From bd987dcbf564155aa12c69a1df1b3fe61d488ade Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 20 Oct 2023 21:00:41 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/0xxx/CVE-2023-0640.json | 7 ++- 2023/0xxx/CVE-2023-0641.json | 11 ++-- 2023/0xxx/CVE-2023-0646.json | 7 ++- 2023/0xxx/CVE-2023-0647.json | 7 ++- 2023/0xxx/CVE-2023-0648.json | 7 ++- 2023/0xxx/CVE-2023-0649.json | 7 ++- 2023/0xxx/CVE-2023-0650.json | 63 +++++++++++----------- 2023/0xxx/CVE-2023-0651.json | 7 ++- 2023/0xxx/CVE-2023-0658.json | 19 ++++--- 2023/0xxx/CVE-2023-0659.json | 7 ++- 2023/0xxx/CVE-2023-0663.json | 7 ++- 2023/0xxx/CVE-2023-0673.json | 11 ++-- 2023/0xxx/CVE-2023-0674.json | 7 ++- 2023/0xxx/CVE-2023-0675.json | 7 ++- 2023/0xxx/CVE-2023-0679.json | 11 ++-- 2023/0xxx/CVE-2023-0686.json | 11 ++-- 2023/0xxx/CVE-2023-0706.json | 7 ++- 2023/0xxx/CVE-2023-0707.json | 7 ++- 2023/0xxx/CVE-2023-0732.json | 7 ++- 2023/0xxx/CVE-2023-0758.json | 7 ++- 2023/0xxx/CVE-2023-0774.json | 7 ++- 2023/0xxx/CVE-2023-0781.json | 3 +- 2023/0xxx/CVE-2023-0782.json | 3 +- 2023/0xxx/CVE-2023-0783.json | 3 +- 2023/22xxx/CVE-2023-22025.json | 6 +-- 2023/22xxx/CVE-2023-22081.json | 6 +-- 2023/22xxx/CVE-2023-22091.json | 4 +- 2023/44xxx/CVE-2023-44487.json | 5 ++ 2023/45xxx/CVE-2023-45853.json | 5 ++ 2023/5xxx/CVE-2023-5681.json | 95 ++++++++++++++++++++++++++++++++-- 2023/5xxx/CVE-2023-5682.json | 95 ++++++++++++++++++++++++++++++++-- 2023/5xxx/CVE-2023-5692.json | 18 +++++++ 32 files changed, 326 insertions(+), 148 deletions(-) create mode 100644 2023/5xxx/CVE-2023-5692.json diff --git a/2023/0xxx/CVE-2023-0640.json b/2023/0xxx/CVE-2023-0640.json index b395d55af2a..d2c37d0854b 100644 --- a/2023/0xxx/CVE-2023-0640.json +++ b/2023/0xxx/CVE-2023-0640.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "3.04b01", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.04b01" } ] } @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 8.3, - "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C", - "baseSeverity": "HIGH" + "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C" } ] } diff --git a/2023/0xxx/CVE-2023-0641.json b/2023/0xxx/CVE-2023-0641.json index 34389881588..52a89995d44 100644 --- a/2023/0xxx/CVE-2023-0641.json +++ b/2023/0xxx/CVE-2023-0641.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirements. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220021 was assigned to this vulnerability." + "value": "A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirements. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220021 was assigned to this vulnerability." }, { "lang": "deu", - "value": "In PHPGurukul Employee Leaves Management System 1.0 wurde eine problematische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei changepassword.php. Durch Beeinflussen des Arguments newpassword/confirmpassword mit unbekannten Daten kann eine weak password requirements-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "In PHPGurukul Employee Leaves Management System 1.0 wurde eine problematische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei changepassword.php. Durch Beeinflussen des Arguments newpassword/confirmpassword mit unbekannten Daten kann eine weak password requirements-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 2.6, - "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", - "baseSeverity": "LOW" + "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ] } diff --git a/2023/0xxx/CVE-2023-0646.json b/2023/0xxx/CVE-2023-0646.json index 1a83db38c1c..cb7129eebef 100644 --- a/2023/0xxx/CVE-2023-0646.json +++ b/2023/0xxx/CVE-2023-0646.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.5.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.5.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0647.json b/2023/0xxx/CVE-2023-0647.json index 215f87eb400..e8b7d92c564 100644 --- a/2023/0xxx/CVE-2023-0647.json +++ b/2023/0xxx/CVE-2023-0647.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.5.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.5.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0648.json b/2023/0xxx/CVE-2023-0648.json index 272941ac2cb..fc6ad1fe6bd 100644 --- a/2023/0xxx/CVE-2023-0648.json +++ b/2023/0xxx/CVE-2023-0648.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.5.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.5.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0649.json b/2023/0xxx/CVE-2023-0649.json index ba772d53b48..56a6272ebce 100644 --- a/2023/0xxx/CVE-2023-0649.json +++ b/2023/0xxx/CVE-2023-0649.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.5.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.5.