admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-02T23:55:24.031725+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-02 23:55:27 +00:00
parent bfd38a97b9
commit a9ff2852ce
4 changed files with 165 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-12xx/CVE-2023-1297.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-1297",
"sourceIdentifier": "security@hashicorp.com",
"published": "2023-06-02T23:15:09.293",
"lastModified": "2023-06-02T23:15:09.293",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@hashicorp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@hashicorp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-826"
}
]
}
],
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-15-consul-cluster-peering-can-result-in-denial-of-service/54515",
"source": "security@hashicorp.com"
}
]
}

43
CVE-2023/CVE-2023-28xx/CVE-2023-2816.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-2816",
"sourceIdentifier": "security@hashicorp.com",
"published": "2023-06-02T23:15:09.503",
"lastModified": "2023-06-02T23:15:09.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the service(s) corresponding to those modified proxies."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@hashicorp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8
}
]
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-16-consul-envoy-extension-downstream-proxy-configuration-by-upstream-service-owner/54525",
"source": "security@hashicorp.com"
}
]
}

59
CVE-2023/CVE-2023-30xx/CVE-2023-3044.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3044",
"sourceIdentifier": "xpdf@xpdfreader.com",
"published": "2023-06-02T23:15:09.580",
"lastModified": "2023-06-02T23:15:09.580",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code.\n\n\n\n\nThis is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "xpdf@xpdfreader.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "xpdf@xpdfreader.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"references": [
{
"url": "https://github.com/baker221/poc-xpdf",
"source": "xpdf@xpdfreader.com"
},
{
"url": "https://www.xpdfreader.com/security-bug/CVE-2023-3044.html",
"source": "xpdf@xpdfreader.com"
}
]
}

34
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-02T22:00:24.654156+00:00
2023-06-02T23:55:24.031725+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-02T21:15:09.430000+00:00
2023-06-02T23:15:09.580000+00:00
```
### Last Data Feed Release
@ -29,40 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
216788
216791
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `3`
* [CVE-2023-33669](CVE-2023/CVE-2023-336xx/CVE-2023-33669.json) (`2023-06-02T20:15:09.520`)
* [CVE-2023-33670](CVE-2023/CVE-2023-336xx/CVE-2023-33670.json) (`2023-06-02T20:15:09.563`)
* [CVE-2023-33671](CVE-2023/CVE-2023-336xx/CVE-2023-33671.json) (`2023-06-02T20:15:09.607`)
* [CVE-2023-33672](CVE-2023/CVE-2023-336xx/CVE-2023-33672.json) (`2023-06-02T20:15:09.647`)
* [CVE-2023-33673](CVE-2023/CVE-2023-336xx/CVE-2023-33673.json) (`2023-06-02T20:15:09.693`)
* [CVE-2023-33675](CVE-2023/CVE-2023-336xx/CVE-2023-33675.json) (`2023-06-02T20:15:09.733`)
* [CVE-2023-33761](CVE-2023/CVE-2023-337xx/CVE-2023-33761.json) (`2023-06-02T20:15:09.777`)
* [CVE-2023-33762](CVE-2023/CVE-2023-337xx/CVE-2023-33762.json) (`2023-06-02T20:15:09.823`)
* [CVE-2023-33763](CVE-2023/CVE-2023-337xx/CVE-2023-33763.json) (`2023-06-02T20:15:09.867`)
* [CVE-2023-1297](CVE-2023/CVE-2023-12xx/CVE-2023-1297.json) (`2023-06-02T23:15:09.293`)
* [CVE-2023-2816](CVE-2023/CVE-2023-28xx/CVE-2023-2816.json) (`2023-06-02T23:15:09.503`)
* [CVE-2023-3044](CVE-2023/CVE-2023-30xx/CVE-2023-3044.json) (`2023-06-02T23:15:09.580`)
### CVEs modified in the last Commit
Recently modified CVEs: `12`
Recently modified CVEs: `0`
* [CVE-2022-36249](CVE-2022/CVE-2022-362xx/CVE-2022-36249.json) (`2023-06-02T20:50:05.440`)
* [CVE-2022-36247](CVE-2022/CVE-2022-362xx/CVE-2022-36247.json) (`2023-06-02T20:52:10.493`)
* [CVE-2022-36246](CVE-2022/CVE-2022-362xx/CVE-2022-36246.json) (`2023-06-02T20:53:31.427`)
* [CVE-2022-36244](CVE-2022/CVE-2022-362xx/CVE-2022-36244.json) (`2023-06-02T20:57:58.920`)
* [CVE-2023-29550](CVE-2023/CVE-2023-295xx/CVE-2023-29550.json) (`2023-06-02T20:15:09.367`)
* [CVE-2023-29551](CVE-2023/CVE-2023-295xx/CVE-2023-29551.json) (`2023-06-02T20:15:09.423`)
* [CVE-2023-32215](CVE-2023/CVE-2023-322xx/CVE-2023-32215.json) (`2023-06-02T20:15:09.470`)
* [CVE-2023-31225](CVE-2023/CVE-2023-312xx/CVE-2023-31225.json) (`2023-06-02T20:42:20.567`)
* [CVE-2023-3074](CVE-2023/CVE-2023-30xx/CVE-2023-3074.json) (`2023-06-02T20:58:57.383`)
* [CVE-2023-3075](CVE-2023/CVE-2023-30xx/CVE-2023-3075.json) (`2023-06-02T20:58:57.383`)
* [CVE-2023-3073](CVE-2023/CVE-2023-30xx/CVE-2023-3073.json) (`2023-06-02T20:58:57.383`)
* [CVE-2023-33195](CVE-2023/CVE-2023-331xx/CVE-2023-33195.json) (`2023-06-02T21:15:09.430`)
## Download and Usage