admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-21T05:00:17.793134+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-21 05:00:21 +00:00
parent 32e07d51c2
commit 604ab39a21
5 changed files with 496 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

275
CVE-2023/CVE-2023-233xx/CVE-2023-23367.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23367", "id": "CVE-2023-23367",
"sourceIdentifier": "security@qnapsecurity.com.tw", "sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-11-10T15:15:08.190", "published": "2023-11-10T15:15:08.190",
"lastModified": "2023-11-13T03:16:20.870", "lastModified": "2023-11-21T03:08:31.447",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2376 build 20230421 and later\nQuTS hero h5.0.1.2376 build 20230421 and later\nQuTScloud c5.1.0.2498 and later\n" "value": "An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2376 build 20230421 and later\nQuTS hero h5.0.1.2376 build 20230421 and later\nQuTScloud c5.1.0.2498 and later\n"
},
{
"lang": "es",
"value": "Se ha informado que una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podr\u00eda permitir a los administradores autenticados ejecutar comandos a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.0.1.2376 build 20230421 y posteriores QuTS hero h5.0.1.2376 build 20230421 y posteriores QuTScloud c5.1.0.2498 y posteriores"
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{ {
"source": "security@qnapsecurity.com.tw", "source": "security@qnapsecurity.com.tw",
"type": "Secondary", "type": "Secondary",
@ -46,10 +70,255 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1716:build_20210701:*:*:*:*:*:*",
"matchCriteriaId": "769C9869-6C7C-41CE-B873-5B5168CFC775"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1785:build_20210908:*:*:*:*:*:*",
"matchCriteriaId": "127CF4DC-A6E0-4DAB-8039-EEF0DD9F0F0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1808:build_20211001:*:*:*:*:*:*",
"matchCriteriaId": "57CCDE9B-A5CD-4359-9D38-23DB787640F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1828:build_20211020:*:*:*:*:*:*",
"matchCriteriaId": "5D87A17C-AABE-43DC-9546-78103A611AB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1837:build_20211029:*:*:*:*:*:*",
"matchCriteriaId": "0B96B714-9AA9-4974-B968-3E3908DA41D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1850:build_20211111:*:*:*:*:*:*",
"matchCriteriaId": "60A4DE61-EC79-4B6B-A32A-B899806FB090"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1853:build_20211114:*:*:*:*:*:*",
"matchCriteriaId": "EE3A887A-05E7-499C-AB99-67E7EAC27012"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1858:build_20211119:*:*:*:*:*:*",
"matchCriteriaId": "F2E1B1D4-87F3-46A6-BBE1-5774BB9CDA1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.0.1870:build_20211201:*:*:*:*:*:*",
"matchCriteriaId": "9206EFC0-C3EE-41AD-A864-1F9BA0C7DD77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2034:build_20220515:*:*:*:*:*:*",
"matchCriteriaId": "A014C53A-6057-46C3-ABE9-A0ACA785425B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2079:build_20220629:*:*:*:*:*:*",
"matchCriteriaId": "D57801C1-0E7C-482F-816E-A405DE4A86C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2131:build_20220820:*:*:*:*:*:*",
"matchCriteriaId": "DE301B1C-4E3E-4AC4-80BB-D06BE16D0C64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2137:build_20220826:*:*:*:*:*:*",
"matchCriteriaId": "582171F1-ADD6-4F68-8539-154E53A783A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2145:build_20220903:*:*:*:*:*:*",
"matchCriteriaId": "B621B512-940C-4C16-A64F-3E577B9DE6B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2173:build_20221001:*:*:*:*:*:*",
"matchCriteriaId": "F05F874D-52CB-49A1-AF3B-A0503C33710C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2194:build_20221022:*:*:*:*:*:*",
"matchCriteriaId": "86123F0E-3A48-45EB-B8C6-7A953E7719D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2234:build_20221201:*:*:*:*:*:*",
"matchCriteriaId": "644159A6-4018-4BDB-863B-94F5725534EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2248:build_20221215:*:*:*:*:*:*",
