Auto-Update: 2023-11-23T17:01:54.836131+00:00

This commit is contained in:
cad-safe-bot 2023-11-23 17:01:58 +00:00
parent 18d5e45568
commit 65d49eceea
4 changed files with 71 additions and 9 deletions

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-44010",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-23T16:15:07.157",
"lastModified": "2023-11-23T16:15:07.157",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ClickHouse before 22.9.1.2603. An attacker could send a crafted HTTP request to the HTTP Endpoint (usually listening on port 8123 by default), causing a heap-based buffer overflow that crashes the process. This does not require authentication. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19."
}
],
"metrics": {},
"references": [
{
"url": "https://clickhouse.com/docs/en/whats-new/security-changelog",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-44011",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-23T16:15:07.217",
"lastModified": "2023-11-23T16:15:07.217",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19."
}
],
"metrics": {},
"references": [
{
"url": "https://clickhouse.com",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33202",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-23T16:15:07.273",
"lastModified": "2023-11-23T16:15:07.273",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack."
}
],
"metrics": {},
"references": [
{
"url": "https://bouncycastle.org",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/bcgit/bc-java/wiki/CVE-2023-33202",
"source": "cve@mitre.org"
}
]
}

View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-11-23T15:16:40.240348+00:00 2023-11-23T17:01:54.836131+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-11-23T14:15:07.733000+00:00 2023-11-23T16:15:07.273000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,24 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
231439 231457
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `3` Recently added CVEs: `3`
* [CVE-2023-4593](CVE-2023/CVE-2023-45xx/CVE-2023-4593.json) (`2023-11-23T13:15:11.810`) * [CVE-2022-44010](CVE-2022/CVE-2022-440xx/CVE-2022-44010.json) (`2023-11-23T16:15:07.157`)
* [CVE-2023-4594](CVE-2023/CVE-2023-45xx/CVE-2023-4594.json) (`2023-11-23T13:15:12.347`) * [CVE-2022-44011](CVE-2022/CVE-2022-440xx/CVE-2022-44011.json) (`2023-11-23T16:15:07.217`)
* [CVE-2023-4595](CVE-2023/CVE-2023-45xx/CVE-2023-4595.json) (`2023-11-23T13:15:12.533`) * [CVE-2023-33202](CVE-2023/CVE-2023-332xx/CVE-2023-33202.json) (`2023-11-23T16:15:07.273`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `2` Recently modified CVEs: `0`
* [CVE-2021-33842](CVE-2021/CVE-2021-338xx/CVE-2021-33842.json) (`2023-11-23T14:15:07.440`)
* [CVE-2021-40853](CVE-2021/CVE-2021-408xx/CVE-2021-40853.json) (`2023-11-23T14:15:07.733`)
## Download and Usage ## Download and Usage