admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-01T20:00:24.483543+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-01 22:00:27 +02:00
parent 605b7f27b7
commit 49c960c8ee
21 changed files with 1846 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
CVE-2021/CVE-2021-339xx/CVE-2021-33974.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2021-33974", "id": "CVE-2021-33974",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T21:15:06.740", "published": "2023-04-19T21:15:06.740",
"lastModified": "2023-04-20T13:15:05.443", "lastModified": "2023-05-01T19:18:49.340",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Qihoo 360 (https://www.360.cn/) Qihoo 360 Safeguard (https://www.360.cn/) Qihoo 360 Chrome (https://browser.360.cn/ee/) is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: This is a set of vulnerabilities affecting popular software, and the installation packages correspond to versions \"360 Safeguard(12.1.0.1004,12.1.0.1005,13.1.0.1001)\" , \"360 Total Security(10.8.0.1060,10.8.0.1213)\", \"360 Safe Browser & 360 Chrome(12. The attack vector is: On the browser vulnerability, just open a link to complete the vulnerability exploitation remotely; on the client software, you need to locally execute the vulnerability exploitation program, which of course can be achieved with the full chain of browser vulnerability. \u00b6\u00b6 This is a set of the most serious vulnerabilities that exist on Qihoo 360's PC client multiple popular software, remote vulnerabilities can be accomplished by opening a link to arbitrary code execution on both security browsers, in conjunction with the exploitation of local vulnerabilities that allow spyware to persist without being scanned to permanently reside on the target PC computer (because local vulnerabilities target Qihoo 360 company's antivirus software kernel flaws); this set of remote and local vulnerabilities in perfect coordination, to achieve an information security fallacy, on Qihoo 360's antivirus software vulnerability, not only can not be scanned out of the virus, but will help the virus persistently control the target computer, while Qihoo 360 claims to be a secure browser, which exists in the kernel vulnerability but help the composition of the remote vulnerability.(Security expert \"Memory Corruptor\" have reported this set of vulnerabilities to the corresponding vendor, all vulnerabilities have been fixed and the vendor rewarded thousands of dollars to this security expert)" "value": "Qihoo 360 (https://www.360.cn/) Qihoo 360 Safeguard (https://www.360.cn/) Qihoo 360 Chrome (https://browser.360.cn/ee/) is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: This is a set of vulnerabilities affecting popular software, and the installation packages correspond to versions \"360 Safeguard(12.1.0.1004,12.1.0.1005,13.1.0.1001)\" , \"360 Total Security(10.8.0.1060,10.8.0.1213)\", \"360 Safe Browser & 360 Chrome(12. The attack vector is: On the browser vulnerability, just open a link to complete the vulnerability exploitation remotely; on the client software, you need to locally execute the vulnerability exploitation program, which of course can be achieved with the full chain of browser vulnerability. \u00b6\u00b6 This is a set of the most serious vulnerabilities that exist on Qihoo 360's PC client multiple popular software, remote vulnerabilities can be accomplished by opening a link to arbitrary code execution on both security browsers, in conjunction with the exploitation of local vulnerabilities that allow spyware to persist without being scanned to permanently reside on the target PC computer (because local vulnerabilities target Qihoo 360 company's antivirus software kernel flaws); this set of remote and local vulnerabilities in perfect coordination, to achieve an information security fallacy, on Qihoo 360's antivirus software vulnerability, not only can not be scanned out of the virus, but will help the virus persistently control the target computer, while Qihoo 360 claims to be a secure browser, which exists in the kernel vulnerability but help the composition of the remote vulnerability.(Security expert \"Memory Corruptor\" have reported this set of vulnerabilities to the corresponding vendor, all vulnerabilities have been fixed and the vendor rewarded thousands of dollars to this security expert)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:360:total_security:10.8.0.1060:*:*:*:*:*:*:*",
"matchCriteriaId": "96C5D566-EC1C-4698-A3F9-620E95A114EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:360:total_security:10.8.0.1213:*:*:*:*:*:*:*",
"matchCriteriaId": "4E6A3FC9-D113-4DE6-8026-D4D569AC739A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html", "url": "https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://pastebin.com/ms1ivjYe", "url": "https://pastebin.com/ms1ivjYe",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

