admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-30T11:00:17.590698+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-30 11:00:21 +00:00
parent 52b632464e
commit 7072754a36
10 changed files with 170 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2021/CVE-2021-368xx/CVE-2021-36806.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2021-36806",
"sourceIdentifier": "security-alert@sophos.com",
"published": "2023-11-30T10:15:07.183",
"lastModified": "2023-11-30T10:15:07.183",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA reflected XSS vulnerability allows an open redirect when the victim clicks a malicious link to an error page on \n\nSophos Email Appliance \n\nolder than version 4.5.3.4.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@sophos.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-alert@sophos.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://community.sophos.com/email-appliance/b/blog/posts/sophos-email-appliance-version-4-5-3-4-released",
"source": "security-alert@sophos.com"
}
]
}

10
CVE-2023/CVE-2023-425xx/CVE-2023-42502.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-42502",
"sourceIdentifier": "security@apache.org",
"published": "2023-11-28T17:15:07.907",
"lastModified": "2023-11-28T18:29:23.617",
"lastModified": "2023-11-30T09:15:07.123",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.\n"
},
{
"lang": "es",
"value": "Un atacante autenticado con permiso para actualizar conjuntos de datos podr\u00eda cambiar el enlace de un conjunto de datos a un sitio que no es de confianza falsificando el encabezado del host HTTP; los usuarios podr\u00edan ser redirigidos a este sitio al hacer clic en ese conjunto de datos espec\u00edfico. Este problema afecta a las versiones de Apache Superset anteriores a la 3.0.0."
}
],
"metrics": {
@ -47,10 +51,6 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/11/28/3",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/n8348f194d8o8mln3oxd0s8jdl5bxbmn",
"source": "security@apache.org"

24
CVE-2023/CVE-2023-46xx/CVE-2023-4664.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-4664",
"sourceIdentifier": "cve@usom.gov.tr",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-09-15T09:15:08.230",
"lastModified": "2023-09-20T16:41:57.087",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-30T09:15:07.313",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,30 +37,30 @@
"impactScore": 5.9
},
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
@ -91,7 +91,7 @@
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0535",
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]

18
CVE-2023/CVE-2023-47xx/CVE-2023-4702.json
View File

@ -1,8 +1,8 @@
{
"id": "CVE-2023-4702",
"sourceIdentifier": "cve@usom.gov.tr",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-09-14T20:15:12.373",
"lastModified": "2023-09-29T14:15:10.953",
"lastModified": "2023-11-30T09:15:07.560",
"vulnStatus": "Modified",
"descriptions": [
{
@ -17,11 +17,11 @@
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -29,12 +29,12 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
@ -101,7 +101,7 @@
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0526",
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]

36
CVE-2023/CVE-2023-496xx/CVE-2023-49620.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-49620",
"sourceIdentifier": "security@apache.org",
"published": "2023-11-30T09:15:07.227",
"lastModified": "2023-11-30T09:15:07.227",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Before DolphinScheduler version 3.1.0, the login user could delete UDF function in the resource center unauthorized (which almost used in sql task), with\u00a0unauthorized\u00a0access vulnerability (IDOR), but after version 3.1.0 we fixed this issue. We mark this cve as moderate level because it still requires user login to operate, please upgrade to version 3.1.0 to avoid this\u00a0vulnerability"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/apache/dolphinscheduler/pull/10307",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/zm4t1ykj4cro1c8183q7y32z0yzfz8yj",
"source": "security@apache.org"
}
]
}

24
CVE-2023/CVE-2023-49xx/CVE-2023-4972.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-4972",
"sourceIdentifier": "cve@usom.gov.tr",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-09-14T20:15:13.403",
"lastModified": "2023-11-04T01:56:59.300",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-30T09:15:07.753",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,24 +17,24 @@
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
@ -101,7 +101,7 @@
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0526",
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]

22
CVE-2023/CVE-2023-50xx/CVE-2023-5045.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-5045",
"sourceIdentifier": "cve@usom.gov.tr",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-10-12T12:15:10.777",
"lastModified": "2023-10-17T18:12:19.600",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-30T09:15:07.950",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,30 +37,30 @@
"impactScore": 5.9
},
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
@ -91,7 +91,7 @@
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0580",
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]