"matchCriteriaId": "EB42C492-9259-4A03-A65C-EACDD31E543A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2277:build_20230112:*:*:*:*:*:*",
"matchCriteriaId": "1CECD991-E1F0-4B6B-8CA4-2EEFBA071622"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qts:5.0.1.2346:build_20230322:*:*:*:*:*:*",
"matchCriteriaId": "55711131-A764-4E5C-9FF9-19DD601F5081"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.1772:build_20210826:*:*:*:*:*:*",
"matchCriteriaId": "547EACCF-E416-4E97-A5C6-0617093D014B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.1844:build_20211105:*:*:*:*:*:*",
"matchCriteriaId": "90C8BDBB-E32C-4BD4-85D0-7333D49A0772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.1856:build_20211117:*:*:*:*:*:*",
"matchCriteriaId": "1B716780-A0CA-4724-AC25-3CBBBE7FB4E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.1892:build_20211222:*:*:*:*:*:*",
"matchCriteriaId": "46B43DD9-29DE-4C49-B80F-3B61B2F0DAF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.1900:build_20211228:*:*:*:*:*:*",
"matchCriteriaId": "B5B50FA8-CE29-40F0-B38E-59917A83E263"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.1949:build_20220215:*:*:*:*:*:*",
"matchCriteriaId": "5C96EFDD-376F-420F-9F49-027AFB90EA2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.1986:build_20220324:*:*:*:*:*:*",
"matchCriteriaId": "BD25771C-5FF4-4184-97D0-5678AF65B9AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.2022:build_20220428:*:*:*:*:*:*",
"matchCriteriaId": "3042A475-6EDC-438C-9B26-DBBB8325F892"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.2069:build_20220614:*:*:*:*:*:*",
"matchCriteriaId": "A37AED2A-F30E-4AB4-A06A-6E866B46F796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0.2120:build_20220804:*:*:*:*:*:*",
"matchCriteriaId": "F22F95A3-74DF-4DCA-BDF3-CF479F8E98CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2045:build_20220526:*:*:*:*:*:*",
"matchCriteriaId": "698DB6DC-9262-48A2-9232-DFC97C8BBB61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2192:build_20221020:*:*:*:*:*:*",
"matchCriteriaId": "A728F1BE-B17B-4721-9C9E-97A666CAD07B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2248:build_20221215:*:*:*:*:*:*",
"matchCriteriaId": "85EC894E-2C81-4A9D-9AC7-2ADF74ADE7E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2269:build_20230104:*:*:*:*:*:*",
"matchCriteriaId": "8C4C9FDD-FD44-44E7-B552-40E94AC32A23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2277:build_20230112:*:*:*:*:*:*",
"matchCriteriaId": "81BA2B4F-1665-4505-96FD-FCDEE7D77583"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.1.2348:build_20230324:*:*:*:*:*:*",
"matchCriteriaId": "3A28B922-56DF-434B-82B8-1BFC69ED5C70"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qutscloud:c5.0.0.1919:build_20220119:*:*:*:*:*:*",
"matchCriteriaId": "77601C65-525D-485F-9A86-1907FB0DDC46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qutscloud:c5.0.1.1949:build_20220218:*:*:*:*:*:*",
"matchCriteriaId": "EBEC2462-A0A2-4585-9AF8-138163E793F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qutscloud:c5.0.1.1998:build_20220408:*:*:*:*:*:*",
"matchCriteriaId": "B72847AB-A9B1-497C-A95B-04ACB762C93F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qutscloud:c5.0.1.2044:build_20220524:*:*:*:*:*:*",
"matchCriteriaId": "9C83D158-6298-4672-A564-8AA99E4B224E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qutscloud:c5.0.1.2148:build_20220905:*:*:*:*:*:*",
"matchCriteriaId": "B1BF80AB-C87E-4D65-8147-6AA341E4706F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qnap:qutscloud:c5.0.1.2374:build_20230419:*:*:*:*:*:*",
"matchCriteriaId": "A3DC728C-1CEB-45DA-902E-786EC74C602A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.qnap.com/en/security-advisory/qsa-23-24", "url": "https://www.qnap.com/en/security-advisory/qsa-23-24",
"source": "security@qnapsecurity.com.tw" "source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-471xx/CVE-2023-47126.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47126", "id": "CVE-2023-47126",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-14T20:15:08.037", "published": "2023-11-14T20:15:08.037",