48
CVE-2021/CVE-2021-438xx/CVE-2021-43819.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-43819", "id": "CVE-2021-43819",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T18:15:07.073", "published": "2023-04-19T18:15:07.073",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T18:11:40.177",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stargate-bukkit_project:stargate-bukkit:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.7.9.11",
"versionEndExcluding": "0.11.5.1",
"matchCriteriaId": "C7DC9C82-2FA9-48C1-B26F-93C480BC5F68"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/stargate-bukkit/Stargate-Bukkit/security/advisories/GHSA-64r2-hfr9-849j", "url": "https://github.com/stargate-bukkit/Stargate-Bukkit/security/advisories/GHSA-64r2-hfr9-849j",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

10
CVE-2022/CVE-2022-373xx/CVE-2022-37381.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-37381", "id": "CVE-2022-37381",
"sourceIdentifier": "zdi-disclosures@trendmicro.com", "sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2023-03-29T19:15:15.960", "published": "2023-03-29T19:15:15.960",
"lastModified": "2023-04-28T21:15:08.580", "lastModified": "2023-05-01T18:39:45.913",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -58,7 +58,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "zdi-disclosures@trendmicro.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -68,12 +68,12 @@
] ]
}, },
{ {
"source": "nvd@nist.gov", "source": "zdi-disclosures@trendmicro.com",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
"value": "CWE-787" "value": "CWE-416"
} }
] ]
} }

77
CVE-2023/CVE-2023-15xx/CVE-2023-1585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1585", "id": "CVE-2023-1585",
"sourceIdentifier": "security@nortonlifelock.com", "sourceIdentifier": "security@nortonlifelock.com",
"published": "2023-04-19T19:15:06.630", "published": "2023-04-19T19:15:06.630",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T19:01:40.760",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2
},
{ {
"source": "security@nortonlifelock.com", "source": "security@nortonlifelock.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
},
{ {
"source": "security@nortonlifelock.com", "source": "security@nortonlifelock.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,51 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avast:antivirus:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.5",
"versionEndExcluding": "22.11",
"matchCriteriaId": "041E50BD-12AB-47A1-98FF-5A9DAFC82247"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avg:anti-virus:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.5",
"versionEndExcluding": "22.11",
"matchCriteriaId": "E6C5599E-6B91-463D-B715-2962E9E98764"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.norton.com/sp/static/external/tools/security-advisories.html", "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html",
"source": "security@nortonlifelock.com" "source": "security@nortonlifelock.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

77
CVE-2023/CVE-2023-15xx/CVE-2023-1586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1586", "id": "CVE-2023-1586",
"sourceIdentifier": "security@nortonlifelock.com", "sourceIdentifier": "security@nortonlifelock.com",
"published": "2023-04-19T19:15:06.837", "published": "2023-04-19T19:15:06.837",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T19:01:05.173",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
},
{ {
"source": "security@nortonlifelock.com", "source": "security@nortonlifelock.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
},
{ {
"source": "security@nortonlifelock.com", "source": "security@nortonlifelock.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,51 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avast:antivirus:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.5",
"versionEndExcluding": "22.11",
"matchCriteriaId": "041E50BD-12AB-47A1-98FF-5A9DAFC82247"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avg:anti-virus:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.5",
"versionEndExcluding": "22.11",
"matchCriteriaId": "E6C5599E-6B91-463D-B715-2962E9E98764"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.norton.com/sp/static/external/tools/security-advisories.html", "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html",
"source": "security@nortonlifelock.com" "source": "security@nortonlifelock.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

79
CVE-2023/CVE-2023-208xx/CVE-2023-20862.json
View File

@ -2,19 +2,90 @@
"id": "CVE-2023-20862", "id": "CVE-2023-20862",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2023-04-19T20:15:10.910", "published": "2023-04-19T20:15:10.910",
"lastModified": "2023-04-20T13:15:27.317", "lastModified": "2023-05-01T18:39:02.293",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout. Users of affected versions should apply the following mitigation. 5.7.x users should upgrade to 5.7.8. 5.8.x users should upgrade to 5.8.3. 6.0.x users should upgrade to 6.0.3." "value": "In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout. Users of affected versions should apply the following mitigation. 5.7.x users should upgrade to 5.7.8. 5.8.x users should upgrade to 5.8.3. 6.0.x users should upgrade to 6.0.3."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.7.0",
"versionEndExcluding": "5.7.8",
"matchCriteriaId": "9C04C9B3-2ED2-488B-914D-62EF7278AB06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8.0",
"versionEndExcluding": "5.8.3",
"matchCriteriaId": "08A62341-0018-4D6D-9920-6D4907B7FE5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.0.3",
"matchCriteriaId": "8ACA91F9-3202-4F62-8D6C-EA376B8620C6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://spring.io/security/cve-2023-20862", "url": "https://spring.io/security/cve-2023-20862",
"source": "security@vmware.com" "source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-208xx/CVE-2023-20873.json
View File