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0650.json b/2023/0xxx/CVE-2023-0650.json index 80c867892f9..b43842963c8 100644 --- a/2023/0xxx/CVE-2023-0650.json +++ b/2023/0xxx/CVE-2023-0650.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. This issue affects some unknown processing of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.12 is able to address this issue. The name of the patch is a1442a2bacc3335461b44c250e81f8d99c60735f. It is recommended to upgrade the affected component. The identifier VDB-220037 was assigned to this vulnerability." + "value": "A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. This issue affects some unknown processing of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.12 is able to address this issue. The identifier of the patch is a1442a2bacc3335461b44c250e81f8d99c60735f. It is recommended to upgrade the affected component. The identifier VDB-220037 was assigned to this vulnerability." }, { "lang": "deu", @@ -44,52 +44,52 @@ "version": { "version_data": [ { - "version_value": "3.1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.0" }, { - "version_value": "3.1.1", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.1" }, { - "version_value": "3.1.2", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.2" }, { - "version_value": "3.1.3", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.3" }, { - "version_value": "3.1.4", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.4" }, { - "version_value": "3.1.5", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.5" }, { - "version_value": "3.1.6", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.6" }, { - "version_value": "3.1.7", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.7" }, { - "version_value": "3.1.8", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.8" }, { - "version_value": "3.1.9", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.9" }, { - "version_value": "3.1.10", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.10" }, { - "version_value": "3.1.11", - "version_affected": "=" + "version_affected": "=", + "version_value": "3.1.11" } ] } @@ -117,6 +117,11 @@ "refsource": "MISC", "name": "https://drive.google.com/drive/folders/1iJuhjLQy3QPIgKKgWUzEEfr_q0boaR00?usp=sharing" }, + { + "url": "https://github.com/YAFNET/YAFNET/security/advisories/GHSA-mg6p-jjff-7g5m", + "refsource": "MISC", + "name": "https://github.com/YAFNET/YAFNET/security/advisories/GHSA-mg6p-jjff-7g5m" + }, { "url": "https://github.com/YAFNET/YAFNET/commit/a1442a2bacc3335461b44c250e81f8d99c60735f", "refsource": "MISC", @@ -126,11 +131,6 @@ "url": "https://github.com/YAFNET/YAFNET/releases/tag/v3.1.12", "refsource": "MISC", "name": "https://github.com/YAFNET/YAFNET/releases/tag/v3.1.12" - }, - { - "url": "https://github.com/YAFNET/YAFNET/security/advisories/GHSA-mg6p-jjff-7g5m", - "refsource": "MISC", - "name": "https://github.com/YAFNET/YAFNET/security/advisories/GHSA-mg6p-jjff-7g5m" } ] }, @@ -161,8 +161,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/0xxx/CVE-2023-0651.json b/2023/0xxx/CVE-2023-0651.json index bf52aaa0ff6..f64ad9dcbdb 100644 --- a/2023/0xxx/CVE-2023-0651.json +++ b/2023/0xxx/CVE-2023-0651.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "0.1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "0.1.0" } ] } @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0658.json b/2023/0xxx/CVE-2023-0658.json index 624bf38e6fd..bada983e103 100644 --- a/2023/0xxx/CVE-2023-0658.json +++ b/2023/0xxx/CVE-2023-0658.json @@ -44,12 +44,12 @@ "version": { "version_data": [ { - "version_value": "2.1", - "version_affected": "=" + "version_affected": "=", + "version_value": "2.1" }, { - "version_value": "2.2", - "version_affected": "=" + "version_affected": "=", + "version_value": "2.2" } ] } @@ -59,12 +59,12 @@ "version": { "version_data": [ { - "version_value": "2.1", - "version_affected": "=" + "version_affected": "=", + "version_value": "2.1" }, { - "version_value": "2.2", - "version_affected": "=" + "version_affected": "=", + "version_value": "2.2" } ] } @@ -112,8 +112,7 @@ { "version": "2.0", "baseScore": 5, - "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N" } ] } diff --git a/2023/0xxx/CVE-2023-0659.json b/2023/0xxx/CVE-2023-0659.json index 9a59647bfd2..c14c5c97c70 100644 --- a/2023/0xxx/CVE-2023-0659.json +++ b/2023/0xxx/CVE-2023-0659.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "2.0.6314", - "version_affected": "=" + "version_affected": "=", + "version_value": "2.0.6314" } ] } @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 5, - "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N" } ] } diff --git a/2023/0xxx/CVE-2023-0663.json b/2023/0xxx/CVE-2023-0663.json index b116ade7af9..17ecd961826 100644 --- a/2023/0xxx/CVE-2023-0663.json +++ b/2023/0xxx/CVE-2023-0663.