diff --git a/CVE-2022/CVE-2022-440xx/CVE-2022-44010.json b/CVE-2022/CVE-2022-440xx/CVE-2022-44010.json new file mode 100644 index 00000000000..338193308d4 --- /dev/null +++ b/CVE-2022/CVE-2022-440xx/CVE-2022-44010.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-44010", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-23T16:15:07.157", + "lastModified": "2023-11-23T16:15:07.157", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in ClickHouse before 22.9.1.2603. An attacker could send a crafted HTTP request to the HTTP Endpoint (usually listening on port 8123 by default), causing a heap-based buffer overflow that crashes the process. This does not require authentication. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://clickhouse.com/docs/en/whats-new/security-changelog", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-440xx/CVE-2022-44011.json b/CVE-2022/CVE-2022-440xx/CVE-2022-44011.json new file mode 100644 index 00000000000..b5d80c6531e --- /dev/null +++ b/CVE-2022/CVE-2022-440xx/CVE-2022-44011.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-44011", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-23T16:15:07.217", + "lastModified": "2023-11-23T16:15:07.217", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://clickhouse.com", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33202.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33202.json new file mode 100644 index 00000000000..97b5f045669 --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33202.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-33202", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-23T16:15:07.273", + "lastModified": "2023-11-23T16:15:07.273", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bouncycastle.org", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 0ef134d6859..d37587deed2 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-23T15:16:40.240348+00:00 +2023-11-23T17:01:54.836131+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-23T14:15:07.733000+00:00 +2023-11-23T16:15:07.273000+00:00 ``` ### Last Data Feed Release @@ -29,24 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -231439 +231457 ``` ### CVEs added in the last Commit Recently added CVEs: `3` -* [CVE-2023-4593](CVE-2023/CVE-2023-45xx/CVE-2023-4593.json) (`2023-11-23T13:15:11.810`) -* [CVE-2023-4594](CVE-2023/CVE-2023-45xx/CVE-2023-4594.json) (`2023-11-23T13:15:12.347`) -* [CVE-2023-4595](CVE-2023/CVE-2023-45xx/CVE-2023-4595.json) (`2023-11-23T13:15:12.533`) +* [CVE-2022-44010](CVE-2022/CVE-2022-440xx/CVE-2022-44010.json) (`2023-11-23T16:15:07.157`) +* [CVE-2022-44011](CVE-2022/CVE-2022-440xx/CVE-2022-44011.json) (`2023-11-23T16:15:07.217`) +* [CVE-2023-33202](CVE-2023/CVE-2023-332xx/CVE-2023-33202.json) (`2023-11-23T16:15:07.273`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `0` -* [CVE-2021-33842](CVE-2021/CVE-2021-338xx/CVE-2021-33842.json) (`2023-11-23T14:15:07.440`) -* [CVE-2021-40853](CVE-2021/CVE-2021-408xx/CVE-2021-40853.json) (`2023-11-23T14:15:07.733`) ## Download and Usage