From 61d23541d43b49e4ad4e2c38087d12bcf16557f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Helmke?= Date: Mon, 1 May 2023 18:00:26 +0200 Subject: [PATCH] Auto-Update: 2023-05-01T16:00:23.727659+00:00 --- CVE-2022/CVE-2022-450xx/CVE-2022-45064.json | 53 +++++++++- CVE-2022/CVE-2022-458xx/CVE-2022-45801.json | 32 ++++++ CVE-2022/CVE-2022-458xx/CVE-2022-45802.json | 32 ++++++ CVE-2022/CVE-2022-45xx/CVE-2022-4568.json | 55 ++++++++++ CVE-2022/CVE-2022-463xx/CVE-2022-46365.json | 32 ++++++ CVE-2022/CVE-2022-481xx/CVE-2022-48186.json | 55 ++++++++++ CVE-2023/CVE-2023-06xx/CVE-2023-0683.json | 55 ++++++++++ CVE-2023/CVE-2023-08xx/CVE-2023-0896.json | 55 ++++++++++ CVE-2023/CVE-2023-21xx/CVE-2023-2131.json | 70 ++++++++++++- CVE-2023/CVE-2023-21xx/CVE-2023-2176.json | 62 ++++++++++- CVE-2023/CVE-2023-254xx/CVE-2023-25492.json | 55 ++++++++++ CVE-2023/CVE-2023-280xx/CVE-2023-28003.json | 47 ++++++++- CVE-2023/CVE-2023-280xx/CVE-2023-28092.json | 43 ++++++++ CVE-2023/CVE-2023-292xx/CVE-2023-29213.json | 109 ++++++++++++++++++-- CVE-2023/CVE-2023-295xx/CVE-2023-29528.json | 89 ++++++++++++++-- CVE-2023/CVE-2023-300xx/CVE-2023-30061.json | 24 +++++ CVE-2023/CVE-2023-300xx/CVE-2023-30063.json | 24 +++++ CVE-2023/CVE-2023-304xx/CVE-2023-30456.json | 18 ++-- CVE-2023/CVE-2023-308xx/CVE-2023-30859.json | 59 +++++++++++ README.md | 35 +++++-- 20 files changed, 958 insertions(+), 46 deletions(-) create mode 100644 CVE-2022/CVE-2022-458xx/CVE-2022-45801.json create mode 100644 CVE-2022/CVE-2022-458xx/CVE-2022-45802.json create mode 100644 CVE-2022/CVE-2022-45xx/CVE-2022-4568.json create mode 100644 CVE-2022/CVE-2022-463xx/CVE-2022-46365.json create mode 100644 CVE-2022/CVE-2022-481xx/CVE-2022-48186.json create mode 100644 CVE-2023/CVE-2023-06xx/CVE-2023-0683.json create mode 100644 CVE-2023/CVE-2023-08xx/CVE-2023-0896.json create mode 100644 CVE-2023/CVE-2023-254xx/CVE-2023-25492.json create mode 100644 CVE-2023/CVE-2023-280xx/CVE-2023-28092.json create mode 100644 CVE-2023/CVE-2023-300xx/CVE-2023-30061.json create mode 100644 CVE-2023/CVE-2023-300xx/CVE-2023-30063.json create mode 100644 CVE-2023/CVE-2023-308xx/CVE-2023-30859.json diff --git a/CVE-2022/CVE-2022-450xx/CVE-2022-45064.json b/CVE-2022/CVE-2022-450xx/CVE-2022-45064.json index b4fe554f1ed..d2a5db512c6 100644 --- a/CVE-2022/CVE-2022-450xx/CVE-2022-45064.json +++ b/CVE-2022/CVE-2022-450xx/CVE-2022-45064.json @@ -2,8 +2,8 @@ "id": "CVE-2022-45064", "sourceIdentifier": "security@apache.org", "published": "2023-04-13T11:15:06.737", - "lastModified": "2023-04-18T03:15:07.263", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-01T15:19:22.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + }, { "source": "security@apache.org", "type": "Secondary", @@ -46,14 +66,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:sling:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.14.0", + "matchCriteriaId": "27522190-48A3-4A38-A9F4-434024C179D1" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/04/18/6", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.apache.org/thread/hhp611hltby3whk03vx2mv7cmy3vs0ok", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-458xx/CVE-2022-45801.json b/CVE-2022/CVE-2022-458xx/CVE-2022-45801.json new file mode 100644 index 00000000000..650d5ab69d3 --- /dev/null +++ b/CVE-2022/CVE-2022-458xx/CVE-2022-45801.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-45801", + "sourceIdentifier": "security@apache.org", + "published": "2023-05-01T15:15:08.790", + "lastModified": "2023-05-01T15:15:08.790", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Apache StreamPark 1.0.0 to 2.0.0 have a LDAP injection vulnerability.\nLDAP Injection is an attack used to exploit web based applications\nthat construct LDAP statements based on user input. When an\napplication fails to properly sanitize user input, it's possible to\nmodify LDAP statements through techniques similar to SQL Injection.\nLDAP injection attacks could result in the granting of permissions to\nunauthorized queries, and content modification inside the LDAP tree.\nThis risk may only occur when the user logs in with ldap, and the user\nname and password login will not be affected, Users of the affected\nversions should upgrade to Apache StreamPark 2.0.0 or later.\n\n\n\n\n\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/xbkwwpkp3n2rs2wcxg8l26mhsftxwwr9", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-458xx/CVE-2022-45802.json b/CVE-2022/CVE-2022-458xx/CVE-2022-45802.json new file mode 100644 index 00000000000..8382946a0f5 --- /dev/null +++ b/CVE-2022/CVE-2022-458xx/CVE-2022-45802.