Auto-Update: 2023-12-09T00:55:17.980019+00:00

2025-07-09 16:05:11 +00:00 · 2023-12-09 00:55:21 +00:00 · 2023-12-09 00:55:21 +00:00 · 1296014400
commit 1296014400
parent 49a14199ea
5 changed files with 261 additions and 23 deletions
--- a/CVE-2023/CVE-2023-497xx/CVE-2023-49798.json
+++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49798.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-49798",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-12-09T00:15:06.920",
+  "lastModified": "2023-12-09T00:15:06.920",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "OpenZeppelin Contracts is a library for smart contract development. A merge issue when porting the 5.0.1 patch to the 4.9 branch caused a line duplication. In the version of `Multicall.sol` released in `@openzeppelin/contracts@4.9.4` and `@openzeppelin/contracts-upgradeable@4.9.4`, all subcalls are executed twice. Concretely, this exposes a user to unintentionally duplicate operations like asset transfers. The duplicated delegatecall was removed in version 4.9.5. The 4.9.4 version is marked as deprecated. Users are advised to upgrade. There are no known workarounds for this issue."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-670"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/commit/88ac712e06832bce73b41e8166cded2729e25205",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-699g-q6qh-q4v8",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-497xx/CVE-2023-49799.json
+++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49799.json
@ -0,0 +1,71 @@
+{
+  "id": "CVE-2023-49799",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-12-09T00:15:07.393",
+  "lastModified": "2023-12-09T00:15:07.393",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "`nuxt-api-party` is an open source module to proxy API requests. nuxt-api-party attempts to check if the user has passed an absolute URL to prevent the aforementioned attack. This has been recently changed to use the regular expression `^https?://`, however this regular expression can be bypassed by an absolute URL with leading whitespace. For example `\\nhttps://whatever.com` which has a leading newline. According to the fetch specification, before a fetch is made the URL is normalized. \"To normalize a byte sequence potentialValue, remove any leading and trailing HTTP whitespace bytes from potentialValue.\". This means the final request will be normalized to `https://whatever.com` bypassing the check and nuxt-api-party will send a request outside of the whitelist. This could allow us to leak credentials or perform Server-Side Request Forgery (SSRF). This vulnerability has been addressed in version 0.22.1. Users are advised to upgrade. Users unable to upgrade should revert to the previous method of detecting absolute URLs."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-918"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://fetch.spec.whatwg.org/",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://fetch.spec.whatwg.org/#http-whitespace-byte",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/johannschopplich/nuxt-api-party/blob/777462e1e3af1d9f8938aa33f230cd8cb6e0cc9a/src/runtime/server/handler.ts#L31",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/johannschopplich/nuxt-api-party/security/advisories/GHSA-3wfp-253j-5jxv",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://infra.spec.whatwg.org/#byte-sequence",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-498xx/CVE-2023-49800.json
+++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49800.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-49800",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-12-09T00:15:07.653",
