Auto-Update: 2023-11-10T03:00:20.135476+00:00

2025-07-09 16:05:11 +00:00 · 2023-11-10 03:00:24 +00:00 · 2023-11-10 03:00:24 +00:00 · 460afb734c
commit 460afb734c
parent e1875c727c
5 changed files with 148 additions and 24 deletions
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46729.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46729.json
@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-46729",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-11-10T01:15:07.430",
+  "lastModified": "2023-11-10T01:15:07.430",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has been fixed in version 7.77.0."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 9.3,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.8
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-918"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/getsentry/sentry-javascript/commit/ddbda3c02c35aba8c5235e0cf07fc5bf656f81be",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/getsentry/sentry-javascript/pull/9415",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-2rmr-xw8m-22q9",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-53xx/CVE-2023-5367.json
+++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5367.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-5367",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-10-25T20:15:18.323",
-  "lastModified": "2023-11-08T14:15:08.163",
+  "lastModified": "2023-11-10T02:15:07.383",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -196,6 +196,14 @@
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4YBK3I6SETHETBHDETFWM3VSZUQICIDV/",
      "source": "secalert@redhat.com"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEDJN4VFN57K5POOC7BNVD6L6WUUCSG6/",
      "source": "secalert@redhat.com",
--- a/CVE-2023/CVE-2023-53xx/CVE-2023-5380.json
+++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5380.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-5380",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-10-25T20:15:18.503",
-  "lastModified": "2023-11-07T04:23:58.037",
+  "lastModified": "2023-11-10T02:15:07.560",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -37,7 +37,7 @@
        "impactScore": 3.6
      },
      {
-        "source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+        "source": "secalert@redhat.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
@ -70,7 +70,7 @@
      ]
    },
    {
-      "source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+      "source": "secalert@redhat.com",
      "type": "Secondary",
      "description": [
        {
@ -183,6 +183,10 @@
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/",
      "source": "secalert@redhat.com"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/",
      "source": "secalert@redhat.com",
--- a/CVE-2023/CVE-2023-60xx/CVE-2023-6069.json
+++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6069.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-6069",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-11-10T01:15:07.623",
+  "lastModified": "2023-11-10T01:15:07.623",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Input Validation in GitHub repository froxlor/froxlor prior to 2.1.0."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.9,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/froxlor/froxlor/commit/9e8f32f1e86016733b603b50c31b97f472e8dabc",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/aac0627e-e59d-476e-9385-edb7ff53758c",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-11-10T00:55:14.638776+00:00
+2023-11-10T03:00:20.135476+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-11-10T00:15:09.017000+00:00
+2023-11-10T02:15:07.560000+00:00
 ```

 ### Last Data Feed Release
@ -23,39 +23,29 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2023-11-09T01:00:13.564668+00:00
+2023-11-10T01:00:13.564677+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-230306
+230308
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `13`
+Recently added CVEs: `2`

-* [CVE-2018-8863](CVE-2018/CVE-2018-88xx/CVE-2018-8863.json) (`2023-11-09T23:15:08.740`)
-* [CVE-2023-31086](CVE-2023/CVE-2023-310xx/CVE-2023-31086.json) (`2023-11-09T23:15:09.000`)
-* [CVE-2023-31088](CVE-2023/CVE-2023-310xx/CVE-2023-31088.json) (`2023-11-09T23:15:09.067`)
-* [CVE-2023-31093](CVE-2023/CVE-2023-310xx/CVE-2023-31093.json) (`2023-11-09T23:15:09.167`)
-* [CVE-2023-31235](CVE-2023/CVE-2023-312xx/CVE-2023-31235.json) (`2023-11-09T23:15:09.267`)
-* [CVE-2023-32092](CVE-2023/CVE-2023-320xx/CVE-2023-32092.json) (`2023-11-09T23:15:09.357`)
-* [CVE-2023-32093](CVE-2023/CVE-2023-320xx/CVE-2023-32093.json) (`2023-11-09T23:15:09.447`)
-* [CVE-2023-32125](CVE-2023/CVE-2023-321xx/CVE-2023-32125.json) (`2023-11-09T23:15:09.540`)
-* [CVE-2023-32500](CVE-2023/CVE-2023-325xx/CVE-2023-32500.json) (`2023-11-09T23:15:09.633`)
-* [CVE-2023-32501](CVE-2023/CVE-2023-325xx/CVE-2023-32501.json) (`2023-11-09T23:15:09.733`)
-* [CVE-2023-32502](CVE-2023/CVE-2023-325xx/CVE-2023-32502.json) (`2023-11-09T23:15:09.823`)
-* [CVE-2023-36014](CVE-2023/CVE-2023-360xx/CVE-2023-36014.json) (`2023-11-10T00:15:08.640`)
-* [CVE-2023-36024](CVE-2023/CVE-2023-360xx/CVE-2023-36024.json) (`2023-11-10T00:15:08.840`)
+* [CVE-2023-46729](CVE-2023/CVE-2023-467xx/CVE-2023-46729.json) (`2023-11-10T01:15:07.430`)
+* [CVE-2023-6069](CVE-2023/CVE-2023-60xx/CVE-2023-6069.json) (`2023-11-10T01:15:07.623`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `2`

-* [CVE-2023-36034](CVE-2023/CVE-2023-360xx/CVE-2023-36034.json) (`2023-11-10T00:15:09.017`)
+* [CVE-2023-5367](CVE-2023/CVE-2023-53xx/CVE-2023-5367.json) (`2023-11-10T02:15:07.383`)
+* [CVE-2023-5380](CVE-2023/CVE-2023-53xx/CVE-2023-5380.json) (`2023-11-10T02:15:07.560`)


 ## Download and Usage