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-45802", + "sourceIdentifier": "security@apache.org", + "published": "2023-05-01T15:15:08.943", + "lastModified": "2023-05-01T15:15:08.943", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload some high-risk files, and may upload them to any directory,\u00a0Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later\n\n\n\n\n\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/thwl1v2h6r3c21x1qwff08o57qzjnst6", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-45xx/CVE-2022-4568.json b/CVE-2022/CVE-2022-45xx/CVE-2022-4568.json new file mode 100644 index 00000000000..aac501e6531 --- /dev/null +++ b/CVE-2022/CVE-2022-45xx/CVE-2022-4568.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-4568", + "sourceIdentifier": "psirt@lenovo.com", + "published": "2023-05-01T15:15:09.160", + "lastModified": "2023-05-01T15:15:09.160", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A directory permissions management vulnerability in Lenovo System Update may allow elevation of privileges." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "references": [ + { + "url": "https://support.lenovo.com/us/en/product_security/LEN-103545", + "source": "psirt@lenovo.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-463xx/CVE-2022-46365.json b/CVE-2022/CVE-2022-463xx/CVE-2022-46365.json new file mode 100644 index 00000000000..5315c0344ed --- /dev/null +++ b/CVE-2022/CVE-2022-463xx/CVE-2022-46365.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-46365", + "sourceIdentifier": "security@apache.org", + "published": "2023-05-01T15:15:09.013", + "lastModified": "2023-05-01T15:15:09.013", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer\u00a0as a parameter, but not verified whether the user name is the currently logged user and whether the user is legal, This will allow malicious attackers to send any username to modify and reset the account,\u00a0Users of the affected\u00a0versions should upgrade to Apache StreamPark 2.0.0 or later.\n\n\n\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/f68lcwrp8pcdc4yrbpcm8j7m0f5mjn7h", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-481xx/CVE-2022-48186.json b/CVE-2022/CVE-2022-481xx/CVE-2022-48186.json new file mode 100644 index 00000000000..95c41d976fd --- /dev/null +++ b/CVE-2022/CVE-2022-481xx/CVE-2022-48186.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-48186", + "sourceIdentifier": "psirt@lenovo.com", + "published": "2023-05-01T15:15:09.083", + "lastModified": "2023-05-01T15:15:09.083", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "references": [ + { + "url": "https://iknow.lenovo.com.cn/detail/dc_206093.html", + "source": "psirt@lenovo.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-06xx/CVE-2023-0683.json b/CVE-2023/CVE-2023-06xx/CVE-2023-0683.json new file mode 100644 index 00000000000..87c38a18fdf --- /dev/null +++ b/CVE-2023/CVE-2023-06xx/CVE-2023-0683.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-0683", + "sourceIdentifier": "psirt@lenovo.com", + "published": "2023-05-01T15:15:09.223", + "lastModified": "2023-05-01T15:15:09.223", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://support.lenovo.com/us/en/product_security/LEN-99936", + "source": "psirt@lenovo.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-08xx/CVE-2023-0896.json b/CVE-2023/CVE-2023-08xx/CVE-2023-0896.json new file mode 100644 index 00000000000..f70bc1015e8 --- /dev/null +++ b/CVE-2023/CVE-2023-08xx/CVE-2023-0896.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-0896", + "sourceIdentifier": "psirt@lenovo.com", + "published": "2023-05-01T14:15:09.397", + "lastModified": "2023-05-01T14:15:09.397", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A default password was reported in Lenovo Smart Clock Essential with Alexa Built In that could allow unauthorized device access to an attacker with local network access. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://support.lenovo.com/us/en/product_security/LEN-113714", + "source": "psirt@lenovo.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2131.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2131.json index 9ba6e6f91da..89f6891146b 100644 --- a/CVE-2023/CVE-2023-21xx/CVE-2023-2131.json +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2131.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2131", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-04-20T21:15:08.870", - "lastModified": "2023-04-21T01:45:50.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-01T14:17:38.