Auto-Update: 2023-11-10T03:00:20.135476+00:00

This commit is contained in:
cad-safe-bot 2023-11-10 03:00:24 +00:00
parent e1875c727c
commit 460afb734c
5 changed files with 148 additions and 24 deletions

View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-46729",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-10T01:15:07.430",
"lastModified": "2023-11-10T01:15:07.430",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has been fixed in version 7.77.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/getsentry/sentry-javascript/commit/ddbda3c02c35aba8c5235e0cf07fc5bf656f81be",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/getsentry/sentry-javascript/pull/9415",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-2rmr-xw8m-22q9",
"source": "security-advisories@github.com"
}
]
}

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5367",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-25T20:15:18.323",
"lastModified": "2023-11-08T14:15:08.163",
"lastModified": "2023-11-10T02:15:07.383",
"vulnStatus": "Modified",
"descriptions": [
{
@ -196,6 +196,14 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4YBK3I6SETHETBHDETFWM3VSZUQICIDV/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEDJN4VFN57K5POOC7BNVD6L6WUUCSG6/",
"source": "secalert@redhat.com",

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5380",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-25T20:15:18.503",
"lastModified": "2023-11-07T04:23:58.037",
"lastModified": "2023-11-10T02:15:07.560",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -70,7 +70,7 @@
]
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -183,6 +183,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/",
"source": "secalert@redhat.com",

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-6069",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-11-10T01:15:07.623",
"lastModified": "2023-11-10T01:15:07.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation in GitHub repository froxlor/froxlor prior to 2.1.0."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/froxlor/froxlor/commit/9e8f32f1e86016733b603b50c31b97f472e8dabc",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/aac0627e-e59d-476e-9385-edb7ff53758c",
"source": "security@huntr.dev"
}
]
}

View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-10T00:55:14.638776+00:00
2023-11-10T03:00:20.135476+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-10T00:15:09.017000+00:00
2023-11-10T02:15:07.560000+00:00
```
### Last Data Feed Release
@ -23,39 +23,29 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-11-09T01:00:13.564668+00:00
2023-11-10T01:00:13.564677+00:00
```
### Total Number of included CVEs
```plain
230306
230308
```
### CVEs added in the last Commit
Recently added CVEs: `13`
Recently added CVEs: `2`
* [CVE-2018-8863](CVE-2018/CVE-2018-88xx/CVE-2018-8863.json) (`2023-11-09T23:15:08.740`)
* [CVE-2023-31086](CVE-2023/CVE-2023-310xx/CVE-2023-31086.json) (`2023-11-09T23:15:09.000`)
* [CVE-2023-31088](CVE-2023/CVE-2023-310xx/CVE-2023-31088.json) (`2023-11-09T23:15:09.067`)
* [CVE-2023-31093](CVE-2023/CVE-2023-310xx/CVE-2023-31093.json) (`2023-11-09T23:15:09.167`)
* [CVE-2023-31235](CVE-2023/CVE-2023-312xx/CVE-2023-31235.json) (`2023-11-09T23:15:09.267`)
* [CVE-2023-32092](CVE-2023/CVE-2023-320xx/CVE-2023-32092.json) (`2023-11-09T23:15:09.357`)
* [CVE-2023-32093](CVE-2023/CVE-2023-320xx/CVE-2023-32093.json) (`2023-11-09T23:15:09.447`)
* [CVE-2023-32125](CVE-2023/CVE-2023-321xx/CVE-2023-32125.json) (`2023-11-09T23:15:09.540`)
* [CVE-2023-32500](CVE-2023/CVE-2023-325xx/CVE-2023-32500.json) (`2023-11-09T23:15:09.633`)
* [CVE-2023-32501](CVE-2023/CVE-2023-325xx/CVE-2023-32501.json) (`2023-11-09T23:15:09.733`)
* [CVE-2023-32502](CVE-2023/CVE-2023-325xx/CVE-2023-32502.json) (`2023-11-09T23:15:09.823`)
* [CVE-2023-36014](CVE-2023/CVE-2023-360xx/CVE-2023-36014.json) (`2023-11-10T00:15:08.640`)
* [CVE-2023-36024](CVE-2023/CVE-2023-360xx/CVE-2023-36024.json) (`2023-11-10T00:15:08.840`)
* [CVE-2023-46729](CVE-2023/CVE-2023-467xx/CVE-2023-46729.json) (`2023-11-10T01:15:07.430`)
* [CVE-2023-6069](CVE-2023/CVE-2023-60xx/CVE-2023-6069.json) (`2023-11-10T01:15:07.623`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `2`
* [CVE-2023-36034](CVE-2023/CVE-2023-360xx/CVE-2023-36034.json) (`2023-11-10T00:15:09.017`)
* [CVE-2023-5367](CVE-2023/CVE-2023-53xx/CVE-2023-5367.json) (`2023-11-10T02:15:07.383`)
* [CVE-2023-5380](CVE-2023/CVE-2023-53xx/CVE-2023-5380.json) (`2023-11-10T02:15:07.560`)
## Download and Usage