From a45f13b3f4c6aa797a06834a84b16693ea2eca6a Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 12 Jun 2023 06:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-06-12T06:00:25.083848+00:00 --- CVE-2023/CVE-2023-261xx/CVE-2023-26133.json | 51 +++++++++++++++++++++ README.md | 16 ++----- 2 files changed, 56 insertions(+), 11 deletions(-) create mode 100644 CVE-2023/CVE-2023-261xx/CVE-2023-26133.json diff --git a/CVE-2023/CVE-2023-261xx/CVE-2023-26133.json b/CVE-2023/CVE-2023-261xx/CVE-2023-26133.json new file mode 100644 index 00000000000..c3687254ff4 --- /dev/null +++ b/CVE-2023/CVE-2023-261xx/CVE-2023-26133.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-26133", + "sourceIdentifier": "report@snyk.io", + "published": "2023-06-12T05:15:09.400", + "lastModified": "2023-06-12T05:15:09.400", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js.\r\r" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "references": [ + { + "url": "https://github.com/kimmobrunfeldt/progressbar.js/blob/74536b9eeeaaf51144706d918ed5a0a679631d96/src/utils.js%23L18", + "source": "report@snyk.io" + }, + { + "url": "https://github.com/kimmobrunfeldt/progressbar.js/blob/74536b9eeeaaf51144706d918ed5a0a679631d96/src/utils.js%23L20", + "source": "report@snyk.io" + }, + { + "url": "https://security.snyk.io/vuln/SNYK-JS-PROGRESSBARJS-3184152", + "source": "report@snyk.io" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index c0d5d84ebfd..c690cdc4a7e 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-12T04:00:26.926674+00:00 +2023-06-12T06:00:25.083848+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-12T03:15:09.233000+00:00 +2023-06-12T05:15:09.400000+00:00 ``` ### Last Data Feed Release @@ -29,20 +29,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -217409 +217410 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `1` -* [CVE-2020-36732](CVE-2020/CVE-2020-367xx/CVE-2020-36732.json) (`2023-06-12T02:15:48.347`) -* [CVE-2023-35031](CVE-2023/CVE-2023-350xx/CVE-2023-35031.json) (`2023-06-12T02:15:48.447`) -* [CVE-2023-35032](CVE-2023/CVE-2023-350xx/CVE-2023-35032.json) (`2023-06-12T02:15:48.487`) -* [CVE-2023-35033](CVE-2023/CVE-2023-350xx/CVE-2023-35033.json) (`2023-06-12T02:15:48.527`) -* [CVE-2023-35034](CVE-2023/CVE-2023-350xx/CVE-2023-35034.json) (`2023-06-12T02:15:48.570`) -* [CVE-2023-35035](CVE-2023/CVE-2023-350xx/CVE-2023-35035.json) (`2023-06-12T02:15:48.610`) -* [CVE-2023-35036](CVE-2023/CVE-2023-350xx/CVE-2023-35036.json) (`2023-06-12T03:15:09.233`) +* [CVE-2023-26133](CVE-2023/CVE-2023-261xx/CVE-2023-26133.json) (`2023-06-12T05:15:09.400`) ### CVEs modified in the last Commit