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", @@ -46,10 +76,44 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:inea:me_rtu_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.36", + "matchCriteriaId": "E213CE4E-AA17-4AA5-A753-A7F2B37C7815" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:inea:me_rtu:-:*:*:*:*:*:*:*", + "matchCriteriaId": "97E14440-C423-4D41-9834-E33564A4B70D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-110-01", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2176.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2176.json index 55a8434961d..e79316d335d 100644 --- a/CVE-2023/CVE-2023-21xx/CVE-2023-2176.json +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2176.json @@ -2,16 +2,49 @@ "id": "CVE-2023-2176", "sourceIdentifier": "secalert@redhat.com", "published": "2023-04-20T21:15:08.937", - "lastModified": "2023-04-21T01:45:50.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-01T14:26:28.220", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -23,10 +56,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", + "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.spinics.net/lists/linux-rdma/msg114749.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-254xx/CVE-2023-25492.json b/CVE-2023/CVE-2023-254xx/CVE-2023-25492.json new file mode 100644 index 00000000000..a1b9ac6faa3 --- /dev/null +++ b/CVE-2023/CVE-2023-254xx/CVE-2023-25492.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-25492", + "sourceIdentifier": "psirt@lenovo.com", + "published": "2023-05-01T15:15:09.290", + "lastModified": "2023-05-01T15:15:09.290", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a format string injection vulnerability in a web interface API." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-134" + } + ] + } + ], + "references": [ + { + "url": "https://support.lenovo.com/us/en/product_security/LEN-99936", + "source": "psirt@lenovo.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-280xx/CVE-2023-28003.json b/CVE-2023/CVE-2023-280xx/CVE-2023-28003.json index 38bf3acdb46..7dd144dfa83 100644 --- a/CVE-2023/CVE-2023-280xx/CVE-2023-28003.json +++ b/CVE-2023/CVE-2023-280xx/CVE-2023-28003.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28003", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-04-18T21:15:09.117", - "lastModified": "2023-04-18T21:25:05.953", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-01T14:00:32.963", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_power_monitoring_expert:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2022", + "matchCriteriaId": "EEB54F7D-EFED-4E21-832E-AA3BBB3CB723" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-073-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-073-01.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-280xx/CVE-2023-28092.json b/CVE-2023/CVE-2023-280xx/CVE-2023-28092.json new file mode 100644 index 00000000000..ced253300da --- /dev/null +++ b/CVE-2023/CVE-2023-280xx/CVE-2023-28092.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-28092", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-05-01T15:15:09.357", + "lastModified": "2023-05-01T15:15:09.357", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. The vulnerability could result in the system being vulnerable to exploits by attackers with physical access inside the server chassis.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L", + "attackVector": "PHYSICAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.3, + "impactScore": 5.3 + } + ] + }, + "references": [ + { + "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04472en_us", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29213.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29213.json index 7d4e997c893..2da3835472b 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29213.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29213.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29213", "sourceIdentifier": "security-advisories@github.com", "published": "2023-04-17T22:15:10.017", - "lastModified": "2023-04-18T03:15:28.387", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-01T14:02:43.807", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,18 +76,85 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartExcluding": "4.2", + "versionEndExcluding": "13.10.11", + "matchCriteriaId": "F5DD0ECC-5A9D-4EA6-B86A-6FDA940D77C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartExcluding": "14.0", + "versionEndExcluding": "14.4.7", + "matchCriteriaId": "34716609-E9E2-4E29-99DD-BB68AD639A8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.5", + "versionEndExcluding": "14.10", + "matchCriteriaId": "569EE28C-5C86-467F-A153-DD4B9BF0053D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:4.2:-:*:*:*:*:*:*", + "matchCriteriaId": "F3C88F32-3EFB-4D0E-9046-D13157E6256F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:4.2:milestone3:*:*:*:*:*:*", + "matchCriteriaId": "BC907C33-432E-4153-B1A2-9B8BF9167E1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:14.0:-:*:*:*:*:*:*", + "matchCriteriaId": "D1779BB7-C939-433A-BA96-EDD1A8C31AC6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:xwiki:14.