@ -2,19 +2,83 @@
"id": "CVE-2023-20873", "id": "CVE-2023-20873",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2023-04-20T21:15:08.717", "published": "2023-04-20T21:15:08.717",
"lastModified": "2023-04-21T01:45:50.230", "lastModified": "2023-05-01T18:51:25.810",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+." "value": "In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.7.11",
"matchCriteriaId": "E03EEFE1-487C-4924-AE1E-864067CD381F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.0.6",
"matchCriteriaId": "5383A7EE-8667-455F-9B4E-08200F831007"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://spring.io/security/cve-2023-20873", "url": "https://spring.io/security/cve-2023-20873",
"source": "security@vmware.com" "source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-226xx/CVE-2023-22621.json
View File

@ -2,27 +2,91 @@
"id": "CVE-2023-22621", "id": "CVE-2023-22621",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T16:15:07.213", "published": "2023-04-19T16:15:07.213",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T18:09:44.413",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses the validation checks that should prevent code execution." "value": "Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses the validation checks that should prevent code execution."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "4.5.6",
"matchCriteriaId": "00BEBFCA-2EDE-4A26-A13C-D14B4449CE06"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/strapi/strapi/releases", "url": "https://github.com/strapi/strapi/releases",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve", "url": "https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ghostccamm.com/blog/multi_strapi_vulns/", "url": "https://www.ghostccamm.com/blog/multi_strapi_vulns/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

77
CVE-2023/CVE-2023-228xx/CVE-2023-22893.json
View File

@ -2,27 +2,92 @@
"id": "CVE-2023-22893", "id": "CVE-2023-22893",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T16:15:07.253", "published": "2023-04-19T16:15:07.253",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T18:10:06.367",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Strapi through 4.5.5 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token that is signed using the 'None' type algorithm to bypass authentication and impersonate any user that use AWS Cognito for authentication." "value": "Strapi through 4.5.5 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token that is signed using the 'None' type algorithm to bypass authentication and impersonate any user that use AWS Cognito for authentication."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "4.6.0",
"matchCriteriaId": "4259DF00-FFB5-417D-9B75-08BA63F9CB14"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/strapi/strapi/releases", "url": "https://github.com/strapi/strapi/releases",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve", "url": "https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ghostccamm.com/blog/multi_strapi_vulns/", "url": "https://www.ghostccamm.com/blog/multi_strapi_vulns/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

77
CVE-2023/CVE-2023-228xx/CVE-2023-22894.json
View File

@ -2,27 +2,92 @@
"id": "CVE-2023-22894", "id": "CVE-2023-22894",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T16:15:07.303", "published": "2023-04-19T16:15:07.303",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T18:10:48.270",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Strapi through 4.5.5 allows attackers (with access to the admin panel) to discover sensitive user details by exploiting the query filter. The attacker can filter users by columns that contain sensitive information and infer a value from API responses. If the attacker has super admin access, then this can be exploited to discover the password hash and password reset token of all users. If the attacker has admin panel access to an account with permission to access the username and email of API users with a lower privileged role (e.g., Editor or Author), then this can be exploited to discover sensitive information for all API users but not other admin accounts." "value": "Strapi through 4.5.5 allows attackers (with access to the admin panel) to discover sensitive user details by exploiting the query filter. The attacker can filter users by columns that contain sensitive information and infer a value from API responses. If the attacker has super admin access, then this can be exploited to discover the password hash and password reset token of all users. If the attacker has admin panel access to an account with permission to access the username and email of API users with a lower privileged role (e.g., Editor or Author), then this can be exploited to discover sensitive information for all API users but not other admin accounts."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2.1",
"versionEndExcluding": "4.8.0",
"matchCriteriaId": "3ECE8243-AB68-425A-9B1B-8294A028B2B9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/strapi/strapi/releases", "url": "https://github.com/strapi/strapi/releases",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve", "url": "https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ghostccamm.com/blog/multi_strapi_vulns/", "url": "https://www.ghostccamm.com/blog/multi_strapi_vulns/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