+  "lastModified": "2023-12-09T00:15:07.653",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "`nuxt-api-party` is an open source module to proxy API requests. The library allows the user to send many options directly to `ofetch`. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directly from the request body. A malicious user can construct a URL known  to not fetch successfully, then set the retry attempts to a high value, this will cause a stack overflow as ofetch error handling works recursively resulting in a denial of service. This issue has been addressed in version 0.22.1. Users are advised to upgrade. Users unable to upgrade should limit ofetch options."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-400"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-674"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/johannschopplich/nuxt-api-party/security/advisories/GHSA-q6hx-3m4p-749h",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-65xx/CVE-2023-6560.json
+++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6560.json
@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-6560",
+  "sourceIdentifier": "secalert@redhat.com",
+  "published": "2023-12-09T00:15:07.877",
+  "lastModified": "2023-12-09T00:15:07.877",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "secalert@redhat.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "secalert@redhat.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-823"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://access.redhat.com/security/cve/CVE-2023-6560",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253249",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://patchwork.kernel.org/project/io-uring/patch/20231130194633.649319-2-axboe@kernel.dk/",
+      "source": "secalert@redhat.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-12-08T23:00:18.203287+00:00
+2023-12-09T00:55:17.980019+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-12-08T22:15:07.713000+00:00
+2023-12-09T00:15:07.877000+00:00
 ```

 ### Last Data Feed Release
@ -29,37 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-232643
+232647
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `4`

-* [CVE-2023-34320](CVE-2023/CVE-2023-343xx/CVE-2023-34320.json) (`2023-12-08T21:15:07.353`)
-* [CVE-2023-6337](CVE-2023/CVE-2023-63xx/CVE-2023-6337.json) (`2023-12-08T22:15:07.713`)
+* [CVE-2023-49798](CVE-2023/CVE-2023-497xx/CVE-2023-49798.json) (`2023-12-09T00:15:06.920`)
+* [CVE-2023-49799](CVE-2023/CVE-2023-497xx/CVE-2023-49799.json) (`2023-12-09T00:15:07.393`)
+* [CVE-2023-49800](CVE-2023/CVE-2023-498xx/CVE-2023-49800.json) (`2023-12-09T00:15:07.653`)
+* [CVE-2023-6560](CVE-2023/CVE-2023-65xx/CVE-2023-6560.json) (`2023-12-09T00:15:07.877`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `16`
+Recently modified CVEs: `0`

-* [CVE-2014-125075](CVE-2014/CVE-2014-1250xx/CVE-2014-125075.json) (`2023-12-08T21:24:26.043`)
-* [CVE-2014-125101](CVE-2014/CVE-2014-1251xx/CVE-2014-125101.json) (`2023-12-08T21:27:02.623`)
-* [CVE-2015-10092](CVE-2015/CVE-2015-100xx/CVE-2015-10092.json) (`2023-12-08T21:29:35.770`)
-* [CVE-2017-20172](CVE-2017/CVE-2017-201xx/CVE-2017-20172.json) (`2023-12-08T21:31:12.723`)
-* [CVE-2020-23804](CVE-2020/CVE-2020-238xx/CVE-2020-23804.json) (`2023-12-08T21:04:59.190`)
-* [CVE-2022-30122](CVE-2022/CVE-2022-301xx/CVE-2022-30122.json) (`2023-12-08T22:15:07.127`)
-* [CVE-2022-30123](CVE-2022/CVE-2022-301xx/CVE-2022-30123.json) (`2023-12-08T22:15:07.257`)
-* [CVE-2022-44570](CVE-2022/CVE-2022-445xx/CVE-2022-44570.json) (`2023-12-08T22:15:07.350`)
-* [CVE-2022-44571](CVE-2022/CVE-2022-445xx/CVE-2022-44571.json) (`2023-12-08T22:15:07.447`)
-* [CVE-2022-44572](CVE-2022/CVE-2022-445xx/CVE-2022-44572.json) (`2023-12-08T22:15:07.523`)
-* [CVE-2023-45463](CVE-2023/CVE-2023-454xx/CVE-2023-45463.json) (`2023-12-08T21:01:43.550`)
-* [CVE-2023-49284](CVE-2023/CVE-2023-492xx/CVE-2023-49284.json) (`2023-12-08T21:15:07.433`)
-* [CVE-2023-3085](CVE-2023/CVE-2023-30xx/CVE-2023-3085.json) (`2023-12-08T21:16:21.743`)
-* [CVE-2023-21911](CVE-2023/CVE-2023-219xx/CVE-2023-21911.json) (`2023-12-08T21:17:44.963`)
-* [CVE-2023-21919](CVE-2023/CVE-2023-219xx/CVE-2023-21919.json) (`2023-12-08T21:18:54.210`)
-* [CVE-2023-27530](CVE-2023/CVE-2023-275xx/CVE-2023-27530.json) (`2023-12-08T22:15:07.603`)


 ## Download and Usage