diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3164.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3164.json index c2527d1675f..1fabcbeb1e5 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3164.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3164.json @@ -2,12 +2,12 @@ "id": "CVE-2023-3164", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-02T12:15:09.543", - "lastModified": "2023-11-09T19:28:46.507", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-08T12:15:44.307", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information." + "value": "A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file." }, { "lang": "es", @@ -41,20 +41,20 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", - "confidentialityImpact": "LOW", + "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 4.4, + "availabilityImpact": "HIGH", + "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, - "impactScore": 2.5 + "impactScore": 3.6 } ] }, @@ -75,7 +75,7 @@ "description": [ { "lang": "en", - "value": "CWE-125" + "value": "CWE-120" } ] } @@ -115,19 +115,16 @@ ], "references": [ { - "url": "https://access.redhat.com/security/cve/CVE-2023-4156", - "source": "secalert@redhat.com", - "tags": [ - "Third Party Advisory" - ] + "url": "https://access.redhat.com/security/cve/CVE-2023-3164", + "source": "secalert@redhat.com" }, { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215930", - "source": "secalert@redhat.com", - "tags": [ - "Issue Tracking", - "Patch" - ] + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213531", + "source": "secalert@redhat.com" + }, + { + "url": "https://gitlab.com/libtiff/libtiff/-/issues/542", + "source": "secalert@redhat.com" } ] } \ No newline at end of file diff --git a/README.md b/README.md index 1553896cffa..3414e7c49e8 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-08T07:00:17.604590+00:00 +2023-12-08T13:00:58.286860+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-08T06:15:45.690000+00:00 +2023-12-08T12:15:44.307000+00:00 ``` ### Last Data Feed Release @@ -34,20 +34,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `0` -* [CVE-2023-26158](CVE-2023/CVE-2023-261xx/CVE-2023-26158.json) (`2023-12-08T05:15:07.870`) -* [CVE-2023-48928](CVE-2023/CVE-2023-489xx/CVE-2023-48928.json) (`2023-12-08T05:15:08.807`) -* [CVE-2023-48929](CVE-2023/CVE-2023-489xx/CVE-2023-48929.json) (`2023-12-08T05:15:08.897`) -* [CVE-2023-32460](CVE-2023/CVE-2023-324xx/CVE-2023-32460.json) (`2023-12-08T06:15:45.427`) -* [CVE-2023-45866](CVE-2023/CVE-2023-458xx/CVE-2023-45866.json) (`2023-12-08T06:15:45.690`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -* [CVE-2023-42568](CVE-2023/CVE-2023-425xx/CVE-2023-42568.json) (`2023-12-08T05:15:08.340`) +* [CVE-2023-3164](CVE-2023/CVE-2023-31xx/CVE-2023-3164.json) (`2023-12-08T12:15:44.307`) ## Download and Usage