58
CVE-2023/CVE-2023-256xx/CVE-2023-25601.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-25601", "id": "CVE-2023-25601",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2023-04-20T16:15:07.570", "published": "2023-04-20T16:15:07.570",
"lastModified": "2023-04-20T18:15:07.173", "lastModified": "2023-05-01T18:56:14.413",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the python-gateway function by changing the value `python-gateway.enabled=false` in configuration file `application.yaml`. If you are using the python gateway, please upgrade to version 3.1.2 or above.\n" "value": "On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the python-gateway function by changing the value `python-gateway.enabled=false` in configuration file `application.yaml`. If you are using the python gateway, please upgrade to version 3.1.2 or above.\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
@ -23,14 +46,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:dolphinscheduler:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.1.2",
"matchCriteriaId": "EA5EA55F-A97E-4868-A477-31D7C12E2B33"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://www.openwall.com/lists/oss-security/2023/04/20/10", "url": "http://www.openwall.com/lists/oss-security/2023/04/20/10",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Mailing List"
]
}, },
{ {
"url": "https://lists.apache.org/thread/25g77jqczp3t8cz56hk1p65q7m6c64rf", "url": "https://lists.apache.org/thread/25g77jqczp3t8cz56hk1p65q7m6c64rf",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Mailing List"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-263xx/CVE-2023-26360.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-26360", "id": "CVE-2023-26360",
"sourceIdentifier": "psirt@adobe.com", "sourceIdentifier": "psirt@adobe.com",
"published": "2023-03-23T20:15:15.263", "published": "2023-03-23T20:15:15.263",
"lastModified": "2023-03-28T13:01:03.630", "lastModified": "2023-05-01T18:15:49.787",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cisaExploitAdd": "2023-03-15", "cisaExploitAdd": "2023-03-15",
"cisaActionDue": "2023-04-05", "cisaActionDue": "2023-04-05",
"cisaRequiredAction": "Apply updates per vendor instructions.", "cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Adobe ColdFusion Improper Access Control Vulnerability", "cisaVulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data Vulnerability",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,29 +16,9 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "psirt@adobe.com", "source": "psirt@adobe.com",
"type": "Secondary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
@ -55,6 +35,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 4.0 "impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -193,6 +193,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/172079/Adobe-ColdFusion-Unauthenticated-Remote-Code-Execution.html",
"source": "psirt@adobe.com"
},
{ {
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html", "url": "https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html",
"source": "psirt@adobe.com", "source": "psirt@adobe.com",

70
CVE-2023/CVE-2023-270xx/CVE-2023-27090.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-27090", "id": "CVE-2023-27090",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-20T20:15:07.150", "published": "2023-04-20T20:15:07.150",
"lastModified": "2023-04-21T01:45:50.230", "lastModified": "2023-05-01T18:44:26.323",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter." "value": "Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teacms_project:teacms:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A3571A5-BAEF-4CA6-A259-FEA8A21B212E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gitee.com/xiaobingby/TeaCMS/issues/I6GDDN", "url": "https://gitee.com/xiaobingby/TeaCMS/issues/I6GDDN",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://gitee.com/xiaobingby/TeaCMS/issues/I6L9Z2", "url": "https://gitee.com/xiaobingby/TeaCMS/issues/I6L9Z2",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

604
CVE-2023/CVE-2023-289xx/CVE-2023-28984.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28984", "id": "CVE-2023-28984",
"sourceIdentifier": "sirt@juniper.net", "sourceIdentifier": "sirt@juniper.net",
"published": "2023-04-17T22:15:09.877", "published": "2023-04-17T22:15:09.877",
"lastModified": "2023-04-18T03:15:28.387", "lastModified": "2023-05-01T19:07:46.193",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -36,7 +36,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "sirt@juniper.net", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -48,12 +48,608 @@
"value": "CWE-416" "value": "CWE-416"
} }
] ]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*",
"matchCriteriaId": "D4CF52CF-F911-4615-9171-42F84429149F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "69E33F24-D480-4B5F-956D-D435A551CBE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "6E5E3FDB-3F33-4686-9B64-0152AD41939D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "9C411A2E-A407-44E5-A2B2-3D049FB2DB4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*",
"matchCriteriaId": "03009CC1-21AC-4A46-A747-D0C67FCD41DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "A352BB7A-6F17-4E64-BC02-1A7E4CD42653"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "E9AE26EB-699B-4B10-87E2-9E731B820F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "A29E0070-47E9-43DD-9303-C732FE8CC851"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "A5E7E8D2-5D08-492E-84FC-8803E50F2CA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "7B798133-105C-448B-B06E-57327E44E478"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx10000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF2039C-E08C-472F-82E6-DAD3F94724B5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx10002-32q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E59530-3262-4BDC-915C-0B8D2EED7784"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx10002-60c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "626CA614-72D4-4A8B-9C38-275C7A7F8D85"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx10002-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FF30F4-3D10-4AD6-9643-5826A11C7629"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx10k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF7419C-7075-4E1E-87D4-90DBDDB7968E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx3000-g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79C98F71-042D-412D-8064-FF8E27CAB9D2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx3000-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3110C458-EFBA-4221-9417-015B7D5874C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx3008-i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0727FD0-F5A2-4156-BBDB-F4AE6E6F1B89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "858482CF-E310-4F6C-8ECC-C9BFBA3E1EC5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A336BD3-4AB0-4E9E-8AD5-E6413A5A53FC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4D44B0-E6CE-4380-8712-AC832DBCB424"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx3600-i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F6C1E3-9390-4E06-AA62-02C99447FDB4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5100-96s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD0F680-ED30-48F3-A5D9-988D510CFC0D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB58A6E9-FFCF-4331-AC3B-45C37BD1943E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5200-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38D790AD-D00F-4FED-96FE-3046C827356B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5200-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD9AD5C-947D-41EF-9969-FCCEB144984F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5210-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B86047DE-A0A0-4698-9414-B66C0FA7B544"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:qfx5220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D193BEBD-9436-468D-B89E-D5720603451D"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://supportportal.juniper.net/JSA70610", "url": "https://supportportal.juniper.net/JSA70610",
"source": "sirt@juniper.net" "source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