22
CVE-2023/CVE-2023-50xx/CVE-2023-5046.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-5046",
"sourceIdentifier": "cve@usom.gov.tr",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-10-12T12:15:10.867",
"lastModified": "2023-10-17T18:14:03.917",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-30T09:15:08.153",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -37,30 +37,30 @@
"impactScore": 5.9
},
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
@ -91,7 +91,7 @@
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0581",
"source": "cve@usom.gov.tr",
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]

10
CVE-2023/CVE-2023-60xx/CVE-2023-6019.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6019",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-11-16T17:15:08.830",
"lastModified": "2023-11-29T18:15:07.390",
"lastModified": "2023-11-30T10:15:07.410",
"vulnStatus": "Modified",
"descriptions": [
{
@ -41,20 +41,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
"impactScore": 5.9
}
]
},

28
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-30T09:00:18.598296+00:00
2023-11-30T11:00:17.590698+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-30T08:15:07.273000+00:00
2023-11-30T10:15:07.410000+00:00
```
### Last Data Feed Release
@ -29,28 +29,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
231742
231744
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `2`
* [CVE-2022-45135](CVE-2022/CVE-2022-451xx/CVE-2022-45135.json) (`2023-11-30T08:15:07.063`)
* [CVE-2023-49052](CVE-2023/CVE-2023-490xx/CVE-2023-49052.json) (`2023-11-30T07:15:08.177`)
* [CVE-2023-49077](CVE-2023/CVE-2023-490xx/CVE-2023-49077.json) (`2023-11-30T07:15:08.267`)
* [CVE-2023-49081](CVE-2023/CVE-2023-490xx/CVE-2023-49081.json) (`2023-11-30T07:15:08.723`)
* [CVE-2023-49095](CVE-2023/CVE-2023-490xx/CVE-2023-49095.json) (`2023-11-30T07:15:09.133`)
* [CVE-2023-49699](CVE-2023/CVE-2023-496xx/CVE-2023-49699.json) (`2023-11-30T07:15:09.543`)
* [CVE-2023-49700](CVE-2023/CVE-2023-497xx/CVE-2023-49700.json) (`2023-11-30T07:15:09.967`)
* [CVE-2023-49701](CVE-2023/CVE-2023-497xx/CVE-2023-49701.json) (`2023-11-30T08:15:07.273`)
* [CVE-2021-36806](CVE-2021/CVE-2021-368xx/CVE-2021-36806.json) (`2023-11-30T10:15:07.183`)
* [CVE-2023-49620](CVE-2023/CVE-2023-496xx/CVE-2023-49620.json) (`2023-11-30T09:15:07.227`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `7`
* [CVE-2023-48042](CVE-2023/CVE-2023-480xx/CVE-2023-48042.json) (`2023-11-30T07:15:07.920`)
* [CVE-2023-42502](CVE-2023/CVE-2023-425xx/CVE-2023-42502.json) (`2023-11-30T09:15:07.123`)
* [CVE-2023-4664](CVE-2023/CVE-2023-46xx/CVE-2023-4664.json) (`2023-11-30T09:15:07.313`)
* [CVE-2023-4702](CVE-2023/CVE-2023-47xx/CVE-2023-4702.json) (`2023-11-30T09:15:07.560`)
* [CVE-2023-4972](CVE-2023/CVE-2023-49xx/CVE-2023-4972.json) (`2023-11-30T09:15:07.753`)
* [CVE-2023-5045](CVE-2023/CVE-2023-50xx/CVE-2023-5045.json) (`2023-11-30T09:15:07.950`)
* [CVE-2023-5046](CVE-2023/CVE-2023-50xx/CVE-2023-5046.json) (`2023-11-30T09:15:08.153`)
* [CVE-2023-6019](CVE-2023/CVE-2023-60xx/CVE-2023-6019.json) (`2023-11-30T10:15:07.410`)
## Download and Usage