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "2.3.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "2.3.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 7.5, - "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "baseSeverity": "HIGH" + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0673.json b/2023/0xxx/CVE-2023-0673.json index 6c575ed1eae..8b228ef9618 100644 --- a/2023/0xxx/CVE-2023-0673.json +++ b/2023/0xxx/CVE-2023-0673.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/?p=products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-220195." + "value": "A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/?p=products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The associated identifier of this vulnerability is VDB-220195." }, { "lang": "deu", - "value": "In SourceCodester Online Eyewear Shop 1.0 wurde eine kritische Schwachstelle entdeckt. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei oews/?p=products/view_product.php. Durch Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen." + "value": "In SourceCodester Online Eyewear Shop 1.0 wurde eine kritische Schwachstelle entdeckt. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei oews/?p=products/view_product.php. Durch Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar." } ] }, @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0" } ] } @@ -97,8 +97,7 @@ { "version": "2.0", "baseScore": 4.6, - "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0674.json b/2023/0xxx/CVE-2023-0674.json index 9aef5369f63..614a077f13d 100644 --- a/2023/0xxx/CVE-2023-0674.json +++ b/2023/0xxx/CVE-2023-0674.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "2.3.1", - "version_affected": "=" + "version_affected": "=", + "version_value": "2.3.1" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 5, - "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ] } diff --git a/2023/0xxx/CVE-2023-0675.json b/2023/0xxx/CVE-2023-0675.json index d95b7e9f5ff..b96fdb092ad 100644 --- a/2023/0xxx/CVE-2023-0675.json +++ b/2023/0xxx/CVE-2023-0675.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "2.3.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "2.3.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0679.json b/2023/0xxx/CVE-2023-0679.json index 5f35b57ce99..9b28834c38b 100644 --- a/2023/0xxx/CVE-2023-0679.json +++ b/2023/0xxx/CVE-2023-0679.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file removeUser.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220220." + "value": "A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file removeUser.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220220." }, { "lang": "deu", - "value": "Eine kritische Schwachstelle wurde in SourceCodester Canteen Management System 1.0 ausgemacht. Davon betroffen ist unbekannter Code der Datei removeUser.php. Dank der Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "Eine kritische Schwachstelle wurde in SourceCodester Canteen Management System 1.0 ausgemacht. Davon betroffen ist unbekannter Code der Datei removeUser.php. Dank der Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 4.6, - "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0686.json b/2023/0xxx/CVE-2023-0686.json index 0f8d405d61d..bcd6da2724f 100644 --- a/2023/0xxx/CVE-2023-0686.json +++ b/2023/0xxx/CVE-2023-0686.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function update_cart of the file /oews/classes/Master.php?f=update_cart of the component HTTP POST Request Handler. The manipulation of the argument cart_id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-220245 was assigned to this vulnerability." + "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function update_cart of the file /oews/classes/Master.php?f=update_cart of the component HTTP POST Request Handler. The manipulation of the argument cart_id leads to sql injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The identifier VDB-220245 was assigned to this vulnerability." }, { "lang": "deu", - "value": "Es wurde eine Schwachstelle in SourceCodester Online Eyewear Shop 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Es betrifft die Funktion update_cart der Datei /oews/classes/Master.php?f=update_cart der Komponente HTTP POST Request Handler. Durch die Manipulation des Arguments cart_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen." + "value": "Es wurde eine Schwachstelle in SourceCodester Online Eyewear Shop 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Es betrifft die Funktion update_cart der Datei /oews/classes/Master.php?f=update_cart der Komponente HTTP POST Request Handler. Durch die Manipulation des Arguments cart_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen." } ] }, @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0" } ] } @@ -97,8 +97,7 @@ { "version": "2.0", "baseScore": 4.6, - "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0706.json b/2023/0xxx/CVE-2023-0706.json index da26370a72a..22a382c1a75 100644 --- a/2023/0xxx/CVE-2023-0706.json +++ b/2023/0xxx/CVE-2023-0706.