admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-04T02:00:25.066418+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-04 02:00:29 +00:00
parent c0d13dea7c
commit 0163c1faf6
42 changed files with 660 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
CVE-2022/CVE-2022-224xx/CVE-2022-22447.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-22447",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T00:15:11.293",
"lastModified": "2023-10-04T00:15:11.293",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security misconfigurations that could disclose unintended information. IBM X-Force ID: 224648."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/224648",
"source": "psirt@us.ibm.com"
},
{
"url": "https://https://www.ibm.com/support/pages/node/7042313",
"source": "psirt@us.ibm.com"
}
]
}

6
CVE-2022/CVE-2022-462xx/CVE-2022-46285.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46285",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-02-07T19:15:09.147",
"lastModified": "2023-10-03T18:15:10.050",
"lastModified": "2023-10-04T00:15:11.413",
"vulnStatus": "Modified",
"descriptions": [
{
@ -69,6 +69,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/1",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/10",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160092",
"source": "secalert@redhat.com",

70
CVE-2023/CVE-2023-201xx/CVE-2023-20179.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20179",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-27T18:15:10.987",
"lastModified": "2023-09-27T18:31:27.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T01:53:00.463",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content.\r\n\r This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco Catalyst SD-WAN Manager, anteriormente Cisco SD-WAN vManage, podr\u00eda permitir que un atacante remoto autenticado inyecte contenido HTML. Esta vulnerabilidad se debe a una validaci\u00f3n inadecuada de los datos proporcionados por el usuario en los campos de elementos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando contenido malicioso dentro de las solicitudes y persuadiendo a un usuario para que vea una p\u00e1gina que contenga contenido inyectado. Un exploit exitoso podr\u00eda permitir al atacante modificar p\u00e1ginas dentro de la interfaz de administraci\u00f3n basada en web, lo que posiblemente generar\u00eda m\u00e1s ataques basados en el navegador contra los usuarios de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.6.6",
"matchCriteriaId": "24F12886-47A6-42A3-8408-5F0CEC98ECB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"versionStartIncluding": "20.7",
"versionEndExcluding": "20.10",
"matchCriteriaId": "1DE03263-AA9C-4717-AF0B-33A5852623FE"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-3ZKh8d6x",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-202xx/CVE-2023-20252.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20252",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-27T18:15:11.553",
"lastModified": "2023-09-27T18:31:27.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T01:44:44.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user.\r\n\r This vulnerability is due to improper authentication checks for SAML APIs. An attacker could exploit this vulnerability by sending requests directly to the SAML API. A successful exploit could allow the attacker to generate an authorization token sufficient to gain access to the application."
},
{
"lang": "es",
"value": "Una vulnerabilidad en las API del Security Assertion Markup Language (SAML) del software Cisco Catalyst SD-WAN Manager podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso no autorizado a la aplicaci\u00f3n como un usuario arbitrario. Esta vulnerabilidad se debe a comprobaciones de autenticaci\u00f3n incorrectas para las API de SAML. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes directamente a la API SAML. Un exploit exitoso podr\u00eda permitir al atacante generar un token de autorizaci\u00f3n suficiente para obtener acceso a la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,47 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "055A0645-4E95-4812-8ACF-5A95ACDCE083"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.11.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5256909B-94BF-4409-96F6-0013F528ED37"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

22
CVE-2023/CVE-2023-205xx/CVE-2023-20588.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20588",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-08-08T18:15:11.653",
"lastModified": "2023-10-03T02:15:09.110",
"lastModified": "2023-10-04T00:15:11.497",
"vulnStatus": "Modified",
"descriptions": [
{
@ -942,6 +942,26 @@
"url": "http://www.openwall.com/lists/oss-security/2023/09/27/1",
"source": "psirt@amd.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/12",
"source": "psirt@amd.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/13",
"source": "psirt@amd.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/14",
"source": "psirt@amd.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/15",
"source": "psirt@amd.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/9",
"source": "psirt@amd.com"
},
{
"url": "http://xenbits.xen.org/xsa/advisory-439.html",
"source": "psirt@amd.com"