161
CVE-2023/CVE-2023-306xx/CVE-2023-30610.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30610", "id": "CVE-2023-30610",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T18:15:07.417", "published": "2023-04-19T18:15:07.417",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T18:11:59.833",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,145 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.2.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "12881A87-AB1E-44AB-8AF9-0AFB945CC2FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.3.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "E586C004-6528-4015-806E-D4559F7BAFE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.4.1:*:*:*:*:rust:*:*",
"matchCriteriaId": "28CC8686-3C04-44BE-8897-55FFD70069FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.5.2:*:*:*:*:rust:*:*",
"matchCriteriaId": "BBB473F8-1EA4-41A3-9B65-8EDBB59BD0ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.6.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "9853C3AA-75C6-432D-9587-ACF806F92F5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.7.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "27DEE720-C938-471F-BB6A-270CE15A99CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.8.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "2AA5BC01-D2D4-43C1-AFF5-46CD7D8556A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.9.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "BD389AD3-0E0D-4B6B-9F8F-715332E77DEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.10.1:*:*:*:*:rust:*:*",
"matchCriteriaId": "1AE0FC7F-8614-487E-BE30-8445F083ABE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.11.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "64F86FEC-F13A-491B-A28D-1818A071B466"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.12.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "1E6FEB66-EE8A-4C83-BB9D-4F9A1697C8A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.13.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "77B07C90-CA86-43FA-9664-7623A19A4172"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.14.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "4B99DFB4-E7BA-4C86-97CB-E8E092CCBEB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.15.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "74F2AF3D-ECCA-4CD3-9835-CB56B29699B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.46.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "8BA0C6BC-7489-40CE-B60F-67AF597FF74D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.47.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "DF08381B-5513-4001-A6C5-398CC5E0A84F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.48.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "630EA797-C5DF-42F3-921F-951D59581589"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.49.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "62C594E6-6276-472B-B668-5793A08D9618"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.50.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "BC881298-2EAD-40D7-82D7-69FAA11942DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.51.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "B32D4B7D-5D29-4BD3-B9AD-43D070F3EA17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.52.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "DDECA839-CF7C-48A1-92E9-95B05DA15E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.53.1:*:*:*:*:rust:*:*",
"matchCriteriaId": "D77B3A68-5C22-4C48-8508-CE457D73C14C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.54.1:*:*:*:*:rust:*:*",
"matchCriteriaId": "6A83D537-7D99-4F10-BE79-9379F374EA3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-sigv4:0.55.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "5C3532CD-3566-40E7-9A9C-78B02C48BE99"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/awslabs/aws-sdk-rust/security/advisories/GHSA-mjv9-vp6w-3rc9", "url": "https://github.com/awslabs/aws-sdk-rust/security/advisories/GHSA-mjv9-vp6w-3rc9",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-306xx/CVE-2023-30611.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30611", "id": "CVE-2023-30611",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T18:15:07.490", "published": "2023-04-19T18:15:07.490",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T18:12:23.390",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -36,8 +56,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,14 +76,37 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:reactions:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE39066-079F-4C5A-89ED-36279E53A69C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/discourse/discourse-reactions/commit/01aca15b2774c088f3673118e92e9469f37d2fb6", "url": "https://github.com/discourse/discourse-reactions/commit/01aca15b2774c088f3673118e92e9469f37d2fb6",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/discourse/discourse-reactions/security/advisories/GHSA-4cgc-c7vh-94g6", "url": "https://github.com/discourse/discourse-reactions/security/advisories/GHSA-4cgc-c7vh-94g6",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

