diff --git a/2023/22xxx/CVE-2023-22591.json b/2023/22xxx/CVE-2023-22591.json index 6ac46fc8e79..e2b6540ce2d 100644 --- a/2023/22xxx/CVE-2023-22591.json +++ b/2023/22xxx/CVE-2023-22591.json @@ -1,17 +1,98 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-22591", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. IBM X-Force ID: 243710." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-613 Insufficient Session Expiration", + "cweId": "CWE-613" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Robotic Process Automation", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "21.0.1", + "version_value": "21.0.7" + }, + { + "version_affected": "<", + "version_name": "23.0.0", + "version_value": "23.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6962175", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/6962175" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/243710", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/243710" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "PHYSICAL", + "availabilityImpact": "LOW", + "baseScore": 3.9, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/26xxx/CVE-2023-26484.json b/2023/26xxx/CVE-2023-26484.json index d6403f08420..e759666c482 100644 --- a/2023/26xxx/CVE-2023-26484.json +++ b/2023/26xxx/CVE-2023-26484.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-26484", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can, for instance, read all secrets on the cluster, or can exec into pods on other nodes. This way, a compromised node can be used to elevate privileges beyond the node until potentially having full privileged access to the whole cluster. The simplest way to exploit this, once a user could compromise a specific node, is to set with the virt-handler service account all other nodes to unschedulable and simply wait until system-critical components with high privileges appear on its node. No patches are available as of time of publication. As a workaround, gatekeeper users can add a webhook which will block the `virt-handler` service account to modify the spec of a node." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-863: Incorrect Authorization", + "cweId": "CWE-863" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "kubevirt", + "product": { + "product_data": [ + { + "product_name": "kubevirt", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "<= 0.59.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/kubevirt/kubevirt/issues/9109", + "refsource": "MISC", + "name": "https://github.com/kubevirt/kubevirt/issues/9109" + }, + { + "url": "https://github.com/kubevirt/kubevirt/security/advisories/GHSA-cp96-jpmq-xrr2", + "refsource": "MISC", + "name": "https://github.com/kubevirt/kubevirt/security/advisories/GHSA-cp96-jpmq-xrr2" + } + ] + }, + "source": { + "advisory": "GHSA-cp96-jpmq-xrr2", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2023/27xxx/CVE-2023-27596.json b/2023/27xxx/CVE-2023-27596.json index 00e1ea1cbe8..35e05f48af1 100644 --- a/2023/27xxx/CVE-2023-27596.json +++ b/2023/27xxx/CVE-2023-27596.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-27596", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, OpenSIPS crashes when a malformed SDP body is sent multiple times to an OpenSIPS configuration that makes use of the `stream_process` function. This issue was discovered during coverage guided fuzzing of the function `codec_delete_except_re`. By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. This issue has been fixed in version 3.1.8 and 3.2.5." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-770: Allocation of Resources Without Limits or Throttling", + "cweId": "CWE-770" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "OpenSIPS", + "product": { + "product_data": [ + { + "product_name": "opensips", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 3.1.8" + }, + { + "version_affected": "=", + "version_value": ">= 3.2.0, < 3.2.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OpenSIPS/opensips/security/advisories/GHSA-3ghx-j39m-cw4f", + "refsource": "MISC", + "name": "https://github.com/OpenSIPS/opensips/security/advisories/GHSA-3ghx-j39m-cw4f" + }, + { + "url": "https://github.com/OpenSIPS/opensips/commit/dd051f8ed5ae3347fb1d556ced3c97822c9d8450", + "refsource": "MISC", + "name": "https://github.com/OpenSIPS/opensips/commit/dd051f8ed5ae3347fb1d556ced3c97822c9d8450" + } + ] + }, + "source": { + "advisory": "GHSA-3ghx-j39m-cw4f", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2023/27xxx/CVE-2023-27597.json b/2023/27xxx/CVE-2023-27597.json index 134f427049b..393394ff1b3 100644 --- a/2023/27xxx/CVE-2023-27597.json +++ b/2023/27xxx/CVE-2023-27597.