Auto-Update: 2023-08-23T08:00:31.897579+00:00

CVE-2023/CVE-2023-410xx/CVE-2023-41098.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-41098",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-23T06:15:07.950",
+  "lastModified": "2023-08-23T06:15:07.950",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in MISP 2.4.174. In app/Controller/DashboardsController.php, a reflected XSS issue exists via the id parameter upon a dashboard edit."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/MISP/MISP/commit/09fb0cba65eab9341e81f1cbebc2ae10be34a2b7",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-411xx/CVE-2023-41100.json

@@ -0,0 +1,43 @@
+{
+  "id": "CVE-2023-41100",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-23T06:15:09.220",
+  "lastModified": "2023-08-23T06:15:09.220",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the hcaptcha (aka hCaptcha for EXT:form) extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://typo3.org/security/advisory/typo3-ext-sa-2023-007",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-411xx/CVE-2023-41104.json

@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-41104",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-23T07:15:08.417",
+  "lastModified": "2023-08-23T07:15:08.417",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration Language) configuration in use."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://docs.varnish-software.com/security/VSV00012/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/varnish/libvmod-digest/releases/tag/libvmod-digest-1.0.3",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.varnish-cache.org/security/VSV00012.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-411xx/CVE-2023-41105.json

@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-41105",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-23T07:15:08.590",
+  "lastModified": "2023-08-23T07:15:08.590",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/python/cpython/issues/106242",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/python/cpython/pull/107981",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/python/cpython/pull/107982",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/python/cpython/pull/107983",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-08-23T06:00:31.789659+00:00
+2023-08-23T08:00:31.897579+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-08-23T05:15:47.990000+00:00
+2023-08-23T07:15:08.590000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,16 +29,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-223292
+223296
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `4`
 
-* [CVE-2023-40144](CVE-2023/CVE-2023-401xx/CVE-2023-40144.json) (`2023-08-23T04:15:10.960`)
+* [CVE-2023-41098](CVE-2023/CVE-2023-410xx/CVE-2023-41098.json) (`2023-08-23T06:15:07.950`)
-* [CVE-2023-40282](CVE-2023/CVE-2023-402xx/CVE-2023-40282.json) (`2023-08-23T04:15:12.417`)
+* [CVE-2023-41100](CVE-2023/CVE-2023-411xx/CVE-2023-41100.json) (`2023-08-23T06:15:09.220`)
-* [CVE-2023-4041](CVE-2023/CVE-2023-40xx/CVE-2023-4041.json) (`2023-08-23T05:15:47.990`)
+* [CVE-2023-41104](CVE-2023/CVE-2023-411xx/CVE-2023-41104.json) (`2023-08-23T07:15:08.417`)
+* [CVE-2023-41105](CVE-2023/CVE-2023-411xx/CVE-2023-41105.json) (`2023-08-23T07:15:08.590`)
 
 
 ### CVEs modified in the last Commit