From 1c956455d4201f00b8618afde3ba54f287676fa5 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 30 Dec 2023 23:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-12-30T23:00:24.423827+00:00 --- CVE-2023/CVE-2023-316xx/CVE-2023-31698.json | 14 +++++++++++--- CVE-2023/CVE-2023-348xx/CVE-2023-34845.json | 14 +++++++++++--- CVE-2023/CVE-2023-494xx/CVE-2023-49465.json | 8 ++++++-- CVE-2023/CVE-2023-494xx/CVE-2023-49467.json | 8 ++++++-- CVE-2023/CVE-2023-494xx/CVE-2023-49468.json | 8 ++++++-- CVE-2023/CVE-2023-504xx/CVE-2023-50471.json | 8 ++++++-- README.md | 17 ++++++++++------- 7 files changed, 56 insertions(+), 21 deletions(-) diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json index f9557446e3c..43941d7ff4d 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json @@ -2,12 +2,12 @@ "id": "CVE-2023-31698", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T13:15:09.463", - "lastModified": "2023-05-25T15:41:38.163", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-30T21:15:43.680", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo." + "value": "Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration)." } ], "metrics": { @@ -73,6 +73,14 @@ "VDB Entry" ] }, + { + "url": "https://github.com/bludit/bludit/issues/1212#issuecomment-649514491", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/bludit/bludit/issues/1369#issuecomment-940806199", + "source": "cve@mitre.org" + }, { "url": "https://github.com/bludit/bludit/issues/1509", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json index 616acafac0e..9b46c2ac214 100644 --- a/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34845.json @@ -2,12 +2,12 @@ "id": "CVE-2023-34845", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-16T04:15:14.143", - "lastModified": "2023-06-23T18:54:20.387", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-30T21:15:43.790", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file." + "value": "Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration)." }, { "lang": "es", @@ -68,6 +68,14 @@ } ], "references": [ + { + "url": "https://github.com/bludit/bludit/issues/1212#issuecomment-649514491", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/bludit/bludit/issues/1369#issuecomment-940806199", + "source": "cve@mitre.org" + }, { "url": "https://github.com/bludit/bludit/issues/1508", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-494xx/CVE-2023-49465.json b/CVE-2023/CVE-2023-494xx/CVE-2023-49465.json index d6ae0e1b190..a510bfb6c52 100644 --- a/CVE-2023/CVE-2023-494xx/CVE-2023-49465.json +++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49465.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49465", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-07T20:15:38.370", - "lastModified": "2023-12-11T17:31:41.460", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-30T21:15:43.877", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -76,6 +76,10 @@ "Issue Tracking", "Patch" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00022.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-494xx/CVE-2023-49467.json b/CVE-2023/CVE-2023-494xx/CVE-2023-49467.json index e5200650c5c..8153a374884 100644 --- a/CVE-2023/CVE-2023-494xx/CVE-2023-49467.json +++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49467.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49467", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-07T20:15:38.427", - "lastModified": "2023-12-11T17:31:18.677", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-30T21:15:43.957", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -76,6 +76,10 @@ "Issue Tracking", "Patch" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00022.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-494xx/CVE-2023-49468.json b/CVE-2023/CVE-2023-494xx/CVE-2023-49468.json index 76c44370fd2..6faa4357b2b 100644 --- a/CVE-2023/CVE-2023-494xx/CVE-2023-49468.json +++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49468.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49468", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-07T20:15:38.477", - "lastModified": "2023-12-11T17:30:55.310", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-30T21:15:44.010", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -76,6 +76,10 @@ "Issue Tracking", "Patch" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00022.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-504xx/CVE-2023-50471.json b/CVE-2023/CVE-2023-504xx/CVE-2023-50471.json index 48688badb53..438416a42d6 100644 --- a/CVE-2023/CVE-2023-504xx/CVE-2023-50471.json +++ b/CVE-2023/CVE-2023-504xx/CVE-2023-50471.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50471", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T20:15:53.130", - "lastModified": "2023-12-19T20:51:50.550", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-30T21:15:44.067", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -77,6 +77,10 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00023.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/README.md b/README.md index db81f353b71..8b34710df74 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-30T21:00:24.544760+00:00 +2023-12-30T23:00:24.423827+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-30T19:15:08.303000+00:00 +2023-12-30T21:15:44.067000+00:00 ``` ### Last Data Feed Release @@ -34,17 +34,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `0` -* [CVE-2023-52262](CVE-2023/CVE-2023-522xx/CVE-2023-52262.json) (`2023-12-30T19:15:08.197`) -* [CVE-2023-52263](CVE-2023/CVE-2023-522xx/CVE-2023-52263.json) (`2023-12-30T19:15:08.253`) -* [CVE-2023-6998](CVE-2023/CVE-2023-69xx/CVE-2023-6998.json) (`2023-12-30T19:15:08.303`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `6` +* [CVE-2023-31698](CVE-2023/CVE-2023-316xx/CVE-2023-31698.json) (`2023-12-30T21:15:43.680`) +* [CVE-2023-34845](CVE-2023/CVE-2023-348xx/CVE-2023-34845.json) (`2023-12-30T21:15:43.790`) +* [CVE-2023-49465](CVE-2023/CVE-2023-494xx/CVE-2023-49465.json) (`2023-12-30T21:15:43.877`) +* [CVE-2023-49467](CVE-2023/CVE-2023-494xx/CVE-2023-49467.json) (`2023-12-30T21:15:43.957`) +* [CVE-2023-49468](CVE-2023/CVE-2023-494xx/CVE-2023-49468.json) (`2023-12-30T21:15:44.010`) +* [CVE-2023-50471](CVE-2023/CVE-2023-504xx/CVE-2023-50471.json) (`2023-12-30T21:15:44.067`) ## Download and Usage