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-27597", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function `rewrite_ruri`, a crash occurs due to a segmentation fault. This issue causes the server to crash. It affects configurations containing functions that make use of the affected code, such as the function `setport`. This issue has been fixed in version 3.1.8 and 3.2.5." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "OpenSIPS", + "product": { + "product_data": [ + { + "product_name": "opensips", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 3.1.8" + }, + { + "version_affected": "=", + "version_value": ">= 3.2.0, < 3.2.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OpenSIPS/opensips/security/advisories/GHSA-358f-935m-7p9c", + "refsource": "MISC", + "name": "https://github.com/OpenSIPS/opensips/security/advisories/GHSA-358f-935m-7p9c" + }, + { + "url": "https://github.com/OpenSIPS/opensips/commit/b2dffe4b5cd81182c9c8eabb6c96aac96c7acfe3", + "refsource": "MISC", + "name": "https://github.com/OpenSIPS/opensips/commit/b2dffe4b5cd81182c9c8eabb6c96aac96c7acfe3" + } + ] + }, + "source": { + "advisory": "GHSA-358f-935m-7p9c", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2023/27xxx/CVE-2023-27598.json b/2023/27xxx/CVE-2023-27598.json index 4ce863dc440..878469f873b 100644 --- a/2023/27xxx/CVE-2023-27598.json +++ b/2023/27xxx/CVE-2023-27598.json @@ -1,17 +1,99 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-27598", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, sending a malformed `Via` header to OpenSIPS triggers a segmentation fault when the function `calc_tag_suffix` is called. A specially crafted `Via` header, which is deemed correct by the parser, will pass uninitialized strings to the function `MD5StringArray` which leads to the crash. Abuse of this vulnerability leads to Denial of Service due to a crash. Since the uninitialized string points to memory location `0x0`, no further exploitation appears to be possible. No special network privileges are required to perform this attack, as long as the OpenSIPS configuration makes use of functions such as `sl_send_reply` or `sl_gen_totag` that trigger the vulnerable code. This issue has been fixed in versions 3.1.7 and 3.2.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-908: Use of Uninitialized Resource", + "cweId": "CWE-908" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "OpenSIPS", + "product": { + "product_data": [ + { + "product_name": "opensips", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 3.1.7" + }, + { + "version_affected": "=", + "version_value": ">= 3.2.0, < 3.2.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OpenSIPS/opensips/security/advisories/GHSA-wxfg-3gwh-rhvx", + "refsource": "MISC", + "name": "https://github.com/OpenSIPS/opensips/security/advisories/GHSA-wxfg-3gwh-rhvx" + }, + { + "url": "https://github.com/OpenSIPS/opensips/commit/ab611f74f69d9c42be5401c40d56ea06a58f5dd7", + "refsource": "MISC", + "name": "https://github.com/OpenSIPS/opensips/commit/ab611f74f69d9c42be5401c40d56ea06a58f5dd7" + }, + { + "url": "https://opensips.org/pub/audit-2022/opensips-audit-technical-report-full.pdf", + "refsource": "MISC", + "name": "https://opensips.org/pub/audit-2022/opensips-audit-technical-report-full.pdf" + } + ] + }, + "source": { + "advisory": "GHSA-wxfg-3gwh-rhvx", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2023/27xxx/CVE-2023-27599.json b/2023/27xxx/CVE-2023-27599.json index 7216cf10cc1..d19f5f4f628 100644 --- a/2023/27xxx/CVE-2023-27599.json +++ b/2023/27xxx/CVE-2023-27599.json @@ -1,17 +1,99 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-27599", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, when the function `append_hf` handles a SIP message with a malformed To header, a call to the function `abort()` is performed, resulting in a crash. This is due to the following check in `data_lump.c:399` in the function `anchor_lump`. An attacker abusing this vulnerability will crash OpenSIPS leading to Denial of Service. It affects configurations containing functions that make use of the affected code, such as the function `append_hf`. This issue has been fixed in versions 3.1.7 and 3.2.