Auto-Update: 2023-12-30T23:00:24.423827+00:00

2025-05-08 11:37:26 +00:00 · 2023-12-30 23:00:28 +00:00 · 2023-12-30 23:00:28 +00:00 · 1c956455d4
commit 1c956455d4
parent f02a6661c1
7 changed files with 56 additions and 21 deletions
--- a/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json
+++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-31698",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-05-17T13:15:09.463",
-  "lastModified": "2023-05-25T15:41:38.163",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-30T21:15:43.680",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
-      "value": "Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo."
+      "value": "Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration)."
    }
  ],
  "metrics": {
@ -73,6 +73,14 @@
        "VDB Entry"
      ]
    },
+    {
+      "url": "https://github.com/bludit/bludit/issues/1212#issuecomment-649514491",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/bludit/bludit/issues/1369#issuecomment-940806199",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://github.com/bludit/bludit/issues/1509",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json
+++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-34845",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-06-16T04:15:14.143",
-  "lastModified": "2023-06-23T18:54:20.387",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-30T21:15:43.790",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
-      "value": "Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file."
+      "value": "Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration)."
    },
    {
      "lang": "es",
@ -68,6 +68,14 @@
    }
  ],
  "references": [
+    {
+      "url": "https://github.com/bludit/bludit/issues/1212#issuecomment-649514491",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/bludit/bludit/issues/1369#issuecomment-940806199",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://github.com/bludit/bludit/issues/1508",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-494xx/CVE-2023-49465.json
+++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49465.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-49465",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-07T20:15:38.370",
-  "lastModified": "2023-12-11T17:31:41.460",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-30T21:15:43.877",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -76,6 +76,10 @@
        "Issue Tracking",
        "Patch"
      ]
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00022.html",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-494xx/CVE-2023-49467.json
+++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49467.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-49467",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-07T20:15:38.427",
-  "lastModified": "2023-12-11T17:31:18.677",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-30T21:15:43.957",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -76,6 +76,10 @@
        "Issue Tracking",
        "Patch"
      ]
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00022.html",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-494xx/CVE-2023-49468.json
+++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49468.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-49468",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-07T20:15:38.477",
-  "lastModified": "2023-12-11T17:30:55.310",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-30T21:15:44.010",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -76,6 +76,10 @@
        "Issue Tracking",
        "Patch"
      ]
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00022.html",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-504xx/CVE-2023-50471.json
+++ b/CVE-2023/CVE-2023-504xx/CVE-2023-50471.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-50471",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-14T20:15:53.130",
-  "lastModified": "2023-12-19T20:51:50.550",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-30T21:15:44.067",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -77,6 +77,10 @@
        "Patch",
        "Third Party Advisory"
      ]
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00023.html",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-12-30T21:00:24.544760+00:00
+2023-12-30T23:00:24.423827+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-12-30T19:15:08.303000+00:00
+2023-12-30T21:15:44.067000+00:00
 ```

 ### Last Data Feed Release
@ -34,17 +34,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `0`

-* [CVE-2023-52262](CVE-2023/CVE-2023-522xx/CVE-2023-52262.json) (`2023-12-30T19:15:08.197`)
-* [CVE-2023-52263](CVE-2023/CVE-2023-522xx/CVE-2023-52263.json) (`2023-12-30T19:15:08.253`)
-* [CVE-2023-6998](CVE-2023/CVE-2023-69xx/CVE-2023-6998.json) (`2023-12-30T19:15:08.303`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `6`

+* [CVE-2023-31698](CVE-2023/CVE-2023-316xx/CVE-2023-31698.json) (`2023-12-30T21:15:43.680`)
+* [CVE-2023-34845](CVE-2023/CVE-2023-348xx/CVE-2023-34845.json) (`2023-12-30T21:15:43.790`)
+* [CVE-2023-49465](CVE-2023/CVE-2023-494xx/CVE-2023-49465.json) (`2023-12-30T21:15:43.877`)
+* [CVE-2023-49467](CVE-2023/CVE-2023-494xx/CVE-2023-49467.json) (`2023-12-30T21:15:43.957`)
+* [CVE-2023-49468](CVE-2023/CVE-2023-494xx/CVE-2023-49468.json) (`2023-12-30T21:15:44.010`)
+* [CVE-2023-50471](CVE-2023/CVE-2023-504xx/CVE-2023-50471.json) (`2023-12-30T21:15:44.067`)


 ## Download and Usage