22
CVE-2023/CVE-2023-222xx/CVE-2023-22283.json
View File

@ -2,18 +2,18 @@
"id": "CVE-2023-22283",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2023-02-01T18:15:10.727",
"lastModified": "2023-02-09T15:00:29.360",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-04T00:15:11.743",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires administrative privileges for modifying the files in the trusted search path. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
"value": "On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacker requires administrative privileges for modifying the files in the trusted search path. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "f5sirt@f5.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -33,30 +33,30 @@
"impactScore": 5.9
},
{
"source": "f5sirt@f5.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.3,
"exploitabilityScore": 0.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "f5sirt@f5.com",
"type": "Primary",
"description": [
{
@ -66,7 +66,7 @@
]
},
{
"source": "f5sirt@f5.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{

61
CVE-2023/CVE-2023-262xx/CVE-2023-26218.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-26218",
"sourceIdentifier": "security@tibco.com",
"published": "2023-09-29T18:15:09.687",
"lastModified": "2023-09-29T18:22:47.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T01:37:39.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts targeting the affected system or the victim's local system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Nimbus: versions 10.6.0 and below.\n\n"
},
{
"lang": "es",
"value": "El componente de cliente web de TIBCO Nimbus de TIBCO Software Inc. contiene vulnerabilidades de Cross Site Scripting (XSS) reflejada f\u00e1cilmente explotables que permiten a un atacante con pocos privilegios realizar ingenier\u00eda social a un usuario leg\u00edtimo con acceso a la red para ejecutar scripts dirigidos al sistema afectado o al sistema local de la v\u00edctima. Un ataque exitoso que utilice esta vulnerabilidad requiere la interacci\u00f3n humana de una persona distinta del atacante. Las versiones afectadas son TIBCO Nimbus de TIBCO Software Inc.: versiones 10.6.0 e inferiores."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "security@tibco.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@tibco.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tibco:nimbus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.6.1",
"matchCriteriaId": "E0515064-C408-4345-8EB8-2AA11EBFDD47"
}
]
}
]
}
],
"references": [
{
"url": "https://www.tibco.com/services/support/advisories",
"source": "security@tibco.com"
"source": "security@tibco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-332xx/CVE-2023-33268.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33268",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:09.953",
"lastModified": "2023-10-03T21:15:09.953",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33269.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33269",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.003",
"lastModified": "2023-10-03T21:15:10.003",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33270.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33270",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.050",
"lastModified": "2023-10-03T21:15:10.050",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33271.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33271",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.097",
"lastModified": "2023-10-03T21:15:10.097",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33272",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.143",
"lastModified": "2023-10-03T21:15:10.143",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33273",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.193",
"lastModified": "2023-10-03T21:15:10.193",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-359xx/CVE-2023-35905.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-35905",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T01:15:50.950",
"lastModified": "2023-10-04T01:15:50.950",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM FileNet Content Manager 5.5.8, 5.5.10, and 5.5.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 259384."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259384",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7014389",
"source": "psirt@us.ibm.com"
}
]
}

10
CVE-2023/CVE-2023-394xx/CVE-2023-39417.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-39417",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-11T13:15:09.870",
"lastModified": "2023-09-15T14:15:10.750",
"lastModified": "2023-10-04T00:15:11.890",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser."
},
{
"lang": "es",
"value": "EN EL SCRIPT DE EXTENSI\u00d3N, se encontr\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en PostgreSQL si usa @extowner@, @extschema@ o @extschema:...@ dentro de una construcci\u00f3n de cotizaci\u00f3n (cotizaci\u00f3n en d\u00f3lares, '' o \"\"). Si un administrador ha instalado archivos de una extensi\u00f3n vulnerable, de confianza y no empaquetada, un atacante con privilegios CREATE de nivel de base de datos puede ejecutar c\u00f3digo arbitrario como superusuario de arranque."
}
],
"metrics": {
@ -154,6 +158,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00003.html",
"source": "secalert@redhat.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230915-0002/",
"source": "secalert@redhat.com"

