }, + "source": { + "advisory": "GHSA-62pr-qqf7-hh89", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/46xxx/CVE-2023-46732.json b/2023/46xxx/CVE-2023-46732.json index 7b079c60a4a..1a50f24d1d3 100644 --- a/2023/46xxx/CVE-2023-46732.json +++ b/2023/46xxx/CVE-2023-46732.json @@ -1,17 +1,99 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-46732", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting (RXSS) via the `rev` parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a link with a crafted parameter, this allows the attacker to execute arbitrary actions in the name of the user, including remote code (Groovy) execution in the case of a user with programming right, compromising the confidentiality, integrity and availability of the whole XWiki installation. This has been patched in XWiki 15.6 RC1, 15.5.1 and 14.10.14. The patch in commit `04e325d57` can be manually applied without upgrading (or restarting) the instance. Users are advised to upgrade or to manually apply the patch. There are no known workarounds for this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 9.7-rc-1, < 14.10.14" + }, + { + "version_affected": "=", + "version_value": ">= 15.0-rc-1, < 15.5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-j9rc-w3wv-fv62", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-j9rc-w3wv-fv62" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/04e325d57d4bcb6ab79bddcafbb19032474c2a55", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/04e325d57d4bcb6ab79bddcafbb19032474c2a55" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-21095", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-21095" + } + ] + }, + "source": { + "advisory": "GHSA-j9rc-w3wv-fv62", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.7, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/47xxx/CVE-2023-47569.json b/2023/47xxx/CVE-2023-47569.json new file mode 100644 index 00000000000..62412ba43bd --- /dev/null +++ b/2023/47xxx/CVE-2023-47569.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47569", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47570.json b/2023/47xxx/CVE-2023-47570.json new file mode 100644 index 00000000000..0e699a9907e --- /dev/null +++ b/2023/47xxx/CVE-2023-47570.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47570", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47571.json b/2023/47xxx/CVE-2023-47571.json new file mode 100644 index 00000000000..9e936c335ab --- /dev/null +++ b/2023/47xxx/CVE-2023-47571.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47571", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47572.json b/2023/47xxx/CVE-2023-47572.json new file mode 100644 index 00000000000..d1fbaec0e3e --- /dev/null +++ b/2023/47xxx/CVE-2023-47572.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47572", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47573.json b/2023/47xxx/CVE-2023-47573.json new file mode 100644 index 00000000000..46e412f1e1c --- /dev/null +++ b/2023/47xxx/CVE-2023-47573.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47573", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47574.json b/2023/47xxx/CVE-2023-47574.json new file mode 100644 index 00000000000..329ea2b227f --- /dev/null +++ b/2023/47xxx/CVE-2023-47574.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47574", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47575.json b/2023/47xxx/CVE-2023-47575.json new file mode 100644 index 00000000000..e9f94a433d6 --- /dev/null +++ b/2023/47xxx/CVE-2023-47575.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47575", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47576.json b/2023/47xxx/CVE-2023-47576.json new file mode 100644 index 00000000000..b3d67b77162 --- /dev/null +++ b/2023/47xxx/CVE-2023-47576.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47576", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47577.json b/2023/47xxx/CVE-2023-47577.json new file mode 100644 index 00000000000..5125d20e1be --- /dev/null +++ b/2023/47xxx/CVE-2023-47577.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47577", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47578.json b/2023/47xxx/CVE-2023-47578.json new file mode 100644 index 00000000000..625079324b7 --- /dev/null +++ b/2023/47xxx/CVE-2023-47578.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47578", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/47xxx/CVE-2023-47579.json b/2023/47xxx/CVE-2023-47579.json new file mode 100644 index 00000000000..75a476d48c6 --- /dev/null +++ b/2023/47xxx/CVE-2023-47579.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-47579", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/5xxx/CVE-2023-5678.json b/2023/5xxx/CVE-2023-5678.json index d790cc1180e..afeb29db2f8 100644 --- a/2023/5xxx/CVE-2023-5678.json +++ b/2023/5xxx/CVE-2023-5678.json @@ -93,6 +93,11 @@ "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6", "refsource": "MISC", "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/11/06/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2023/11/06/2" } ] }, diff --git a/2023/5xxx/CVE-2023-5971.json b/2023/5xxx/CVE-2023-5971.json new file mode 100644 index 00000000000..4e4570c0045 --- /dev/null +++ b/2023/5xxx/CVE-2023-5971.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-5971", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file