84
CVE-2023/CVE-2023-306xx/CVE-2023-30612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30612", "id": "CVE-2023-30612",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T18:15:07.553", "published": "2023-04-19T18:15:07.553",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T18:14:30.173",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -36,8 +56,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,26 +76,64 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudhypervisor:cloud_hypervisor:30.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "2AC6DE0F-27E9-424B-9406-C93FD87099D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudhypervisor:cloud_hypervisor:31.1:*:*:*:*:rust:*:*",
"matchCriteriaId": "75E769D7-4723-4F99-9A9D-72765AB3A602"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/cloud-hypervisor/cloud-hypervisor/pull/5350", "url": "https://github.com/cloud-hypervisor/cloud-hypervisor/pull/5350",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/cloud-hypervisor/cloud-hypervisor/pull/5373", "url": "https://github.com/cloud-hypervisor/cloud-hypervisor/pull/5373",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/cloud-hypervisor/cloud-hypervisor/security/advisories/GHSA-g6mw-f26h-4jgp", "url": "https://github.com/cloud-hypervisor/cloud-hypervisor/security/advisories/GHSA-g6mw-f26h-4jgp",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}, },
{ {
"url": "https://oss-fuzz.com/testcase-detail/5260873569796096", "url": "https://oss-fuzz.com/testcase-detail/5260873569796096",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Permissions Required"
]
}, },
{ {
"url": "https://oss-fuzz.com/testcase-detail/5426283514560512", "url": "https://oss-fuzz.com/testcase-detail/5426283514560512",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-306xx/CVE-2023-30614.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30614", "id": "CVE-2023-30614",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T18:15:07.637", "published": "2023-04-19T18:15:07.637",
"lastModified": "2023-04-19T19:52:18.290", "lastModified": "2023-05-01T18:14:48.710",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pay_project:pay:*:*:*:*:*:rails:*:*",
"versionEndExcluding": "6.3.2",
"matchCriteriaId": "48D1A98B-0606-4A99-BFA3-188B1D93EA38"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/pay-rails/pay/commit/5d6283a24062bd272a524ec48415f536a67ad57f", "url": "https://github.com/pay-rails/pay/commit/5d6283a24062bd272a524ec48415f536a67ad57f",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/pay-rails/pay/security/advisories/GHSA-cqf3-vpx7-rxhw", "url": "https://github.com/pay-rails/pay/security/advisories/GHSA-cqf3-vpx7-rxhw",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-306xx/CVE-2023-30616.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30616", "id": "CVE-2023-30616",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-20T18:15:07.367", "published": "2023-04-20T18:15:07.367",
"lastModified": "2023-04-20T18:17:39.217", "lastModified": "2023-05-01T18:46:24.547",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:epiph:form_block:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.2",
"matchCriteriaId": "A6E131BC-61B8-47BC-9A19-12EAEFA493DC"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/epiphyt/form-block/commit/cf0012fa0710d906c594346ba775c5dc433a9426", "url": "https://github.com/epiphyt/form-block/commit/cf0012fa0710d906c594346ba775c5dc433a9426",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/epiphyt/form-block/security/advisories/GHSA-j4c2-7p87-q824", "url": "https://github.com/epiphyt/form-block/security/advisories/GHSA-j4c2-7p87-q824",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-307xx/CVE-2023-30797.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30797", "id": "CVE-2023-30797",
"sourceIdentifier": "disclosure@vulncheck.com", "sourceIdentifier": "disclosure@vulncheck.com",
"published": "2023-04-19T20:15:12.377", "published": "2023-04-19T20:15:12.377",
"lastModified": "2023-04-20T13:15:13.917", "lastModified": "2023-05-01T19:55:01.860",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "disclosure@vulncheck.com", "source": "disclosure@vulncheck.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
},
{ {
"source": "disclosure@vulncheck.com", "source": "disclosure@vulncheck.com",
"type": "Secondary", "type": "Secondary",
@ -46,22 +76,52 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netflix:lemur:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.2",
"matchCriteriaId": "AA02A184-ED2B-4577-BAB1-1B536179C263"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Netflix/lemur/commit/666d853212174ee7f4e6f8b3b4b389ede1872238", "url": "https://github.com/Netflix/lemur/commit/666d853212174ee7f4e6f8b3b4b389ede1872238",
"source": "disclosure@vulncheck.com" "source": "disclosure@vulncheck.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/Netflix/lemur/security/advisories/GHSA-5fqv-mpj8-h7gm", "url": "https://github.com/Netflix/lemur/security/advisories/GHSA-5fqv-mpj8-h7gm",
"source": "disclosure@vulncheck.com" "source": "disclosure@vulncheck.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2023-001.md", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2023-001.md",
"source": "disclosure@vulncheck.com" "source": "disclosure@vulncheck.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://vulncheck.com/advisories/netflix-lemur-weak-rng", "url": "https://vulncheck.com/advisories/netflix-lemur-weak-rng",
"source": "disclosure@vulncheck.com" "source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