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "OpenSIPS", + "product": { + "product_data": [ + { + "product_name": "opensips", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 3.1.7" + }, + { + "version_affected": "=", + "version_value": ">= 3.2.0, < 3.2.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://opensips.org/pub/audit-2022/opensips-audit-technical-report-full.pdf", + "refsource": "MISC", + "name": "https://opensips.org/pub/audit-2022/opensips-audit-technical-report-full.pdf" + }, + { + "url": "https://github.com/OpenSIPS/opensips/security/advisories/GHSA-qvj2-vqrg-f5jx", + "refsource": "MISC", + "name": "https://github.com/OpenSIPS/opensips/security/advisories/GHSA-qvj2-vqrg-f5jx" + }, + { + "url": "https://github.com/OpenSIPS/opensips/commit/cb56694d290530ac308f44b453c18120b1c1109d", + "refsource": "MISC", + "name": "https://github.com/OpenSIPS/opensips/commit/cb56694d290530ac308f44b453c18120b1c1109d" + } + ] + }, + "source": { + "advisory": "GHSA-qvj2-vqrg-f5jx", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2023/28xxx/CVE-2023-28450.json b/2023/28xxx/CVE-2023-28450.json new file mode 100644 index 00000000000..2d2edbb5ce7 --- /dev/null +++ b/2023/28xxx/CVE-2023-28450.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-28450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://thekelleys.org.uk/dnsmasq/doc.html", + "refsource": "MISC", + "name": "https://thekelleys.org.uk/dnsmasq/doc.html" + }, + { + "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5", + "refsource": "MISC", + "name": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5" + }, + { + "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG", + "refsource": "MISC", + "name": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=CHANGELOG" + }, + { + "url": "https://capec.mitre.org/data/definitions/495.html", + "refsource": "MISC", + "name": "https://capec.mitre.org/data/definitions/495.html" + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28451.json b/2023/28xxx/CVE-2023-28451.json new file mode 100644 index 00000000000..3abde35a438 --- /dev/null +++ b/2023/28xxx/CVE-2023-28451.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28451", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28452.json b/2023/28xxx/CVE-2023-28452.json new file mode 100644 index 00000000000..07ce2a3c05e --- /dev/null +++ b/2023/28xxx/CVE-2023-28452.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28452", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28453.json b/2023/28xxx/CVE-2023-28453.json new file mode 100644 index 00000000000..90ddbbfa943 --- /dev/null +++ b/2023/28xxx/CVE-2023-28453.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28453", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28454.json b/2023/28xxx/CVE-2023-28454.json new file mode 100644 index 00000000000..a3d13287583 --- /dev/null +++ b/2023/28xxx/CVE-2023-28454.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28454", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28455.json b/2023/28xxx/CVE-2023-28455.json new file mode 100644 index 00000000000..1cc52f10941 --- /dev/null +++ b/2023/28xxx/CVE-2023-28455.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28455", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28456.json b/2023/28xxx/CVE-2023-28456.json new file mode 100644 index 00000000000..97483b42c5e --- /dev/null +++ b/2023/28xxx/CVE-2023-28456.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28456", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28457.json b/2023/28xxx/CVE-2023-28457.json new file mode 100644 index 00000000000..2dbdabf47a3 --- /dev/null +++ b/2023/28xxx/CVE-2023-28457.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28457", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28458.json b/2023/28xxx/CVE-2023-28458.json new file mode 100644 index 00000000000..477225c6f44 --- /dev/null +++ b/2023/28xxx/CVE-2023-28458.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28458", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/28xxx/CVE-2023-28459.json b/2023/28xxx/CVE-2023-28459.json new file mode 100644 index 00000000000..2d18aab8744 --- /dev/null +++ b/2023/28xxx/CVE-2023-28459.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-28459", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file