"lastModified": "2023-11-14T21:38:09.280", "lastModified": "2023-11-21T03:01:46.133",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions the login screen of the standalone install tool discloses the full path of the transient data directory (e.g. /var/www/html/var/transient/). This applies to composer-based scenarios only - \u201cclassic\u201d non-composer installations are not affected. This issue has been addressed in version 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n" "value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions the login screen of the standalone install tool discloses the full path of the transient data directory (e.g. /var/www/html/var/transient/). This applies to composer-based scenarios only - \u201cclassic\u201d non-composer installations are not affected. This issue has been addressed in version 12.4.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
},
{
"lang": "es",
"value": "TYPO3 es un sistema de gesti\u00f3n de contenido web basado en PHP de c\u00f3digo abierto publicado bajo GNU GPL. En las versiones afectadas, la pantalla de inicio de sesi\u00f3n de la herramienta de instalaci\u00f3n independiente revela la ruta completa del directorio de datos transitorios (por ejemplo, /var/www/html/var/transient/). Esto se aplica \u00fanicamente a escenarios basados en compositores: las instalaciones \u201ccl\u00e1sicas\u201d que no son de compositores no se ven afectadas. Este problema se solucion\u00f3 en la versi\u00f3n 12.4.8. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,18 +80,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.2.0",
"versionEndExcluding": "12.4.8",
"matchCriteriaId": "25218828-9AFC-458B-A14F-7FE95B422B5D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/TYPO3/typo3/commit/1a735dac01ec7b337ed0d80c738caa8967dea423", "url": "https://github.com/TYPO3/typo3/commit/1a735dac01ec7b337ed0d80c738caa8967dea423",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-p2jh-95jg-2w55", "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-p2jh-95jg-2w55",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://typo3.org/security/advisory/typo3-core-sa-2023-005", "url": "https://typo3.org/security/advisory/typo3-core-sa-2023-005",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

96
CVE-2023/CVE-2023-471xx/CVE-2023-47127.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47127", "id": "CVE-2023-47127",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-14T20:15:08.230", "published": "2023-11-14T20:15:08.230",
"lastModified": "2023-11-16T18:15:06.943", "lastModified": "2023-11-21T03:05:46.807",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -50,18 +80,74 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.7.55",
"matchCriteriaId": "97CE2630-5AA6-4531-9EDC-A973359351EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.5.44",
"matchCriteriaId": "CB75C6A4-F25A-4943-8683-6D373DFAEAAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:elts:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.4.41",
"matchCriteriaId": "BE95F6C1-238A-48B3-BBA7-57A7C875AFA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.5.33",
"matchCriteriaId": "6C21A23C-E558-4B9C-AFCD-7C1D37B2D1CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.4.8",
"matchCriteriaId": "A5B21F62-A105-487E-B52A-0E7501A4ADEA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/TYPO3/typo3/commit/535dfbdc54fd5362e0bc08d911db44eac7f64019", "url": "https://github.com/TYPO3/typo3/commit/535dfbdc54fd5362e0bc08d911db44eac7f64019",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-3vmm-7h4j-69rm", "url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-3vmm-7h4j-69rm",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://typo3.org/security/advisory/typo3-core-sa-2023-006", "url": "https://typo3.org/security/advisory/typo3-core-sa-2023-006",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-476xx/CVE-2023-47621.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47621", "id": "CVE-2023-47621",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-13T20:15:28.840", "published": "2023-11-13T20:15:28.840",