59
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-05-01T18:00:24.617849+00:00 2023-05-01T20:00:24.483543+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-05-01T17:39:10.673000+00:00 2023-05-01T19:55:01.860000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -34,45 +34,34 @@ Download and Changelog: [Click](releases/latest)
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `14` Recently added CVEs: `0`
* [CVE-2023-22503](CVE-2023/CVE-2023-225xx/CVE-2023-22503.json) (`2023-05-01T17:15:08.993`)
* [CVE-2023-22919](CVE-2023/CVE-2023-229xx/CVE-2023-22919.json) (`2023-05-01T17:15:09.050`)
* [CVE-2023-22921](CVE-2023/CVE-2023-229xx/CVE-2023-22921.json) (`2023-05-01T17:15:09.110`)
* [CVE-2023-22922](CVE-2023/CVE-2023-229xx/CVE-2023-22922.json) (`2023-05-01T17:15:09.163`)
* [CVE-2023-22923](CVE-2023/CVE-2023-229xx/CVE-2023-22923.json) (`2023-05-01T17:15:09.220`)
* [CVE-2023-22924](CVE-2023/CVE-2023-229xx/CVE-2023-22924.json) (`2023-05-01T17:15:09.273`)
* [CVE-2023-2451](CVE-2023/CVE-2023-24xx/CVE-2023-2451.json) (`2023-05-01T16:15:11.640`)
* [CVE-2023-29635](CVE-2023/CVE-2023-296xx/CVE-2023-29635.json) (`2023-05-01T16:15:11.240`)
* [CVE-2023-29636](CVE-2023/CVE-2023-296xx/CVE-2023-29636.json) (`2023-05-01T16:15:11.377`)
* [CVE-2023-29637](CVE-2023/CVE-2023-296xx/CVE-2023-29637.json) (`2023-05-01T16:15:11.433`)
* [CVE-2023-29638](CVE-2023/CVE-2023-296xx/CVE-2023-29638.json) (`2023-05-01T16:15:11.483`)
* [CVE-2023-29639](CVE-2023/CVE-2023-296xx/CVE-2023-29639.json) (`2023-05-01T16:15:11.523`)
* [CVE-2023-29641](CVE-2023/CVE-2023-296xx/CVE-2023-29641.json) (`2023-05-01T16:15:11.560`)
* [CVE-2023-29643](CVE-2023/CVE-2023-296xx/CVE-2023-29643.json) (`2023-05-01T16:15:11.600`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `17` Recently modified CVEs: `20`
* [CVE-2022-2084](CVE-2022/CVE-2022-20xx/CVE-2022-2084.json) (`2023-05-01T17:39:10.673`) * [CVE-2021-33974](CVE-2021/CVE-2021-339xx/CVE-2021-33974.json) (`2023-05-01T19:18:49.340`)
* [CVE-2023-2204](CVE-2023/CVE-2023-22xx/CVE-2023-2204.json) (`2023-05-01T16:08:45.683`) * [CVE-2021-43819](CVE-2021/CVE-2021-438xx/CVE-2021-43819.json) (`2023-05-01T18:11:40.177`)
* [CVE-2023-2205](CVE-2023/CVE-2023-22xx/CVE-2023-2205.json) (`2023-05-01T16:10:01.617`) * [CVE-2022-37381](CVE-2022/CVE-2022-373xx/CVE-2022-37381.json) (`2023-05-01T18:39:45.913`)
* [CVE-2023-2206](CVE-2023/CVE-2023-22xx/CVE-2023-2206.json) (`2023-05-01T16:26:23.937`) * [CVE-2023-1585](CVE-2023/CVE-2023-15xx/CVE-2023-1585.json) (`2023-05-01T19:01:40.760`)
* [CVE-2023-2207](CVE-2023/CVE-2023-22xx/CVE-2023-2207.json) (`2023-05-01T16:14:41.493`) * [CVE-2023-1586](CVE-2023/CVE-2023-15xx/CVE-2023-1586.json) (`2023-05-01T19:01:05.173`)
