From a21698dc0bd62dfda43f6532abdb4ed8cf27f97d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 20 Nov 2023 05:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/3xxx/CVE-2021-3487.json | 70 ++------------------------------- 2023/46xxx/CVE-2023-46700.json | 72 ++++++++++++++++++++++++++++++++-- 2023/47xxx/CVE-2023-47175.json | 72 ++++++++++++++++++++++++++++++++-- 3 files changed, 139 insertions(+), 75 deletions(-) diff --git a/2021/3xxx/CVE-2021-3487.json b/2021/3xxx/CVE-2021-3487.json index df9834a0d31..4873768621e 100644 --- a/2021/3xxx/CVE-2021-3487.json +++ b/2021/3xxx/CVE-2021-3487.json @@ -1,81 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3487", "ASSIGNER": "secalert@redhat.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "binutils", - "version": { - "version_data": [ - { - "version_value": "binutils 2.36" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20->CWE-400" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1947111", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947111" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-d23d016509", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6V2LF5AVOUTHPYY2O5TRNAIXVMXFDGL/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-9bd201dd4d", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNBNDMJWZOQYCEZXENHBSM6DBZ332UZZ/" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-7ca24ddc86", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3Z3KSJY3CLAAFFT7FNFCJOMDITPQGN56/" - }, - { - "refsource": "GENTOO", - "name": "GLSA-202208-30", - "url": "https://security.gentoo.org/glsa/202208-30" - } - ] + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption." + "value": "** REJECT ** Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt" } ] } diff --git a/2023/46xxx/CVE-2023-46700.json b/2023/46xxx/CVE-2023-46700.json index ee676412364..644fc20b85d 100644 --- a/2023/46xxx/CVE-2023-46700.json +++ b/2023/46xxx/CVE-2023-46700.json @@ -1,17 +1,81 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-46700", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "LuxSoft", + "product": { + "product_data": [ + { + "product_name": "LuxCal Web Calendar", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "prior to 5.2.4M (MySQL version)" + }, + { + "version_affected": "=", + "version_value": "prior to 5.2.4L (SQLite version)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.luxsoft.eu/", + "refsource": "MISC", + "name": "https://www.luxsoft.eu/" + }, + { + "url": "https://www.luxsoft.eu/?download", + "refsource": "MISC", + "name": "https://www.luxsoft.eu/?download" + }, + { + "url": "https://www.luxsoft.eu/lcforum/viewtopic.php?id=476", + "refsource": "MISC", + "name": "https://www.luxsoft.eu/lcforum/viewtopic.php?id=476" + }, + { + "url": "https://jvn.jp/en/jp/JVN15005948/", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN15005948/" } ] } diff --git a/2023/47xxx/CVE-2023-47175.json b/2023/47xxx/CVE-2023-47175.json index e7f0aa4ac7f..523d5fd8b1b 100644 --- a/2023/47xxx/CVE-2023-47175.json +++ b/2023/47xxx/CVE-2023-47175.json @@ -1,17 +1,81 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-47175", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "LuxSoft", + "product": { + "product_data": [ + { + "product_name": "LuxCal Web Calendar", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "prior to 5.2.4M (MySQL version)" + }, + { + "version_affected": "=", + "version_value": "prior to 5.2.4L (SQLite version)" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.luxsoft.eu/", + "refsource": "MISC", + "name": "https://www.luxsoft.eu/" + }, + { + "url": "https://www.luxsoft.eu/?download", + "refsource": "MISC", + "name": "https://www.luxsoft.eu/?download" + }, + { + "url": "https://www.luxsoft.eu/lcforum/viewtopic.php?id=476", + "refsource": "MISC", + "name": "https://www.luxsoft.eu/lcforum/viewtopic.php?id=476" + }, + { + "url": "https://jvn.jp/en/jp/JVN15005948/", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN15005948/" } ] }