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E4F79D59-2C67-4875-B50F-F2ECE52B384C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xwiki/xwiki-platform/commit/49fdfd633ddfa346c522d2fe71754dc72c9496ca", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4655-wh7v-3vmg", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Patch", + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-20291", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-295xx/CVE-2023-29528.json b/CVE-2023/CVE-2023-295xx/CVE-2023-29528.json index ffedc6763ce..d7ec26f8ee9 100644 --- a/CVE-2023/CVE-2023-295xx/CVE-2023-29528.json +++ b/CVE-2023/CVE-2023-295xx/CVE-2023-29528.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29528", "sourceIdentifier": "security-advisories@github.com", "published": "2023-04-20T18:15:07.307", - "lastModified": "2023-04-20T18:17:39.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-01T15:46:06.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,22 +66,79 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:commons:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.3", + "versionEndExcluding": "14.10", + "matchCriteriaId": "03911D90-117F-4EFD-9CA9-D6F653CB1D48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:commons:4.2:-:*:*:*:*:*:*", + "matchCriteriaId": "C514853A-989A-4BED-A653-D1578DB40157" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:commons:4.2:milestone1:*:*:*:*:*:*", + "matchCriteriaId": "36E79F9F-67BC-4E06-9882-DEA941AEF84B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:commons:4.2:milestone2:*:*:*:*:*:*", + "matchCriteriaId": "9BE5ECE0-5A68-4B4F-9752-8C2F46AE9009" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:commons:4.2:milestone3:*:*:*:*:*:*", + "matchCriteriaId": "60F8E581-DBE8-407C-970A-0ED230F074BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xwiki:commons:4.2:rc1:*:*:*:*:*:*", + "matchCriteriaId": "8D23E926-03F5-4EC0-B8D7-434F97D01A8B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xwiki/xwiki-commons/commit/8ff1a9d7e5d7b45b690134a537d53dc05cae04ab", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-x37v-36wv-6v6h", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XCOMMONS-2568", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://jira.xwiki.org/browse/XWIKI-20348", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-300xx/CVE-2023-30061.json b/CVE-2023/CVE-2023-300xx/CVE-2023-30061.json new file mode 100644 index 00000000000..16b41f46d8a --- /dev/null +++ b/CVE-2023/CVE-2023-300xx/CVE-2023-30061.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-30061", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-01T14:15:09.550", + "lastModified": "2023-05-01T14:15:09.550", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Zarathustra-L/IoT_Vul/tree/main/D-Link/DIR-879", + "source": "cve@mitre.org" + }, + { + "url": "https://www.dlink.com/en/security-bulletin/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-300xx/CVE-2023-30063.json b/CVE-2023/CVE-2023-300xx/CVE-2023-30063.json new file mode 100644 index 00000000000..2973046704f --- /dev/null +++ b/CVE-2023/CVE-2023-300xx/CVE-2023-30063.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-30063", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-01T14:15:09.593", + "lastModified": "2023-05-01T14:15:09.593", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Zarathustra-L/IoT_Vul/tree/main/D-Link/DIR-890L/Auth%20bypass", + "source": "cve@mitre.org" + }, + { + "url": "https://www.dlink.com/en/security-bulletin/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30456.