From 2b5a34781470bdf53dc6f70852b91ea18837225e Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 18 Jul 2023 10:01:36 +0000 Subject: [PATCH] Auto-Update: 2023-07-18T10:01:32.797377+00:00 --- CVE-2023/CVE-2023-00xx/CVE-2023-0045.json | 8 ++- CVE-2023/CVE-2023-24xx/CVE-2023-2433.json | 63 +++++++++++++++++++++ CVE-2023/CVE-2023-31xx/CVE-2023-3128.json | 6 +- CVE-2023/CVE-2023-33xx/CVE-2023-3326.json | 8 ++- CVE-2023/CVE-2023-349xx/CVE-2023-34981.json | 8 ++- CVE-2023/CVE-2023-357xx/CVE-2023-35788.json | 6 +- README.md | 15 +++-- 7 files changed, 101 insertions(+), 13 deletions(-) create mode 100644 CVE-2023/CVE-2023-24xx/CVE-2023-2433.json diff --git a/CVE-2023/CVE-2023-00xx/CVE-2023-0045.json b/CVE-2023/CVE-2023-00xx/CVE-2023-0045.json index de76b4f2e83..60e61da3b67 100644 --- a/CVE-2023/CVE-2023-00xx/CVE-2023-0045.json +++ b/CVE-2023/CVE-2023-00xx/CVE-2023-0045.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0045", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-04-25T23:15:09.013", - "lastModified": "2023-05-05T15:54:54.760", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-18T08:15:09.580", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -133,6 +133,10 @@ "Mailing List", "Third Party Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230714-0001/", + "source": "cve-coordination@google.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2433.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2433.json new file mode 100644 index 00000000000..603771b37c9 --- /dev/null +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2433.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-2433", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-07-18T09:15:11.067", + "lastModified": "2023-07-18T09:15:11.067", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The YARPP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'className' parameter in versions up to, and including, 5.30.3 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/yet-another-related-posts-plugin/tags/5.30.3/classes/YARPP_Core.php#L1623", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2939617/yet-another-related-posts-plugin/trunk/classes/YARPP_Core.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/35bd7462-8dab-43b2-9941-fef6f826cfdc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3128.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3128.json index fe09e010433..0190956d5e3 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3128.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3128.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3128", "sourceIdentifier": "security@grafana.com", "published": "2023-06-22T21:15:09.573", - "lastModified": "2023-07-06T09:15:09.507", + "lastModified": "2023-07-18T08:15:10.410", "vulnStatus": "Modified", "descriptions": [ { @@ -169,6 +169,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230714-0004/", + "source": "security@grafana.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3326.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3326.json index af3e051c9c3..f5fc1a358a8 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3326.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3326.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3326", "sourceIdentifier": "secteam@freebsd.org", "published": "2023-06-22T17:15:44.833", - "lastModified": "2023-06-30T16:31:33.127", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-18T08:15:10.613", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -174,6 +174,10 @@ "Mitigation", "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230714-0005/", + "source": "secteam@freebsd.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34981.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34981.json index 49840b22c9b..4a544f76d99 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34981.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34981.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34981", "sourceIdentifier": "security@apache.org", "published": "2023-06-21T11:15:09.410", - "lastModified": "2023-06-28T17:56:03.113", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-18T08:15:10.020", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -86,6 +86,10 @@ "Mailing List", "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230714-0003/", + "source": "security@apache.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35788.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35788.json index 95a416f5743..3e5d73d52c7 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35788.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35788.json @@ -2,7 +2,7 @@ "id": "CVE-2023-35788", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-16T21:15:09.340", - "lastModified": "2023-07-06T04:15:11.473", + "lastModified": "2023-07-18T08:15:10.113", "vulnStatus": "Modified", "descriptions": [ { @@ -88,6 +88,10 @@ "Patch" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230714-0002/", + "source": "cve@mitre.org" + }, { "url": "https://www.debian.org/security/2023/dsa-5448", "source": "cve@mitre.org" diff --git a/README.md b/README.md index 8082f04f65b..3e49d61de6d 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-18T06:00:25.607393+00:00 +2023-07-18T10:01:32.797377+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-18T05:15:09.603000+00:00 +2023-07-18T09:15:11.067000+00:00 ``` ### Last Data Feed Release @@ -29,20 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -220507 +220508 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -* [CVE-2015-10122](CVE-2015/CVE-2015-101xx/CVE-2015-10122.json) (`2023-07-18T05:15:09.603`) +* [CVE-2023-2433](CVE-2023/CVE-2023-24xx/CVE-2023-2433.json) (`2023-07-18T09:15:11.067`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `5` +* [CVE-2023-0045](CVE-2023/CVE-2023-00xx/CVE-2023-0045.json) (`2023-07-18T08:15:09.580`) +* [CVE-2023-34981](CVE-2023/CVE-2023-349xx/CVE-2023-34981.json) (`2023-07-18T08:15:10.020`) +* [CVE-2023-35788](CVE-2023/CVE-2023-357xx/CVE-2023-35788.json) (`2023-07-18T08:15:10.113`) +* [CVE-2023-3128](CVE-2023/CVE-2023-31xx/CVE-2023-3128.json) (`2023-07-18T08:15:10.410`) +* [CVE-2023-3326](CVE-2023/CVE-2023-33xx/CVE-2023-3326.json) (`2023-07-18T08:15:10.613`) ## Download and Usage