* [CVE-2023-2208](CVE-2023/CVE-2023-22xx/CVE-2023-2208.json) (`2023-05-01T16:36:02.587`) * [CVE-2023-20862](CVE-2023/CVE-2023-208xx/CVE-2023-20862.json) (`2023-05-01T18:39:02.293`)
* [CVE-2023-29523](CVE-2023/CVE-2023-295xx/CVE-2023-29523.json) (`2023-05-01T16:31:27.287`) * [CVE-2023-20873](CVE-2023/CVE-2023-208xx/CVE-2023-20873.json) (`2023-05-01T18:51:25.810`)
* [CVE-2023-29524](CVE-2023/CVE-2023-295xx/CVE-2023-29524.json) (`2023-05-01T17:27:08.340`) * [CVE-2023-22621](CVE-2023/CVE-2023-226xx/CVE-2023-22621.json) (`2023-05-01T18:09:44.413`)
* [CVE-2023-29525](CVE-2023/CVE-2023-295xx/CVE-2023-29525.json) (`2023-05-01T17:27:32.133`) * [CVE-2023-22893](CVE-2023/CVE-2023-228xx/CVE-2023-22893.json) (`2023-05-01T18:10:06.367`)
* [CVE-2023-29527](CVE-2023/CVE-2023-295xx/CVE-2023-29527.json) (`2023-05-01T17:27:48.017`) * [CVE-2023-22894](CVE-2023/CVE-2023-228xx/CVE-2023-22894.json) (`2023-05-01T18:10:48.270`)
* [CVE-2023-30536](CVE-2023/CVE-2023-305xx/CVE-2023-30536.json) (`2023-05-01T16:38:35.117`) * [CVE-2023-25601](CVE-2023/CVE-2023-256xx/CVE-2023-25601.json) (`2023-05-01T18:56:14.413`)
* [CVE-2023-30552](CVE-2023/CVE-2023-305xx/CVE-2023-30552.json) (`2023-05-01T16:48:47.687`) * [CVE-2023-26360](CVE-2023/CVE-2023-263xx/CVE-2023-26360.json) (`2023-05-01T18:15:49.787`)
* [CVE-2023-30553](CVE-2023/CVE-2023-305xx/CVE-2023-30553.json) (`2023-05-01T17:11:14.503`) * [CVE-2023-27090](CVE-2023/CVE-2023-270xx/CVE-2023-27090.json) (`2023-05-01T18:44:26.323`)
* [CVE-2023-30554](CVE-2023/CVE-2023-305xx/CVE-2023-30554.json) (`2023-05-01T17:17:50.057`) * [CVE-2023-28984](CVE-2023/CVE-2023-289xx/CVE-2023-28984.json) (`2023-05-01T19:07:46.193`)
* [CVE-2023-30555](CVE-2023/CVE-2023-305xx/CVE-2023-30555.json) (`2023-05-01T17:21:56.100`) * [CVE-2023-30610](CVE-2023/CVE-2023-306xx/CVE-2023-30610.json) (`2023-05-01T18:11:59.833`)
* [CVE-2023-30556](CVE-2023/CVE-2023-305xx/CVE-2023-30556.json) (`2023-05-01T17:27:45.527`) * [CVE-2023-30611](CVE-2023/CVE-2023-306xx/CVE-2023-30611.json) (`2023-05-01T18:12:23.390`)
* [CVE-2023-30557](CVE-2023/CVE-2023-305xx/CVE-2023-30557.json) (`2023-05-01T17:22:55.270`) * [CVE-2023-30612](CVE-2023/CVE-2023-306xx/CVE-2023-30612.json) (`2023-05-01T18:14:30.173`)
* [CVE-2023-30614](CVE-2023/CVE-2023-306xx/CVE-2023-30614.json) (`2023-05-01T18:14:48.710`)
* [CVE-2023-30616](CVE-2023/CVE-2023-306xx/CVE-2023-30616.json) (`2023-05-01T18:46:24.547`)
* [CVE-2023-30797](CVE-2023/CVE-2023-307xx/CVE-2023-30797.json) (`2023-05-01T19:55:01.860`)
## Download and Usage ## Download and Usage