4
CVE-2023/CVE-2023-396xx/CVE-2023-39645.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39645",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.240",
"lastModified": "2023-10-03T22:15:09.877",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-396xx/CVE-2023-39646.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39646",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T22:15:10.263",
"lastModified": "2023-10-03T22:15:10.263",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-396xx/CVE-2023-39647.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39647",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T23:15:09.380",
"lastModified": "2023-10-03T23:15:09.380",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-396xx/CVE-2023-39648.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39648",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T22:15:10.323",
"lastModified": "2023-10-03T22:15:10.323",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-396xx/CVE-2023-39649.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39649",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T22:15:10.367",
"lastModified": "2023-10-03T22:15:10.367",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-396xx/CVE-2023-39651.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39651",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T22:15:10.417",
"lastModified": "2023-10-03T22:15:10.417",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-405xx/CVE-2023-40519.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40519",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.283",
"lastModified": "2023-10-03T21:15:10.283",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-408xx/CVE-2023-40830.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40830",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T20:15:09.967",
"lastModified": "2023-10-03T20:15:09.967",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-431xx/CVE-2023-43176.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43176",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.330",
"lastModified": "2023-10-03T21:15:10.330",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

80
CVE-2023/CVE-2023-436xx/CVE-2023-43655.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-43655",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-29T20:15:09.987",
"lastModified": "2023-09-30T01:57:32.760",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T01:46:28.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has `register_argc_argv` enabled in php.ini. Versions 2.6.4, 2.2.22 and 1.10.27 patch this vulnerability. Users are advised to upgrade. Users unable to upgrade should make sure `register_argc_argv` is disabled in php.ini, and avoid publishing composer.phar to the web as this is not best practice.\n"
},
{
"lang": "es",
"value": "Composer es un administrador de dependencias para PHP. Los usuarios que publican un composer.phar en un servidor p\u00fablico accesible desde la web donde se puede ejecutar el composer.phar como un archivo php pueden estar sujetos a una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo si PHP tambi\u00e9n tiene `register_argc_argv` habilitado en php.ini. Las versiones 2.6.4, 2.2.22 y 1.10.27 corrigen esta vulnerabilidad. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben asegurarse de que `register_argc_argv` est\u00e9 deshabilitado en php.ini y evitar publicar composer.phar en la web, ya que esta no es la mejor pr\u00e1ctica."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +70,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.10.27",
"matchCriteriaId": "66CB8B8A-9709-486A-BFA5-B92C4A11FA03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.2.21",
"matchCriteriaId": "BFF216E8-6DB2-42E3-8AC8-A3F09E295E5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "2.6.4",
"matchCriteriaId": "23A42BAC-CC39-4A97-9A3B-60654E18A061"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/composer/composer/commit/4fce14795aba98e40b6c4f5047305aba17a6120d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/composer/composer/commit/955a48e6319c8962e5cd421b07c00ab3c728968c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/composer/composer/commit/95e091c921037b7b6564942845e7b738f6b95c9c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/composer/composer/security/advisories/GHSA-jm6m-4632-36hf",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

22
CVE-2023/CVE-2023-437xx/CVE-2023-43740.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43740",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-28T21:15:10.110",
"lastModified": "2023-10-02T12:47:45.410",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-04T00:15:11.980",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -41,26 +41,26 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
@ -70,7 +70,7 @@
]
},
{
"source": "help@fluidattacks.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{

4
CVE-2023/CVE-2023-438xx/CVE-2023-43898.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43898",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.440",
"lastModified": "2023-10-03T21:15:10.440",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-439xx/CVE-2023-43951.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43951",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.487",
"lastModified": "2023-10-03T21:15:10.487",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-439xx/CVE-2023-43952.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43952",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.533",
"lastModified": "2023-10-03T21:15:10.533",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-439xx/CVE-2023-43953.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43953",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.573",
"lastModified": "2023-10-03T21:15:10.573",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-439xx/CVE-2023-43976.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43976",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T19:15:09.677",
"lastModified": "2023-10-03T19:15:09.677",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-449xx/CVE-2023-44973.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44973",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.617",
"lastModified": "2023-10-03T21:15:10.617",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-449xx/CVE-2023-44974.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44974",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.660",
"lastModified": "2023-10-03T21:15:10.660",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

10
CVE-2023/CVE-2023-48xx/CVE-2023-4806.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4806",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-18T17:15:55.813",
"lastModified": "2023-10-03T21:15:10.707",
"lastModified": "2023-10-04T00:15:12.080",
"vulnStatus": "Modified",
"descriptions": [
{
@ -121,6 +121,14 @@
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/5",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/6",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4806",
"source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-48xx/CVE-2023-4813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4813",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-12T22:15:08.277",
"lastModified": "2023-09-20T19:01:00.167",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-04T00:15:12.163",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -124,6 +124,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4813",
"source": "secalert@redhat.com",