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30456.json index 009887ae088..0cc28c4e034 100644 --- a/CVE-2023/CVE-2023-304xx/CVE-2023-30456.json +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30456.json @@ -2,7 +2,7 @@ "id": "CVE-2023-30456", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-10T02:15:06.853", - "lastModified": "2023-04-13T20:10:57.007", + "lastModified": "2023-05-01T15:26:57.893", "vulnStatus": "Analyzed", "descriptions": [ { @@ -17,20 +17,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "baseScore": 6.5, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 + "exploitabilityScore": 2.0, + "impactScore": 4.0 } ] }, diff --git a/CVE-2023/CVE-2023-308xx/CVE-2023-30859.json b/CVE-2023/CVE-2023-308xx/CVE-2023-30859.json new file mode 100644 index 00000000000..856fd9c7a0a --- /dev/null +++ b/CVE-2023/CVE-2023-308xx/CVE-2023-30859.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-30859", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-05-01T14:15:09.637", + "lastModified": "2023-05-01T14:15:09.637", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server. The CustomPayload packet allows you to execute commands on the spigot/bukkit console. When you enable bungee mode in the config it will enable the bungee bridge and the server will begin to broadcast the 'triton:main' plugin channel. Using this plugin channel you are able to send a payload packet containing a byte (2) and a string (any spigot command). This could be used to make yourself a server operator and be used to extract other user information through phishing (pretending to be an admin), many servers use essentials so the /geoip command could be available to them, etc. This could also be modified to allow you to set the servers language, set another players language, etc. This issue affects those who have bungee enabled in config. This issue has been fixed in version 3.8.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-419" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/tritonmc/Triton/releases/tag/v3.8.4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/tritonmc/Triton/security/advisories/GHSA-8vj5-jccf-q25r", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index c1ca7a829ab..bea48eb2719 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-01T14:00:24.840899+00:00 +2023-05-01T16:00:23.727659+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-01T13:49:18.663000+00:00 +2023-05-01T15:46:06.867000+00:00 ``` ### Last Data Feed Release @@ -29,25 +29,38 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -213842 +213854 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `12` -* [CVE-2023-2235](CVE-2023/CVE-2023-22xx/CVE-2023-2235.json) (`2023-05-01T13:15:44.713`) -* [CVE-2023-2236](CVE-2023/CVE-2023-22xx/CVE-2023-2236.json) (`2023-05-01T13:15:44.850`) -* [CVE-2023-2248](CVE-2023/CVE-2023-22xx/CVE-2023-2248.json) (`2023-05-01T13:15:44.907`) +* [CVE-2022-4568](CVE-2022/CVE-2022-45xx/CVE-2022-4568.json) (`2023-05-01T15:15:09.160`) +* [CVE-2022-45801](CVE-2022/CVE-2022-458xx/CVE-2022-45801.json) (`2023-05-01T15:15:08.790`) +* [CVE-2022-45802](CVE-2022/CVE-2022-458xx/CVE-2022-45802.json) (`2023-05-01T15:15:08.943`) +* [CVE-2022-46365](CVE-2022/CVE-2022-463xx/CVE-2022-46365.json) (`2023-05-01T15:15:09.013`) +* [CVE-2022-48186](CVE-2022/CVE-2022-481xx/CVE-2022-48186.json) (`2023-05-01T15:15:09.083`) +* [CVE-2023-0683](CVE-2023/CVE-2023-06xx/CVE-2023-0683.json) (`2023-05-01T15:15:09.223`) +* [CVE-2023-0896](CVE-2023/CVE-2023-08xx/CVE-2023-0896.json) (`2023-05-01T14:15:09.397`) +* [CVE-2023-25492](CVE-2023/CVE-2023-254xx/CVE-2023-25492.json) (`2023-05-01T15:15:09.290`) +* [CVE-2023-28092](CVE-2023/CVE-2023-280xx/CVE-2023-28092.json) (`2023-05-01T15:15:09.357`) +* [CVE-2023-30061](CVE-2023/CVE-2023-300xx/CVE-2023-30061.json) (`2023-05-01T14:15:09.550`) +* [CVE-2023-30063](CVE-2023/CVE-2023-300xx/CVE-2023-30063.json) (`2023-05-01T14:15:09.593`) +* [CVE-2023-30859](CVE-2023/CVE-2023-308xx/CVE-2023-30859.json) (`2023-05-01T14:15:09.637`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `7` -* [CVE-2023-0317](CVE-2023/CVE-2023-03xx/CVE-2023-0317.json) (`2023-05-01T13:47:17.730`) -* [CVE-2023-29921](CVE-2023/CVE-2023-299xx/CVE-2023-29921.json) (`2023-05-01T13:49:18.663`) -* [CVE-2023-30543](CVE-2023/CVE-2023-305xx/CVE-2023-30543.json) (`2023-05-01T13:16:18.050`) +* [CVE-2022-45064](CVE-2022/CVE-2022-450xx/CVE-2022-45064.json) (`2023-05-01T15:19:22.327`) +* [CVE-2023-2131](CVE-2023/CVE-2023-21xx/CVE-2023-2131.json) (`2023-05-01T14:17:38.750`) +* [CVE-2023-2176](CVE-2023/CVE-2023-21xx/CVE-2023-2176.json) (`2023-05-01T14:26:28.220`) +* [CVE-2023-28003](CVE-2023/CVE-2023-280xx/CVE-2023-28003.json) (`2023-05-01T14:00:32.963`) +* [CVE-2023-29213](CVE-2023/CVE-2023-292xx/CVE-2023-29213.json) (`2023-05-01T14:02:43.807`) +* [CVE-2023-29528](CVE-2023/CVE-2023-295xx/CVE-2023-29528.json) (`2023-05-01T15:46:06.867`) +* [CVE-2023-30456](CVE-2023/CVE-2023-304xx/CVE-2023-30456.json) (`2023-05-01T15:26:57.893`) ## Download and Usage