"lastModified": "2023-11-14T15:15:58.783", "lastModified": "2023-11-21T03:10:58.357",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -50,14 +80,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:duncanmcclean:guest_entries:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.3",
"matchCriteriaId": "19D836F5-2480-4AD1-885E-4F8F8B7494B0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/duncanmcclean/guest-entries/commit/a8e17b4413bfbbc337a887761a6c858ef1ddb4da", "url": "https://github.com/duncanmcclean/guest-entries/commit/a8e17b4413bfbbc337a887761a6c858ef1ddb4da",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/duncanmcclean/guest-entries/security/advisories/GHSA-rw82-mhmx-grmj", "url": "https://github.com/duncanmcclean/guest-entries/security/advisories/GHSA-rw82-mhmx-grmj",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

38
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-11-21T03:00:19.228727+00:00 2023-11-21T05:00:17.793134+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-11-21T02:58:51.787000+00:00 2023-11-21T03:10:58.357000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -34,40 +34,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `1` Recently added CVEs: `0`
* [CVE-2023-42770](CVE-2023/CVE-2023-427xx/CVE-2023-42770.json) (`2023-11-21T01:15:07.100`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `62` Recently modified CVEs: `4`
* [CVE-2023-48051](CVE-2023/CVE-2023-480xx/CVE-2023-48051.json) (`2023-11-21T01:38:10.777`) * [CVE-2023-47126](CVE-2023/CVE-2023-471xx/CVE-2023-47126.json) (`2023-11-21T03:01:46.133`)
* [CVE-2023-48310](CVE-2023/CVE-2023-483xx/CVE-2023-48310.json) (`2023-11-21T01:38:10.777`) * [CVE-2023-47127](CVE-2023/CVE-2023-471xx/CVE-2023-47127.json) (`2023-11-21T03:05:46.807`)
* [CVE-2023-6199](CVE-2023/CVE-2023-61xx/CVE-2023-6199.json) (`2023-11-21T01:38:10.777`) * [CVE-2023-23367](CVE-2023/CVE-2023-233xx/CVE-2023-23367.json) (`2023-11-21T03:08:31.447`)
* [CVE-2023-40151](CVE-2023/CVE-2023-401xx/CVE-2023-40151.json) (`2023-11-21T01:38:10.777`) * [CVE-2023-47621](CVE-2023/CVE-2023-476xx/CVE-2023-47621.json) (`2023-11-21T03:10:58.357`)
* [CVE-2023-6142](CVE-2023/CVE-2023-61xx/CVE-2023-6142.json) (`2023-11-21T01:38:10.777`)
* [CVE-2023-6144](CVE-2023/CVE-2023-61xx/CVE-2023-6144.json) (`2023-11-21T01:38:10.777`)
* [CVE-2023-41840](CVE-2023/CVE-2023-418xx/CVE-2023-41840.json) (`2023-11-21T01:38:25.570`)
* [CVE-2023-44248](CVE-2023/CVE-2023-442xx/CVE-2023-44248.json) (`2023-11-21T01:39:38.243`)
* [CVE-2023-43275](CVE-2023/CVE-2023-432xx/CVE-2023-43275.json) (`2023-11-21T01:51:11.677`)
* [CVE-2023-48204](CVE-2023/CVE-2023-482xx/CVE-2023-48204.json) (`2023-11-21T01:55:53.100`)
* [CVE-2023-32204](CVE-2023/CVE-2023-322xx/CVE-2023-32204.json) (`2023-11-21T01:57:53.810`)
* [CVE-2023-29161](CVE-2023/CVE-2023-291xx/CVE-2023-29161.json) (`2023-11-21T01:59:16.600`)
* [CVE-2023-40719](CVE-2023/CVE-2023-407xx/CVE-2023-40719.json) (`2023-11-21T02:05:04.860`)
* [CVE-2023-29157](CVE-2023/CVE-2023-291xx/CVE-2023-29157.json) (`2023-11-21T02:09:32.690`)
* [CVE-2023-47003](CVE-2023/CVE-2023-470xx/CVE-2023-47003.json) (`2023-11-21T02:14:29.237`)
* [CVE-2023-25652](CVE-2023/CVE-2023-256xx/CVE-2023-25652.json) (`2023-11-21T02:15:29.633`)
* [CVE-2023-5997](CVE-2023/CVE-2023-59xx/CVE-2023-5997.json) (`2023-11-21T02:16:59.767`)
* [CVE-2023-40923](CVE-2023/CVE-2023-409xx/CVE-2023-40923.json) (`2023-11-21T02:28:24.897`)
* [CVE-2023-4723](CVE-2023/CVE-2023-47xx/CVE-2023-4723.json) (`2023-11-21T02:30:52.053`)
* [CVE-2023-48088](CVE-2023/CVE-2023-480xx/CVE-2023-48088.json) (`2023-11-21T02:36:38.983`)
* [CVE-2023-48089](CVE-2023/CVE-2023-480xx/CVE-2023-48089.json) (`2023-11-21T02:37:44.817`)
* [CVE-2023-48087](CVE-2023/CVE-2023-480xx/CVE-2023-48087.json) (`2023-11-21T02:42:52.163`)
* [CVE-2023-5381](CVE-2023/CVE-2023-53xx/CVE-2023-5381.json) (`2023-11-21T02:45:00.847`)
* [CVE-2023-43591](CVE-2023/CVE-2023-435xx/CVE-2023-43591.json) (`2023-11-21T02:48:29.027`)
* [CVE-2023-47125](CVE-2023/CVE-2023-471xx/CVE-2023-47125.json) (`2023-11-21T02:58:51.787`)
## Download and Usage ## Download and Usage