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0" } ] } @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0707.json b/2023/0xxx/CVE-2023-0707.json index 4d059728483..b8e7c79c1b5 100644 --- a/2023/0xxx/CVE-2023-0707.json +++ b/2023/0xxx/CVE-2023-0707.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0" } ] } @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 5.2, - "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0732.json b/2023/0xxx/CVE-2023-0732.json index b346e85802c..15f857c33f2 100644 --- a/2023/0xxx/CVE-2023-0732.json +++ b/2023/0xxx/CVE-2023-0732.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0" } ] } @@ -97,8 +97,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/0xxx/CVE-2023-0758.json b/2023/0xxx/CVE-2023-0758.json index da7710ff684..91ec6eca8f0 100644 --- a/2023/0xxx/CVE-2023-0758.json +++ b/2023/0xxx/CVE-2023-0758.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0.2", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0.2" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0774.json b/2023/0xxx/CVE-2023-0774.json index ba163370779..6cc94c678bb 100644 --- a/2023/0xxx/CVE-2023-0774.json +++ b/2023/0xxx/CVE-2023-0774.json @@ -44,8 +44,8 @@ "version": { "version_data": [ { - "version_value": "1.0", - "version_affected": "=" + "version_affected": "=", + "version_value": "1.0" } ] } @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 7.5, - "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "baseSeverity": "HIGH" + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0781.json b/2023/0xxx/CVE-2023-0781.json index 7919439507f..97f32c7e07f 100644 --- a/2023/0xxx/CVE-2023-0781.json +++ b/2023/0xxx/CVE-2023-0781.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/0xxx/CVE-2023-0782.json b/2023/0xxx/CVE-2023-0782.json index 3687cff52d2..65071996d74 100644 --- a/2023/0xxx/CVE-2023-0782.json +++ b/2023/0xxx/CVE-2023-0782.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 8.3, - "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C", - "baseSeverity": "HIGH" + "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C" } ] } diff --git a/2023/0xxx/CVE-2023-0783.json b/2023/0xxx/CVE-2023-0783.json index 157f5ac675b..54ba00af2d9 100644 --- a/2023/0xxx/CVE-2023-0783.json +++ b/2023/0xxx/CVE-2023-0783.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 5.8, - "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P" } ] } diff --git a/2023/22xxx/CVE-2023-22025.json b/2023/22xxx/CVE-2023-22025.json index 297efb5083b..be424ee7c83 100644 --- a/2023/22xxx/CVE-2023-22025.json +++ b/2023/22xxx/CVE-2023-22025.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)." + "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8 and 21. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)." } ] }, @@ -48,7 +48,7 @@ }, { "version_affected": "=", - "version_value": "Oracle Java SE:20.0.2" + "version_value": "Oracle Java SE:21" }, { "version_affected": "=", @@ -56,7 +56,7 @@ }, { "version_affected": "=", - "version_value": "Oracle GraalVM for JDK:20.0.2" + "version_value": "Oracle GraalVM for JDK:21" } ] } diff --git a/2023/22xxx/CVE-2023-22081.json b/2023/22xxx/CVE-2023-22081.json index b31e0a1e98e..8d2273d03f6 100644 --- a/2023/22xxx/CVE-2023-22081.json +++ b/2023/22xxx/CVE-2023-22081.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2; Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." + "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8 and 21. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." } ] }, @@ -56,7 +56,7 @@ }, { "version_affected": "=", - "version_value": "Oracle Java SE:20.0.2" + "version_value": "Oracle Java SE:21" }, { "version_affected": "=", @@ -64,7 +64,7 @@ }, { "version_affected": "=", - "version_value": "Oracle GraalVM for JDK:20.0.2" + "version_value": "Oracle GraalVM for JDK:21" } ] } diff --git a/2023/22xxx/CVE-2023-22091.json b/2023/22xxx/CVE-2023-22091.json index 3acdd987a39..fb78122ed10 100644 --- a/2023/22xxx/CVE-2023-22091.json +++ b/2023/22xxx/CVE-2023-22091.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.8 and 20.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GraalVM for JDK accessible data as well as unauthorized read access to a subset of Oracle GraalVM for JDK accessible data. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)." + "value": "Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.8 and 21. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle GraalVM for JDK accessible data as well as unauthorized read access to a subset of Oracle GraalVM for JDK accessible data. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)." } ] }, @@ -44,7 +44,7 @@ }, { "version_affected": "=", - "version_value": "Oracle GraalVM for JDK:20.0.2" + "version_value": "Oracle GraalVM for JDK:21" } ] } diff --git a/2023/44xxx/CVE-2023-44487.json b/2023/44xxx/CVE-2023-44487.json index db06617c8c5..270cea109f3 100644 --- a/2023/44xxx/CVE-2023-44487.json +++ b/2023/44xxx/CVE-2023-44487.json @@ -591,6 +591,11 @@ "refsource": "FEDORA", "name": "FEDORA-2023-5ff7bf1dd8", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations", + "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8" } ] } diff --git a/2023/45xxx/CVE-2023-45853.json b/2023/45xxx/CVE-2023-45853.json index 6a38f40e55c..bd65e95144a 100644 --- a/2023/45xxx/CVE-2023-45853.json +++ b/2023/45xxx/CVE-2023-45853.json @@ -76,6 +76,11 @@ "refsource": "MISC", "name": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356", "url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20231020 CVE-2023-45853: overflows in MiniZip in zlib through 1.3", + "url": "http://www.openwall.com/lists/oss-security/2023/10/20/9" } ] } diff --git a/2023/5xxx/CVE-2023-5681.json b/2023/5xxx/CVE-2023-5681.json index ce21fba8644..9c2745c265f 100644 --- a/2023/5xxx/CVE-2023-5681.json +++ b/2023/5xxx/CVE-2023-5681.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5681", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/list_addr_fwresource_ip.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-243057 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in Netentsec NS-ASG Application Security Gateway 6.3 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /admin/list_addr_fwresource_ip.php. Dank Manipulation mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Netentsec", + "product": { + "product_data": [ + { + "product_name": "NS-ASG Application Security Gateway", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.243057", + "refsource": "MISC", + "name": "https://vuldb.com/?id.243057" + }, + { + "url": "https://vuldb.com/?ctiid.243057", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.243057" + }, + { + "url": "https://github.com/Wsecpro/cve1/blob/main/NS-ASG-sql-list_addr_fwresource_ip.md", + "refsource": "MISC", + "name": "https://github.com/Wsecpro/cve1/blob/main/NS-ASG-sql-list_addr_fwresource_ip.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "wanghuijie166389 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.7, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 4.7, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.8, + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5682.json b/2023/5xxx/CVE-2023-5682.json index 8c882b01f19..56f22638ff1 100644 --- a/2023/5xxx/CVE-2023-5682.json +++ b/2023/5xxx/CVE-2023-5682.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-5682", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/training/record/delete.php. The manipulation of the argument RECORD_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-243058 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "deu", + "value": "In Tongda OA 2017 wurde eine kritische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei general/hr/training/record/delete.php. Mit der Manipulation des Arguments RECORD_ID mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 11.10 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tongda", + "product": { + "product_data": [ + { + "product_name": "OA", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2017" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.243058", + "refsource": "MISC", + "name": "https://vuldb.com/?id.243058" + }, + { + "url": "https://vuldb.com/?ctiid.243058", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.243058" + }, + { + "url": "https://github.com/Godfather-onec/cve/blob/main/sql.md", + "refsource": "MISC", + "name": "https://github.com/Godfather-onec/cve/blob/main/sql.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "r0sec001 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.5, + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 5.5, + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.2, + "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5692.json b/2023/5xxx/CVE-2023-5692.json new file mode 100644 index 00000000000..d0d9be32fa6 --- /dev/null +++ b/2023/5xxx/CVE-2023-5692.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-5692", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file