4
CVE-2023/CVE-2023-49xx/CVE-2023-4911.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4911",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-03T18:15:10.463",
"lastModified": "2023-10-03T22:15:10.473",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

28
CVE-2023/CVE-2023-51xx/CVE-2023-5111.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5111",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-30T23:15:40.377",
"lastModified": "2023-10-02T20:25:54.513",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-04T00:15:12.257",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -41,26 +41,26 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
@ -70,7 +70,7 @@
]
},
{
"source": "help@fluidattacks.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{

10
CVE-2023/CVE-2023-51xx/CVE-2023-5156.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5156",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-25T16:15:15.613",
"lastModified": "2023-10-03T21:15:10.857",
"lastModified": "2023-10-04T00:15:12.353",
"vulnStatus": "Modified",
"descriptions": [
{
@ -117,6 +117,14 @@
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/5",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/6",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5156",
"source": "secalert@redhat.com",

99
CVE-2023/CVE-2023-52xx/CVE-2023-5207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5207",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-30T09:15:14.933",
"lastModified": "2023-10-01T03:02:09.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T01:55:31.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -50,18 +80,77 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.2.8",
"matchCriteriaId": "F6BEB145-6709-4993-837A-2B34438CFEA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.2.8",
"matchCriteriaId": "69D101D1-BBDD-4EC6-9891-4684D3FB8F26"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.3.0",
"versionEndExcluding": "16.3.5",
"matchCriteriaId": "50271B2B-7070-4ED0-AB68-65B99D44A68A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.3.0",
"versionEndExcluding": "16.3.5",
"matchCriteriaId": "CC5696C9-592A-4D50-B5BB-9A250DAB6589"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.4.0:*:*:*:community:*:*:*",
"matchCriteriaId": "B5D4FDD1-7A68-4245-A4D5-842E4FD03FAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.4.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "6696C987-61C1-462E-8A73-016F9902BC67"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425604",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425857",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://hackerone.com/reports/2174141",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Permissions Required"
]
}
]
}

10
CVE-2023/CVE-2023-52xx/CVE-2023-5217.json
View File

@ -2,8 +2,12 @@
"id": "CVE-2023-5217",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-28T16:15:10.980",
"lastModified": "2023-10-02T15:15:15.200",
"lastModified": "2023-10-04T00:15:12.427",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-10-02",
"cisaActionDue": "2023-10-23",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Google Chrome libvpx Heap Buffer Overflow Vulnerability",
"descriptions": [
{
"lang": "en",
@ -195,6 +199,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/10/02/6",
"source": "chrome-cve-admin@google.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/11",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/",
"source": "chrome-cve-admin@google.com"

4
CVE-2023/CVE-2023-52xx/CVE-2023-5255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5255",
"sourceIdentifier": "security@puppet.com",
"published": "2023-10-03T18:15:10.577",
"lastModified": "2023-10-03T23:15:09.440",
"vulnStatus": "Received",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

50
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-03T23:55:24.123835+00:00
2023-10-04T02:00:25.066418+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-03T23:15:09.440000+00:00
2023-10-04T01:55:31.953000+00:00
```
### Last Data Feed Release
@ -23,36 +23,52 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-10-03T00:00:13.550139+00:00
2023-10-04T00:00:13.549908+00:00
```
### Total Number of included CVEs
```plain
226918
226920
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `2`
* [CVE-2023-39646](CVE-2023/CVE-2023-396xx/CVE-2023-39646.json) (`2023-10-03T22:15:10.263`)
* [CVE-2023-39648](CVE-2023/CVE-2023-396xx/CVE-2023-39648.json) (`2023-10-03T22:15:10.323`)
* [CVE-2023-39649](CVE-2023/CVE-2023-396xx/CVE-2023-39649.json) (`2023-10-03T22:15:10.367`)
* [CVE-2023-39651](CVE-2023/CVE-2023-396xx/CVE-2023-39651.json) (`2023-10-03T22:15:10.417`)
* [CVE-2023-39647](CVE-2023/CVE-2023-396xx/CVE-2023-39647.json) (`2023-10-03T23:15:09.380`)
* [CVE-2022-22447](CVE-2022/CVE-2022-224xx/CVE-2022-22447.json) (`2023-10-04T00:15:11.293`)
* [CVE-2023-35905](CVE-2023/CVE-2023-359xx/CVE-2023-35905.json) (`2023-10-04T01:15:50.950`)
### CVEs modified in the last Commit
Recently modified CVEs: `6`
Recently modified CVEs: `39`
* [CVE-2023-39645](CVE-2023/CVE-2023-396xx/CVE-2023-39645.json) (`2023-10-03T22:15:09.877`)
* [CVE-2023-4911](CVE-2023/CVE-2023-49xx/CVE-2023-4911.json) (`2023-10-03T22:15:10.473`)
* [CVE-2023-5169](CVE-2023/CVE-2023-51xx/CVE-2023-5169.json) (`2023-10-03T22:15:10.547`)
* [CVE-2023-5171](CVE-2023/CVE-2023-51xx/CVE-2023-5171.json) (`2023-10-03T22:15:10.653`)
* [CVE-2023-5176](CVE-2023/CVE-2023-51xx/CVE-2023-5176.json) (`2023-10-03T22:15:10.717`)
* [CVE-2023-5255](CVE-2023/CVE-2023-52xx/CVE-2023-5255.json) (`2023-10-03T23:15:09.440`)
* [CVE-2023-43898](CVE-2023/CVE-2023-438xx/CVE-2023-43898.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-43951](CVE-2023/CVE-2023-439xx/CVE-2023-43951.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-43952](CVE-2023/CVE-2023-439xx/CVE-2023-43952.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-43953](CVE-2023/CVE-2023-439xx/CVE-2023-43953.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-44973](CVE-2023/CVE-2023-449xx/CVE-2023-44973.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-44974](CVE-2023/CVE-2023-449xx/CVE-2023-44974.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-39646](CVE-2023/CVE-2023-396xx/CVE-2023-39646.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-39648](CVE-2023/CVE-2023-396xx/CVE-2023-39648.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-39649](CVE-2023/CVE-2023-396xx/CVE-2023-39649.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-39651](CVE-2023/CVE-2023-396xx/CVE-2023-39651.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-39647](CVE-2023/CVE-2023-396xx/CVE-2023-39647.json) (`2023-10-03T23:55:59.983`)
* [CVE-2023-20588](CVE-2023/CVE-2023-205xx/CVE-2023-20588.json) (`2023-10-04T00:15:11.497`)
* [CVE-2023-22283](CVE-2023/CVE-2023-222xx/CVE-2023-22283.json) (`2023-10-04T00:15:11.743`)
* [CVE-2023-39417](CVE-2023/CVE-2023-394xx/CVE-2023-39417.json) (`2023-10-04T00:15:11.890`)
* [CVE-2023-43740](CVE-2023/CVE-2023-437xx/CVE-2023-43740.json) (`2023-10-04T00:15:11.980`)
* [CVE-2023-4806](CVE-2023/CVE-2023-48xx/CVE-2023-4806.json) (`2023-10-04T00:15:12.080`)
* [CVE-2023-4813](CVE-2023/CVE-2023-48xx/CVE-2023-4813.json) (`2023-10-04T00:15:12.163`)
* [CVE-2023-5111](CVE-2023/CVE-2023-51xx/CVE-2023-5111.json) (`2023-10-04T00:15:12.257`)
* [CVE-2023-5156](CVE-2023/CVE-2023-51xx/CVE-2023-5156.json) (`2023-10-04T00:15:12.353`)
* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-10-04T00:15:12.427`)
* [CVE-2023-26218](CVE-2023/CVE-2023-262xx/CVE-2023-26218.json) (`2023-10-04T01:37:39.550`)
* [CVE-2023-20252](CVE-2023/CVE-2023-202xx/CVE-2023-20252.json) (`2023-10-04T01:44:44.877`)
* [CVE-2023-43655](CVE-2023/CVE-2023-436xx/CVE-2023-43655.json) (`2023-10-04T01:46:28.943`)
* [CVE-2023-20179](CVE-2023/CVE-2023-201xx/CVE-2023-20179.json) (`2023-10-04T01:53:00.463`)
* [CVE-2023-5207](CVE-2023/CVE-2023-52xx/CVE-2023-5207.json) (`2023-10-04T01:55:31.953`)
## Download and Usage